Email Security for Field Engineers v6.0

Page:    1 / 5   
Exam contains 70 questions

Which option describes when DLP scanning occurs in the email pipeline?

  • A. Between anti-virus and anti-spam check
  • B. Immediately after outbreak filters
  • C. Before anti-spam check
  • D. After message filters and before content filters


Answer : B

In the IronPott C-Series, which of the following control theSMTP conversation? (Choose two.)

  • A. Outbreak Filters
  • B. Content Filters
  • C. IronPort Anti-Spam
  • D. Message Filters
  • E. Recipient Access Table
  • F. Host Access Table
  • G. Anti-Virus


Answer : E,F

Using the customer requirements suggest the appropriate licenses for a single appliance.
The C-Series will handle both incoming and outgoing email. The customer is very concerned about tracking and preventing phishing and virus attacks. What are three choices for licenses? (Choose three.)

  • A. Sophos Anti-Virus
  • B. IronPort Email Encryption
  • C. Bounce Verification
  • D. IronPort Anti-Spam
  • E. Outbreak Filters
  • F. Centralized Management


Answer : A,D,E

Refer to the exhibit. Based on the content filter which attachments will be quarantined?
(Choose two.)

  • A. pdf attachment.
  • B. A .exe attachment.
  • C. A .pdf attachment that has had its file extension changed to .exe
  • D. A .msi attachment that has had its file extension changed to .pdf


Answer : A,D

If the marketing message detection feature mislabels legitimate mail as marketing, which action corrects this error?

  • A. Turn off Marketing Message Detection.
  • B. Whitelistthe domains that send the mislabeled messages.
  • C. Send samples of mislabeled legitimate mail to [email protected]
  • D. Send samples of mislabeled legitimate mail to [email protected]


Answer : C

Using the customer requirements select the appropriate licenses keys that are needed.
Customer wants to implement CRES on their outgoing mail. Incoming mail is handled by a hosted service. (Choose two.)

  • A. IronPort Email Encryption
  • B. Bounce Verification
  • C. IronPort Anti-Spam
  • D. Incoming Mail Handling / Receiving
  • E. Outbreak Filters
  • F. Sophos Anti-Virus


Answer : A,D

In a "one armed installation" using a single listener, how would the system differentiate between incoming and outgoing email?

  • A. Mail flow direction is determined by the "Recipient to" field in the SMTP envelope.
  • B. Mail flow direction is determined by the type of listener, public verses private.
  • C. Mail flow direction is determined by using the source IP address.
  • D. Mail flow direction is determined by the "Mail From" field in the SMTP envelope.


Answer : C

Refer to the exhibit. You have finished an installation, but the customer cannot receive mail from a business partner. Based on the mail log, how should you explain this to the customer? How can you allow this mail to be accepted into the customer's domain?

  • A. Allow mail delivered from this site by changing the RAT settings from moderate to conservative.
  • B. Have their business partner contact IronPort support to adjust their reputation score.
  • C. The business partner's MTA has been blocked based on their reputation. Adjust the settings on the blacklist from -10 to - 3.0 to -10 to-7.7. The suspectlist will scan this domain for spam
  • D. The business partner's MTA has been blocked based on their reputation. Suggest whitelisting their partner's domain, but caution them about anti-spam being disabled.


Answer : D

Refer to the exhibit. Based on the content filter condition menu, which of the following statements is correct?

  • A. If the word "secret" is present in the message an action will take place.
  • B. If the word "secret" is present in either the message body or attachment, an action will take place.
  • C. If the word "secret" occurs a total of three times in either the message body or attachments, an action will take place
  • D. If the ABA routing number is present in either the message body or attachment, an action will take place.


Answer : C

Which approach for SenderBase Reputation Score filtering would ensure a very small false positive rate and achieve better system performance?

  • A. Generic
  • B. Aggressive
  • C. Moderate
  • D. Basic
  • E. Conservative


Answer : C

Which option describes the function of the RSA Enterprise Manager?

  • A. Centralized reporting
  • B. Management of the email encryption profile
  • C. Management of mail policies
  • D. Management of quarantined messages
  • E. Centralized management of DLP polices, remediation, and reporting


Answer : E

Which option describes when LDAP domain assignments are used?

  • A. When not all users are in the directory
  • B. When just some users are in the directory
  • C. When users are in separate domains, each of which has their own directory
  • D. When users in the same domain are split over different directories


Answer : C

Which of the following parameters are used by the Anti-Spam engine? (Choose three.)

  • A. The number of recipients in the RCPTTO list.
  • B. The characteristics of the message (random dots, multiple colors)
  • C. The sending mail domains reputation
  • D. The reputation of URLs in the message
  • E. Analysis of image content using optical character recognition


Answer : B,C,D

Which three options are Cisco ESA facilities that can use LDAP group queries? (Choose three.)

  • A. Anti-spam settings
  • B. Sender groups
  • C. Message filters
  • D. RAT
  • E. Incoming mail policies
  • F. Content filters
  • G. Destination controls
  • H. SenderBase reputation filtering


Answer : B,D,H

When configuring CRES, where do you enable read receipts?

  • A. In the encryption profile
  • B. In the content filter condition menu
  • C. In the content filter action menu
  • D. In the mail policy


Answer : A

Page:    1 / 5   
Exam contains 70 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.