300-720 Practice Questions

Public/Private keypair. A public/private keypair is a pair of cryptographic keys that are used to generate and verify digital signatures. The private key is used to sign the email message, while the public key is used to verify the signature. The public ke y is published in a DNS record, while the private key is stored on the Cisco Secure Email Gateway appliance[ 1 , p. 2].

Domain signing profile. A domain signing profile is a configuration that specifies the domain and selector to use for signing outgoing mes sages, as well as the signing algorithm, canonicalization method, and header fields to include in the signature. You can create multiple domain signing profiles for different domains or subdomains[ 1 , p. 3].

The other options are not valid because:

A.  

DMARC verification profile is not a component for utilizing a digital signature in outgoing emails. It is a component for verifying the authenticity of incoming emails based on SPF and DKIM results[ 2 , p. 1].

B.  

SPF record is not a component for utilizing a digi tal signature in outgoing emails. It is a component for validating the sender IP address of incoming emails based on a list of authorized IP addresses published in a DNS record[ 3 , p. 1].

E.  

PKI certificate is not a component for utilizing a digital signatu re in outgoing emails. It is a component for encrypting and decrypting email messages based on a certificate authority that issues and validates certificates[ 4 , p. 1].

User and routing are two query types that are available when an LDAP profile is configured on Cisco ES

A.  

Undesirable URL protection is a feature that allows Cisco ESA to detect and block messages that contain URLs that lead to malicious or unwanted websites, such as phishing, malware, or adult content sites. To enable this feature, outbreak filters and antispam scanning must be enabled on Cisco ES

A.  

To meet the requirement of ensuring that emails receiv ed by company users that contain URLs do not make them susceptible to data loss from accessing malicious or undesired external content sources, the administrator must configure two features on Cisco Secure Email Gateway: antispam scanning and URL filtering . Antispam scanning can block or quarantine messages that are identified as spam based on various criteria, such as sender reputation, message content, and message headers. URL filtering can rewrite or defang URLs in messages that are associated with malic ious or undesirable websites, such as phishing, malware, adult, or gambling sites.  References : [Cisco Secure Email Gateway Administrator Guide - Configuring Antispam Scanning] and [Cisco Secure Email Gateway Administrator Guide - Configuring URL Filtering]