Free Practice Questions for Cisco 300-720 Exam

Non-final actions are actions that do not terminate the message filter evaluation, such as adding headers, setting variables, logging, etc. Final actions are actions that end the message filter evaluation and determine the fate of the message, such as accept, drop, bounce, quarantine, etc.

References: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 3-4.

According to the [Cisco Secure Email Encryption Service Add-In User Guide], you can create an encryption profile that defines the encryption settings and options for your encrypted messages[2, p. 11]. You can also create an outgoing content filter that applies the encryption profile to the messages that match certain conditions, such as having [SECURE] in the subject header[2, p. 12]. This way, you can allow users to flag the messages that require encryption by adding [SECURE] to the subject line.

The other options are not valid because:

A. Creating an encryption profile with [SECURE] in the Subject setting and enabling encryption on the mail flow policy will not work, as the Subject setting in the encryption profile is used to specify the subject line of the encrypted message envelope, not the original message[2, p. 11].

B. Creating an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting will not work, as this will encrypt all outgoing messages regardless of whether they have [SECURE] in the subject line or not[2, p. 12].

D. Creating a DLP policy manager message action with encryption enabled and applying it to active DLP policies for outgoing mail will not work, as this will encrypt messages based on DLP rules that detect sensitive data in the message content, not based on user flags in the subject line.

 The reason why the CEO did not receive an important message expected from a trusted sender after adding them to a safelist is because end-user safelists apply to antispam engines only. End-user safelists are lists of sender addresses or domains that end users can create and manage through their quarantine accounts or email clients. End-user safelists allow end users to accept or exempt messages from certain senders or domains from being identified as spam by the antispam engines. However, end-user safelists do not affect other filtering engines such as antivirus, outbreak filters, or content filters. References = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Safelists and Blocklists [Cisco Secure Email Gateway] - Cisco

Custom policy is a type of DLP policy template that must be used to create a policy that meets this requirement. Custom policy allows the administrator to define their own criteria for detecting sensitive or confidential data in messages, such as keywords, regular expressions, file types, etc.

To create a custom DLP policy on Cisco ESA, the administrator can follow these steps:

Select Mail Policies > DLP Policy Manager and click Add Policy.

Enter a name and description for the DLP policy, such as Patent Protection.

Under Policy Template, select Custom Policy.

Click Submit.

Under Content Matching Criteria, click Add Criteria.

Choose a matching type, such as Keyword or Regular Expression, and enter a value that matches the proprietary patent documents, such as “patent number” or “\d{4}/\d{6}”.

Click Submit.

The other options are not valid types of DLP policy templates to create a policy that meets this requirement, because they are predefined templates that do not match the proprietary patent documents.

References: [User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway], page 9-3 and page 9-5.

To protect against Directory Harvest Attacks, the administrator must configure Directory Harvest Attack Prevention in the mail flow policy that applies to the listener. This will enable the Cisco Secure Email Gateway to reject or throttle messages that are sent to invalid recipients by checking the LDAP server for valid email addresses. References: [Cisco Secure Email Gateway Administrator Guide - Configuring Directory Harvest Attack Prevention]

Outgoing Mail Policy is a mail policy that should be created to accomplish this task. Outgoing Mail Policy is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.

To create an Outgoing Mail Policy named ‘Sales’ and assign a DLP policy to it, the administrator can follow these steps:

Select Mail Policies > Outgoing Mail Policies and click Add Policy.

Enter ‘Sales’ as the policy name and click Submit.

Select ‘Sales’ from the list of policies and click Edit Settings.

Under Data Loss Prevention, select Enable Data Loss Prevention Scanning and choose the DLP policy from the drop-down menu.

Click Submit.

The other options are not valid mail policies to accomplish this task, because they do not apply to outgoing messages or DLP scanning.

References: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 9-2 and page 9-4.

When CRES (Cisco Registered Envelope Service) is unavailable, Cisco ESA will requeue the message and attempt to resend it later, until the maximum number of retries or the maximum age of the message is reached. The message will not be sent in clear text, dropped, or encrypted by another appliance.

References: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 12-8.