NEW QUESTION 1
How does the graymail safe unsubscribe feature function?

• A. It strips the malicious content of the URI before unsubscribing.
• B. It checks the URI reputation and category and allows the content filter to take an action on it.
• C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
• D. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.

Answer: D

NEW QUESTION 2
What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?

• A. provisioned email encryption profile
• B. message encryption from a content filter that select "Message Encryption" over TLS
• C. message encryption from the mail flow policies with "CRES" selected
• D. content filter to forward the email to the Cisco Registered Envelope server

Answer: B

NEW QUESTION 3
DRAG DROP
Drag and drop the Cisco ESA reactions to a possible DLP from the left onto the correct action types on the right.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 4
Which setting affects the aggressiveness of spam detection?

• A. protection level
• B. spam threshold
• C. spam timeout
• D. maximum depth of recursion scan

Answer: B

NEW QUESTION 5
Which two steps configure Forged Email Detection? (Choose two.)

• A. Configure a content dictionary with executive email addresses.
• B. Configure a filter to use the Forged Email Detection rule and dictionary.
• C. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
• D. Enable Forged Email Detection on the Security Services page.
• E. Configure a content dictionary with friendly names.

Answer: AB

NEW QUESTION 6
Which two action types are performed by Cisco ESA message filters? (Choose two.)

• A. non-final actions
• B. filter actions
• C. discard actions
• D. final actions
• E. quarantine actions

Answer: AD

NEW QUESTION 7
Which two components form the graymail management solution in Cisco ESA? (Choose two.)

• A. cloud-based unsubscribe service
• B. uniform unsubscription management interface for end users
• C. secure subscribe option for end users
• D. integrated graymail scanning engine
• E. improved mail efficacy

Answer: AD

NEW QUESTION 8
Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?

• A. end user allow list
• B. end user spam quarantine access
• C. end user passthrough list
• D. end user safelist

Answer: B

NEW QUESTION 9
DRAG DROP
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 10
What is the maximum message size that can be configured for encryption on the Cisco ESA?

• A. 20 MB
• B. 25 MB
• C. 15 MB
• D. 30 MB

Answer: A

NEW QUESTION 11
What are two primary components of content filters? (Choose two.)

• A. conditions
• B. subject
• C. content
• D. actions
• E. policies

Answer: AD

NEW QUESTION 12
When virtual gateways are configured, which two distinct attributes are allocated to each virtual gateway address? (Choose two.)

• A. domain
• B. IP address
• C. DNS server address
• D. DHCP server address
• E. external spam quarantine

Answer: AB

NEW QUESTION 13
Which feature utilizes sensor information obtained from Talos intelligence to filter email servers connecting into the Cisco ESA?

• A. SenderBase Reputation Filtering
• B. Connection Reputation Filtering
• C. Talos Reputation Filtering
• D. SpamCop Reputation Filtering

Answer: A

NEW QUESTION 14
What are two phases of the Cisco ESA email pipeline? (Choose two.)

• A. reject
• B. workqueue
• C. action
• D. delivery
• E. quarantine

Answer: BD

NEW QUESTION 15
Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?

• A. Designate as the active query
• B. Update Frequency
• C. Server Priority
• D. Entity ID

Answer: A

NEW QUESTION 16
Which two factors must be considered when message filter processing is configured? (Choose two.)

• A. message-filter order
• B. lateral processing
• C. structure of the combined packet
• D. mail policies
• E. MIME structure of the message

Answer: AE

NEW QUESTION 17
What occurs when configuring separate incoming mail policies?

• A. message splintering
• B. message exceptions
• C. message detachment
• D. message aggregation

Answer: A

NEW QUESTION 18
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

• A. Uncheck the Enable Spam Quarantine check box.
• B. Select Monitor and click Spam Quarantine.
• C. Check the External Safelist/Blocklist check box.
• D. Select External Spam Quarantine and click on Configure.
• E. Select Security Services and click Spam Quarantine.

Answer: B

Explanation:
45 Which Cisco ESA security service is configured only through an outgoing mail policy?
A. antivirus
B. DLP
C. Outbreak Filters
D. AMP

NEW QUESTION 19
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?

• A. 8025
• B. 6443
• C. 6025
• D. 8443

Answer: C

NEW QUESTION 20
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

• A. Set up the interface group with the flag.
• B. Issue the altsrchost command.
• C. Map the envelope sender address to the host.
• D. Apply a filter on the message.

Answer: B

NEW QUESTION 21
Which type of query must be configured when setting up the Spam Quarantine while merging notifications?

• A. Spam Quarantine Alias Routing Query
• B. Spam Quarantine Alias Consolidation Query
• C. Spam Quarantine Alias Authentication Query
• D. Spam Quarantine Alias Masquerading Query

Answer: B

NEW QUESTION 22
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

• A. 83
• B. 82
• C. 443
• D. 80

Answer: A

NEW QUESTION 23
Which two components must be configured to perform DLP scanning? (Choose two.)

• A. Add a DLP policy on the Incoming Mail Policy.
• B. Add a DLP policy to the DLP Policy Manager.
• C. Enable a DLP policy on the Outgoing Mail Policy.
• D. Enable a DLP policy on the DLP Policy Customizations.
• E. Add a DLP policy to the Outgoing Content Filter.

Answer: BC

NEW QUESTION 24
......