Email Security for Field Engineers v6.0

Page:    1 / 5   
Exam contains 64 questions

Which option describes when DLP scanning occurs in the email pipeline?

  • A. Between anti-virus and anti-spam check
  • B. Immediately after outbreak filters
  • C. Before anti-spam check
  • D. After message filters and before content filters


Answer : B

In the IronPott C-Series, which of the following control theSMTP conversation? (Choose two.)

  • A. Outbreak Filters
  • B. Content Filters
  • C. IronPort Anti-Spam
  • D. Message Filters
  • E. Recipient Access Table
  • F. Host Access Table
  • G. Anti-Virus


Answer : E,F

Using the customer requirements suggest the appropriate licenses for a single appliance.
The C-Series will handle both incoming and outgoing email. The customer is very concerned about tracking and preventing phishing and virus attacks. What are three choices for licenses? (Choose three.)

  • A. Sophos Anti-Virus
  • B. IronPort Email Encryption
  • C. Bounce Verification
  • D. IronPort Anti-Spam
  • E. Outbreak Filters
  • F. Centralized Management


Answer : A,D,E

Refer to the exhibit. Based on the content filter which attachments will be quarantined?
(Choose two.)

  • A. pdf attachment.
  • B. A .exe attachment.
  • C. A .pdf attachment that has had its file extension changed to .exe
  • D. A .msi attachment that has had its file extension changed to .pdf


Answer : A,D

If the marketing message detection feature mislabels legitimate mail as marketing, which action corrects this error?

  • A. Turn off Marketing Message Detection.
  • B. Whitelistthe domains that send the mislabeled messages.
  • C. Send samples of mislabeled legitimate mail to [email protected]
  • D. Send samples of mislabeled legitimate mail to [email protected]


Answer : C

Using the customer requirements select the appropriate licenses keys that are needed.
Customer wants to implement CRES on their outgoing mail. Incoming mail is handled by a hosted service. (Choose two.)

  • A. IronPort Email Encryption
  • B. Bounce Verification
  • C. IronPort Anti-Spam
  • D. Incoming Mail Handling / Receiving
  • E. Outbreak Filters
  • F. Sophos Anti-Virus


Answer : A,D

In a "one armed installation" using a single listener, how would the system differentiate between incoming and outgoing email?

  • A. Mail flow direction is determined by the "Recipient to" field in the SMTP envelope.
  • B. Mail flow direction is determined by the type of listener, public verses private.
  • C. Mail flow direction is determined by using the source IP address.
  • D. Mail flow direction is determined by the "Mail From" field in the SMTP envelope.


Answer : C

Refer to the exhibit. You have finished an installation, but the customer cannot receive mail from a business partner. Based on the mail log, how should you explain this to the customer? How can you allow this mail to be accepted into the customer's domain?

  • A. Allow mail delivered from this site by changing the RAT settings from moderate to conservative.
  • B. Have their business partner contact IronPort support to adjust their reputation score.
  • C. The business partner's MTA has been blocked based on their reputation. Adjust the settings on the blacklist from -10 to - 3.0 to -10 to-7.7. The suspectlist will scan this domain for spam
  • D. The business partner's MTA has been blocked based on their reputation. Suggest whitelisting their partner's domain, but caution them about anti-spam being disabled.


Answer : D

Refer to the exhibit. Based on the content filter condition menu, which of the following statements is correct?

  • A. If the word "secret" is present in the message an action will take place.
  • B. If the word "secret" is present in either the message body or attachment, an action will take place.
  • C. If the word "secret" occurs a total of three times in either the message body or attachments, an action will take place
  • D. If the ABA routing number is present in either the message body or attachment, an action will take place.


Answer : C

Which approach for SenderBase Reputation Score filtering would ensure a very small false positive rate and achieve better system performance?

  • A. Generic
  • B. Aggressive
  • C. Moderate
  • D. Basic
  • E. Conservative


Answer : C

Which option describes the function of the RSA Enterprise Manager?

  • A. Centralized reporting
  • B. Management of the email encryption profile
  • C. Management of mail policies
  • D. Management of quarantined messages
  • E. Centralized management of DLP polices, remediation, and reporting


Answer : E

Which option describes when LDAP domain assignments are used?

  • A. When not all users are in the directory
  • B. When just some users are in the directory
  • C. When users are in separate domains, each of which has their own directory
  • D. When users in the same domain are split over different directories


Answer : C

Which of the following parameters are used by the Anti-Spam engine? (Choose three.)

  • A. The number of recipients in the RCPTTO list.
  • B. The characteristics of the message (random dots, multiple colors)
  • C. The sending mail domains reputation
  • D. The reputation of URLs in the message
  • E. Analysis of image content using optical character recognition


Answer : B,C,D

Which three options are Cisco ESA facilities that can use LDAP group queries? (Choose three.)

  • A. Anti-spam settings
  • B. Sender groups
  • C. Message filters
  • D. RAT
  • E. Incoming mail policies
  • F. Content filters
  • G. Destination controls
  • H. SenderBase reputation filtering


Answer : B,D,H

When configuring CRES, where do you enable read receipts?

  • A. In the encryption profile
  • B. In the content filter condition menu
  • C. In the content filter action menu
  • D. In the mail policy


Answer : A

Page:    1 / 5   
Exam contains 64 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us