1. Home
  2. Cisco
  3. 300-720

Securing Email with Cisco Email Security Appliance (SESA)

Exam Details

  • Exam Code
    :300-720
  • Exam Name
    :Securing Email with Cisco Email Security Appliance (SESA)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :148 Q&As
  • Last Updated
    :Mar 26, 2025

Cisco CCNP Security 300-720 Questions & Answers

  • Question 61:

    A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?

    A. DHAP

    B. SBRS

    C. LDAP

    D. SMTP

  • Question 62:

    Refer to the exhibits. What must be done to enforce end user authentication before accessing quarantine?

    A. Enable SPAM notification and use LDAP for authentication.

    B. Enable SPAM Quarantine Notification and add the %quarantine_url% variable.

    C. Change the end user quarantine access from None authentication to SAAS.

    D. Change the end user quarantine access setting from None authentication to Mailbox.

  • Question 63:

    A Cisco ESA administrator was notified that a user was not receiving emails from a specific domain. After reviewing the mail logs, the sender had a negative sender-based reputation score. What should the administrator do to allow inbound email from that specific domain?

    A. Create a new inbound mail policy with a message filter that overrides Talos.

    B. Ask the user to add the sender to the email application's allow list.

    C. Modify the firewall to allow emails from the domain.

    D. Add the domain into the allow list.

  • Question 64:

    An email containing a URL passes through the Cisco ESA that has content filtering disabled for all mail policies. The sender is [email protected], the recipients are [email protected], [email protected], [email protected], and [email protected]. The subject of the email is Test Document395898847. An administrator wants to add a policy to ensure that the Cisco ESA evaluates the web reputation score before permitting this email.

    Which two criteria must be used by the administrator to achieve this? (Choose two.)

    A. Subject contains "TestDocument"

    B. Sender matches test1.com

    C. Email body contains a URL

    D. Date and time of email

    E.

  • Question 65:

    Which feature must be enabled first when URL logging is configured on a Cisco ESA?

    A. antivirus

    B. antispam

    C. senderbase reputation filter

    D. virus outbreak filter

  • Question 66:

    A recent engine update was pulled down for graymail and has caused the service to start crashing. It is critical to fix this as quickly as possible. What must be done to address this issue?

    A. Roll back to a previous version of the engine from the Services Overview page.

    B. Roll back to a previous version of the engine from the System Health page.

    C. Download another update from the IMS and Graymail page.

    D. Download another update from the Service Updates page.

  • Question 67:

    Spreadsheets containing credit card numbers are being allowed to bypass the Cisco ESA.

    Which outgoing mail policy feature should be configured to catch this content before it leaves the network?

    A. file reputation filtering

    B. outbreak filtering

    C. data loss prevention

    D. file analysis

  • Question 68:

    A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named `Sales' that has yet to be created.

    Which mail policy should be created to accomplish this task?

    A. Outgoing Mail Policy

    B. Preliminary Mail Policy

    C. Incoming Mail Flow Policy

    D. Outgoing Mail Flow Policy

  • Question 69:

    An administrator has created a content filter to quarantine all messages that result in an SPF hardfail to review the messages and determine whether a trusted partner has accidentally misconfigured the DNS settings. The administrator sets the policy quarantine to release the messages after 24 hours, allowing time to review while not interrupting business.

    Which additional option should be used to help the end users be aware of the elevated risk of interacting with these messages?

    A. Notify Recipient

    B. Strip Attachments

    C. Notify Sender

    D. Modify Subject

  • Question 70:

    Refer to the exhibit.

    An engineer needs to change the existing Forged Email Detection message filter so that it references a newly created dictionary named `Executives'. What should be done to accomplish this task?

    A. Change "from" to "Executives".

    B. Change "TEST" to "Executives".

    C. Change "fed" to "Executives".

    D. Change "support" to "Executives".

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-720 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.