2024年最新の300-720問題集PDFで300-720リアル試験問題解答 [Q37-Q61]

2024年最新の300-720問題集PDFで300-720リアル試験問題解答

有効な300-720テスト解答とCisco 300-720試験PDF問題を試そう

質問 # 37
An administrator must ensure that emails sent from [email protected] are routed through an alternate virtual gateway. Drag and drop the snippet from the bottom onto the blank in the graphic to finish the message filter syntax. Not all snippets are used.

正解：

解説：

質問 # 38
An administrator needs to configure Cisco ESA to ensure that emails are sent and authorized by the owner of the domain. Which two steps must be performed to accomplish this task? (Choose two.)

• A. Create signing profile.
• B. Generate keys.
• C. Enable SPF verification.
• D. Create DMARC profile.
• E. Create Mx record.

正解：A、B

解説：
Configuring DomainKeys and DKIM Signing:
-Signing Keys
-Public Keys
-Domain Profiles
Creating Domain Profiles:
Step 1
-Choose Mail Policies > Signing Profiles.
Step 2
-In the Domain Signing Profiles section, click Add Profile.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_010110.html?bookSearch=true

質問 # 39
Which two steps configure Forged Email Detection? (Choose two.)

• A. Configure a filter to use the Forged Email Detection rule and dictionary.
• B. Enable Forged Email Detection on the Security Services page.
• C. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
• D. Configure a content dictionary with executive email addresses.
• E. Configure a content dictionary with friendly names.

正解：A、D

解説：
Reference:
https://explore.cisco.com/esa-feature-enablement/user-guide-for-async-11

質問 # 40
A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named 'Sales' that has yet to be created.
Which mail policy should be created to accomplish this task?

• A. Outgoing Mail Flow Policy
• B. Preliminary Mail Policy
• C. Outgoing Mail Policy
• D. Incoming Mail Flow Policy

正解：C

解説：
Outgoing Mail Policy is a mail policy that should be created to accomplish this task. Outgoing Mail Policy is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.
To create an Outgoing Mail Policy named 'Sales' and assign a DLP policy to it, the administrator can follow these steps:
Select Mail Policies > Outgoing Mail Policies and click Add Policy.
Enter 'Sales' as the policy name and click Submit.
Select 'Sales' from the list of policies and click Edit Settings.
Under Data Loss Prevention, select Enable Data Loss Prevention Scanning and choose the DLP policy from the drop-down menu.
Click Submit.
The other options are not valid mail policies to accomplish this task, because they do not apply to outgoing messages or DLP scanning.

質問 # 41
What is the default behavior of any listener for TLS communication?

• A. required
• B. preferred
• C. preferred-verify
• D. off

正解：D

解説：
The default behavior of any listener for TLS communication is B. off. This means that TLS is not allowed for incoming connections to the listener and connections to the listener do not require encrypted Simple Mail Transfer Protocol (SMTP) conversations. This is stated in the web search result 1. To enable TLS for a listener, you need to configure the Use TLS option in the mail flow policy settings for the listener on the Mail Policies > HAT Overview page1. You can choose from three different settings for TLS: No, Preferred, or Required1.

質問 # 42
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released.
What was configured that caused this to occur?

• A. The threshold settings were set to default.
• B. The retention period was changed to one hour.
• C. The retention period was set to default.
• D. The threshold settings were set to override the clock settings.

正解：A

質問 # 43
Which attack is mitigated by using Bounce Verification?

• A. smurf
• B. denial of service
• C. spoof
• D. eavesdropping

正解：B

質問 # 44
How does the graymail safe unsubscribe feature function?

• A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
• B. It strips the malicious content of the URI before unsubscribing.
• C. It checks the URI reputation and category and allows the content filter to take an action on it.
• D. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

正解：A

解説：
Secure unsubscribe option for end users. Mimicking an unsubscribe option is a popular phishing technique. For this reason, the end users are generally wary of clicking unknown unsubscribe links. For such scenarios, the cloud-based Unsubscribe Service extracts the original unsubscribe URI, checks the reputation of the URI, and then performs the unsubscribe process on behalf of the end user. This protects end users from malicious threats masquerading as unsubscribe links. https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-2-1/User_Guide/b_ESA_Admin_Guide_14-2-1/b_ESA_Admin_Guide_12_1_chapter_01110.html#id_101033

質問 # 45
An analyst creates a new content dictionary to use with Forged Email Detection.
Which entry will be added into the dictionary?

• A. Alpha Beta
• B. ^Alpha\ Beta$
• C. mycompany.com
• D. [email protected]

正解：C

解説：
Explanation/Reference: https://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/ whitepaper_C11-737596.html

質問 # 46
What is a valid content filter action?

• A. decrypt on delivery
• B. skip antispam
• C. quarantine
• D. archive

正解：C

解説：
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01010.html#con_1158022

質問 # 47
A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?

• A. SBRS
• B. LDAP
• C. SMTP
• D. DHAP

正解：C

解説：
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html

質問 # 48
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.
What should be done on the Cisco ESA to achieve this?

• A. Use the altrchost command to add a separate gateway for the new domain.
• B. Use the deli very config command to configure mail delivery for the new domain.
• C. Use the dsestconf command to add a separate destination for the new domain.
• D. Use the smtproutes command to configure a SMTP route for the new domain.

