• ホーム
  • ブログ
  • [2023年10月17日] 無料CCNP Security 300-720試験問題を使おう [Q43-Q59]

[2023年10月17日] 無料CCNP Security 300-720試験問題を使おう [Q43-Q59]

Share

[2023年10月17日] 無料CCNP Security 300-720試験問題を使おう

300-720問題集でCCNP Security必ず合格できる練習問題集


Cisco 300-720認定試験は、Cisco Email Security Applianceを使用した電子メールのセキュリティを確保する知識とスキルを候補者がテストするために設計されています。この試験は、組織の電子メールセキュリティソリューションを管理および維持する責任があるITプロフェッショナルを対象としています。この試験に合格する候補者は、電子メールセキュリティの分野における専門家として認められ、雇用主から非常に求められる存在となります。


Cisco 300-720試験は、Cisco Email Securityアプライアンス(ESA)で電子メールを保護する際に専門家の知識とスキルを評価するように設計されています。この試験では、ESAの構成と展開、電子メール認証と暗号化の実装、電子メールの脅威の調査と検疫、ESAシステムの管理など、幅広いトピックをカバーしています。この認定は、組織内の電子メールシステムの保護を担当するセキュリティの専門家、ネットワーク管理者、およびエンジニアを対象としています。

 

質問 # 43
Which two action types are performed by Cisco ESA message filters? (Choose two.)

  • A. final actions
  • B. quarantine actions
  • C. non-final actions
  • D. filter actions
  • E. discard actions

正解:A、C

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01000.html


質問 # 44
Which global setting is configured under Cisco ESA Scan Behavior?

  • A. actions for unscannable messages due to attachment type
  • B. minimum attachment size to scan
  • C. minimum depth of attachment recursion to scan
  • D. attachment scanning timeout

正解:D


質問 # 45
Which two query types are available when an LDAP profile is configured? (Choose two.)

  • A. proxy consolidation
  • B. routing
  • C. user
  • D. group
  • E. recursive

正解:B、D

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html


質問 # 46
Refer to the exhibit.

Which SPF record is valid for mycompany.com?

  • A. v=spf1 a mx ip4:199.209.31.21 -all
  • B. v=spf1 a mx ip4:199.209.31.2 -all
  • C. v=spf1 a mx ip4:172.16.18.230 -all
  • D. v=spf1 a mx ip4:10.1.10.23 -all

正解:C


質問 # 47
A Cisco ESA administrator has several mail policies configured. While testing policy match using a specific sender, the email was not matching the expected policy.
What is the reason of this?

  • A. The message header with the highest priority is checked against the Default policy in a top-down fashion.
  • B. The message header with the highest priority is checked against each policy in a top-down fashion.
  • C. The To" header is checked against all policies in a top-down fashion.
  • D. The Tram* header is checked against all policies in a top-down fashion.

正解:A


質問 # 48
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?

  • A. 30 seconds
  • B. 90 seconds
  • C. 60 seconds
  • D. 120 seconds

正解:C


質問 # 49
Which attack is mitigated by using Bounce Verification?

  • A. denial of service
  • B. spoof
  • C. smurf
  • D. eavesdropping

正解:A


質問 # 50
Refer to the exhibit.

For improved security, an administrator wants to warn users about opening any links or attachments within an email How must the administrator configure an HTML-coded message at the top of an email body to create this warning?

  • A. Create a text resource type of Notification Template, change to code view to paste the HTML code into the text box. then use this text resource inside a content filter.
  • B. Create a text resource type of Notification Template, paste the HTML code into the text box, then use this text resource inside a content filter.
  • C. Create a text resource type of Disclaimer Template paste the HTML code into the text box. then use this text resource inside a content filter
  • D. Create a text resource type of Disclaimer Template change to code view to paste the HTML code into the text box, then use this text resource inside a content filter

正解:D

解説:
According to the [Cisco Secure Email User Guide], you can create a text resource of type Disclaimer Template and use the code view option to insert HTML code into the text box. Then, you can use this text resource in a content filter to prepend or append the HTML message to the email body[1, p. 15-16].
The other options are not valid because:
A) Creating a text resource type of Disclaimer Template and pasting the HTML code into the text box without changing to code view will not work, as the HTML code will be treated as plain text and not rendered properly[1, p. 15].
C) Creating a text resource type of Notification Template and pasting the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
D) Creating a text resource type of Notification Template and changing to code view to paste the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].


質問 # 51
What are two phases of the Cisco ESA email pipeline? (Choose two.)

  • A. quarantine
  • B. reject
  • C. action
  • D. workqueue
  • E. delivery

正解:D、E

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-1/user_guide/ b_ESA_Admin_Guide_12_1/b_ESA_Admin_Guide_12_1_chapter_011.pdf (p.1)


質問 # 52
Which action do Outbreak Filters take to stop small-scale and nonviral attacks, such as phishing scams and malware distribution sites?

