300-720 Exam Dumps - Securing Email with Cisco Email Security Appliance (300-720 SESA)

The Outbreak Filters feature uses three tactics to protect your users from outbreaks:

Delay.

Redirect.

Modify.

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html

• Define an LDAP group query to specify users to whom the mail policy rules apply. This way, you can create a custom group of executive users and apply different mail policies to them based on their LDAP attributes[4, p. 2].
• Create content filters for actions to take on messages that contain specific data. Content filters allow you to scan the message body and attachments for keywords, phrases, or patterns that match your criteria and perform actions such as quarantine, encrypt, or drop the message[4, p. 7].

The other options are not valid because:

• C. Uploading a csv file containing the email addresses for the users for whom you want to create mail policies is not a supported feature of Cisco Secure Email1.
• D. Enabling the content-scanning features you want to use with mail policies is not necessary, as content scanning is enabled by default for all incoming and outgoing messages[4, p. 6].
• E. Defining the default mail policies for incoming or outgoing messages is not sufficient, as default mail policies apply to all users and do not allow for differentiation based on user groups[4, p. 2].

 in the spam quarantine section, you can configure settings for access to the spam quarantine, and by default, HTTP uses port 82 and HTTPS uses port 83.

External spam quarantine is a feature that allows Cisco SMA to store and manage spam messages quarantined by multiple Cisco ESAs in one central location, providing a unified view and administration of the spam quarantine data.

References: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-3.

To protect against Directory Harvest Attacks, the administrator must configure Directory Harvest Attack Prevention in the mail flow policy that applies to the listener. This will enable the Cisco Secure Email Gateway to reject or throttle messages that are sent to invalid recipients by checking the LDAP server for valid email addresses. References: [Cisco Secure Email Gateway Administrator Guide - Configuring Directory Harvest Attack Prevention]

A regular expression is a sequence of characters that defines a search pattern for text. To match a string of 123ABCDEFGHJ, you need to use the following regular expression: \d{3}[A-Z]{9}. This expression means that the string must start with three digits (\d{3}), followed by nine uppercase letters ([A-Z]{9}). This expression will match any string that has the same format as 123ABCDEFGHJ. References = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Regular Expressions [Cisco Secure Email Gateway] - Cisco

The maximum attachment size to scan is a configuration on the scan behavior that determines the maximum size of an attachment that Cisco ESA will scan for viruses and malware. If an attachment exceeds this size, Cisco ESA will apply the configured action for unscannable messages, such as deliver, drop, or quarantine.

To allow the attachment to be scanned on the Cisco ESA, this configuration must be updated to a larger value than the attachment size, which is 10 MB according to the message header.

The other options are not valid configurations to allow the attachment to be scanned on the Cisco ESA, because they do not affect the maximum attachment size to scan.

References: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 7-3 and page 7-4.