正解：D

解説：
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011001.html one of the steps to accept mail for additional internal domains on the Cisco ESA is to choose Network > SMTP Routes and enter the new domain and the corresponding destination host IP address1. This can also be done using the smtproutes command in the CLI1. The other commands (deliveryconfig, dsestconf, and altrchost) are not related to this task.

質問 # 49
Which two action types are performed by Cisco ESA message filters? (Choose two.)

• A. filter actions
• B. non-final actions
• C. quarantine actions
• D. final actions
• E. discard actions

正解：B、D

質問 # 50
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?

• A. SMTP AUTH
• B. LDAP BIND
• C. LDAP Query
• D. SMTP TLS

正解：A

解説：
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011011.html

質問 # 51
An engineer is configuring a Cisco ESA for the first time and needs to ensure that any email traffic coming from the internal SMTP servers is relayed out through the Cisco ESA and is tied to the Outgoing Mail Policies.
Which Mail Flow Policy setting should be modified to accomplish this goal?

• A. Reverse Connection Verification
• B. Connection Behavior
• C. Bounce Detection Signing
• D. Exception List

正解：B

質問 # 52
What are two phases of the Cisco ESA email pipeline? (Choose two.)

• A. reject
• B. delivery
• C. action
• D. workqueue
• E. quarantine

正解：B、D

解説：
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-1/user_guide/ b_ESA_Admin_Guide_12_1/b_ESA_Admin_Guide_12_1_chapter_011.pdf (p.1)

質問 # 53
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

• A. active-standby
• B. SLA monitor
• C. failover
• D. load balancing
• E. active-active

正解：C、D

解説：
Load balancing and failover are two configurations that can be used on multiple LDAP servers to connect with Cisco ESA. Load balancing means that Cisco ESA will distribute the LDAP queries among the available LDAP servers in a round-robin fashion, improving the performance and efficiency of the LDAP queries. Failover means that Cisco ESA will switch to another LDAP server if the current one is unavailable or unresponsive, ensuring the continuity and reliability of the LDAP queries.
Reference:
You can enter multiple host names to configure the LDAP servers for failover or load-balancing. Separate multiple entries with commas.

質問 # 54
Refer to the exhibit. An engineer is trying to connect to a Cisco ESA using SSH and has been unsuccessful. Upon further inspection, the engineer notices that there is a loss of connectivity to the neighboring switch.

Which connection method should be used to determine the configuration issue?

• A. Ethernet
• B. serial
• C. HTTPS
• D. Telnet

正解：B

質問 # 55
What occurs when configuring separate incoming mail policies?

• A. message exceptions
• B. message detachment
• C. message aggregation
• D. message splintering

正解：D

質問 # 56
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

• A. Select External Spam Quarantine and click on Configure.
• B. Check the External Safelist/Blocklist check box.
• C. Uncheck the Enable Spam Quarantine check box.
• D. Select Security Services and click Spam Quarantine.
• E. Select Monitor and click Spam Quarantine.

正解：C、E

質問 # 57
What are two prerequisites for implementing undesirable URL protection in Cisco ESA? (Choose two.)

• A. Enable outbreak filters.
• B. Enable antivirus scanning.
• C. Enable antispam scanning.
• D. Enable email relay.
• E. Enable port bouncing.

正解：A、C

質問 # 58
When outbreak filters are configured, which two actions are used to protect users from outbreaks?
(Choose two.)

• A. delay
• B. redirect
• C. abandon
• D. drop
• E. return

正解：A、B

解説：
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html

質問 # 59
Which two Cisco ESA features are used to control email delivery based on the sender? (Choose two.)

• A. spam quarantine
• B. blocklists
• C. outbreak filter
• D. incoming mail policies
• E. safelists

正解：B、E

質問 # 60
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.
What should be done on the Cisco ESA to achieve this?

• A. Use the altrchost command to add a separate gateway for the new domain.
• B. Use the deli very config command to configure mail delivery for the new domain.
• C. Use the dsestconf command to add a separate destination for the new domain.
• D. Use the smtproutes command to configure a SMTP route for the new domain.

正解：D

解説：
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011001.html

質問 # 61
......

シスコ300-720試験は、電子メールセキュリティにおけるスキルを向上させたいITプロフェッショナルにとって必須の認定資格です。この試験に合格することで、候補者はシスコメールセキュリティアプライアンスの専門知識を証明し、資格のある電子メールセキュリティ専門家として業界で認められることができます。

Cisco 300-720認定試験は、Cisco Email Securityアプライアンスを使用して電子メールを確保したい専門家の知識とスキルをテストするように設計されています。この認定試験は、電子メールセキュリティの専門知識を検証し、Cisco Email Securityアプライアンスを構成、展開、維持する能力を実証したいセキュリティの専門家、ネットワーク管理者、およびエンジニアに最適です。

 

300-720試験問題集でPDF問題とテストエンジン：https://www.goshiken.com/Cisco/300-720-mondaishu.html

実際に出る300-720試験問題集には正確で更新された問題：https://drive.google.com/open?id=1jaayqu_o9IKdYEhSPGna3oMjKt14Q0Em