  • A. Strip all attachments from email domains associated with potentially harmful websites.
  • B. Rewrite URLs to redirect traffic to potentially harmful websites through a web security proxy
  • C. Block all emails from email domains associated with potentially harmful websites.
  • D. Quarantine messages that contain links to potentially harmful websites until the site is taken offline

正解:B

解説:
Outbreak Filters can take the action of rewriting URLs to redirect traffic to potentially harmful websites through a web security proxy. This allows the Cisco Secure Email Gateway to scan the content of the websites and block or warn the user if they are malicious or undesirable. This action can stop small-scale and nonviral attacks, such as phishing scams and malware distribution sites, that may not be detected by other filters. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring Outbreak Filters]


質問 # 53
How does the graymail safe unsubscribe feature function?

  • A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
  • B. It strips the malicious content of the URI before unsubscribing.
  • C. It checks the URI reputation and category and allows the content filter to take an action on it.
  • D. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

正解:A

解説:
Secure unsubscribe option for end users. Mimicking an unsubscribe option is a popular phishing technique. For this reason, the end users are generally wary of clicking unknown unsubscribe links. For such scenarios, the cloud-based Unsubscribe Service extracts the original unsubscribe URI, checks the reputation of the URI, and then performs the unsubscribe process on behalf of the end user. This protects end users from malicious threats masquerading as unsubscribe links. https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-2-1/User_Guide/b_ESA_Admin_Guide_14-2-1/b_ESA_Admin_Guide_12_1_chapter_01110.html#id_101033


質問 # 54
Which feature must be activated on a Cisco Secure Email Gateway to combat backscatter?

  • A. Bounce Profile
  • B. Bounce Verification
  • C. Forged Email Detection
  • D. Graymail Detection

正解:B

解説:
To combat backscatter, which is a type of spam that consists of bounce messages sent to forged sender addresses, the administrator must enable the Bounce Verification feature under Security Settings. This feature allows the appliance to verify whether a bounce message is legitimate or not by checking if the original message was sent from the appliance. If not, the bounce message is considered as backscatter and can be dropped or quarantined. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring Bounce Verification]


質問 # 55
Which two query types are available when an LDAP profile is configured? (Choose two.)

  • A. proxy consolidation
  • B. user
  • C. routing
  • D. group
  • E. recursive

正解:B、C

解説:
User and routing are two query types that are available when an LDAP profile is configured on Cisco ESA. User queries are used to validate end-user credentials, such as for Spam Quarantine End-User Authentication or SMTP Authentication. Routing queries are used to determine the destination mail server for a recipient, such as for Mail Flow Policies or Delivery Methods.


質問 # 56
Which benefit does enabling external spam quarantine on Cisco SMA provide?

  • A. access to the spam quarantine interface on which a user can release, duplicate, or delete
  • B. ability to back up spam quarantine from multiple Cisco ESAs to one central console
  • C. ability to scan messages by using two engines to increase a catch rate
  • D. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console

正解:D

解説:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma11-0/ user_guide/b_SMA_Admin_Guide/b_SMA_Admin_Guide_chapter_010101.html


質問 # 57
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level." What is the cause of this error?

  • A. DLP is configured at the cluster-level on esa2.
  • B. Content filters are configured at the machine-level on esa1.
  • C. DLP is not configured on host1.
  • D. DLP is configured at the domain-level on esa1.

正解:B

解説:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200083-Requirements-for-the-PVO-Migration-Wizar.html


質問 # 58
Which of the following two statements are correct about the large file attachments (greater than 25MB) feature in Cisco Secure Email Encryption Service? (Choose two.)

  • A. Large file attachments can only be sent using the websafe portal
  • B. Large file attachments will be sent as a securedoc attachment
  • C. This feature can only be enabled if the Read from Message feature is enabled
  • D. Large file attachments can only be sent using the Cisco Secure Email Add-In.
  • E. This feature allows users to send up to 50MB of attachments in a secure email.

正解:B、C

解説:
Large file attachments will be sent as a securedoc attachment. This means that the recipient will receive an encrypted message with a securedoc.html attachment that contains a link to download the large file from the Cisco Secure Email Encryption Service portal[2, p. 9].
This feature can only be enabled if the Read from Message feature is enabled. The Read from Message feature allows you to encrypt messages based on keywords or phrases in the subject or body of the message. You need to enable this feature before you can enable the large file attachments feature[2, p. 8].
The other options are not valid because:
A) Large file attachments can be sent using both the websafe portal and the Cisco Secure Email Add-In. The websafe portal allows you to compose and send encrypted messages from any web browser, while the Cisco Secure Email Add-In allows you to encrypt messages from your email client such as Outlook[2, p. 6-7].
B) This feature allows users to send up to 100MB of attachments in a secure email, not 50MB[2, p. 9].
D) Large file attachments can be sent using both the websafe portal and the Cisco Secure Email Add-In. The websafe portal allows you to compose and send encrypted messages from any web browser, while the Cisco Secure Email Add-In allows you to encrypt messages from your email client such as Outlook[2, p. 6-7].


質問 # 59
......

Cisco 300-720実際の問題とブレーン問題集:https://www.goshiken.com/Cisco/300-720-mondaishu.html

合格させる300-720試験には更新されたのは300-720試験問題集PDF2023:https://drive.google.com/open?id=147Y7f5kgcSdR4PmUsvetPhqgil-AOF-0

関するブログ

もっと
300-720無料問題集