650-156 - ISPES Cisco IronPort Security Professional - Email Security
Go back to Cisco
You are configuring the encryption profile to be used with a content filter. But you see the string "Not Provisioned" in the Email Encryption Profiles table. What is the next step?
Apply the encryption profile in a content filter.
Which of the following CU commands will configure the default route?
What is the first CU command for entering a message filter?
Which of the following repotting options will allow you to view aggregate traffic across a group of two email security appliances, separate from other appliance groups?
Domain-Based Executive Summary
In what menu is the encryption algorithm chosen for envelope encryption?
In the Encryption Profile under Advanced Envelope Settings
Which of the following sender groups does not have an SBRS associated with it?
What is the best way to create a support ticket?
Support Request via the User Interface.
How does the C-Series differentiate between incoming and outgoing email?
By the source IP address of the SMTP client.
An enterprise has two email domains but only one is covered by their LDAP directory. Of the following, which is the best method to address this?
Configure Bypass LDAP Accept in the RAT
To ensure that mail from a particular network is not blocked you add it to the White list. However, now you are receiving spam messages from that network. Which is the most likely cause?
The Trusted Mail Flow Policyhas Spam detection switched off
Which statements are true regarding Reporting? (Choose two.)
To export a backup of the reporting and tracking data on the SMA, the command is export.
Clustering two ESAs together will allow for both centralized reporting from either of the ESAs user interfaces.
What is the difference between TLS client settings preferred and preferred-verify?
Verify will try and verify the hostname match on the certificate.
Which of the following repotting options will allow you view outgoing mail form a sub-domain based on either the mail server or the email address?
Outgoing Mail Summary
LDAP is enabled for all but one internal domain that is not represented in the LDAP directory, how would you configure the appliance to accept it?
Bypass LDAP accept in a RAT entry.
When configuring a RAT entry, there must be a corresponding________. Which of the following will complete this sentence?
Which of these statements about Post X Encryption is true?
It uses symmetric encryption and creates a unique key for each recipient.
How should marketing messages that are missed by marketing mail detection is handled?
Send samples to [email protected]
Which of the following correctly explains the Message Filter condition "attachment-protected" and "encrypted"? (Choose two.)
Attachment-protected only checks for password protected documents.
Encrypted only checks for PGP and S/MIME encrypted data.
Which of the following statements are true regarding Message Tracking?
Message Tracking polls its data from the mail logs.
Which of the following three LDAP tokens are valid for use on the ESA? (Choose three.)
When a recipient opens a CRES encrypted envelope, and chooses to forward the encrypted envelope to another recipient, which of the following devices is the SMTP client?
The CRES server.
How would you configure the Recipient Access Table to accept all subdomains and the root domain mydomain.com?
Two entries: mydomain.com and .mydomain.com
Which two connection behaviors, specified in each Mail Flow policy, will apply an Inbound Mail Policy? (Choose two.)
IPAS is enabled for all inbound mail but you want to bypass Spam checking for messages from cisco.com. Which three methods will do this? (Choose three.)
Add the IP addresses of the sending the sending mail servers of cisco.com to the White list.
Create a message filter to bypass Spam checking for Cisco.com.
Create an incoming mail policy to match on ©cisco.com and disable IPAS.
Which of the following CU commands configures an SMTP Server? (Receives SMTP connections)
You can perform an outbound test SMTP connection, without sending a full message by using which of the following two commands? (Choose two.)
Which one of the following commands is the "Administrator Role" restricted from exercising?
Which of the following commands will show the ARP cache on the C-Series appliance?
What is the process of rewriting a private senders address into a public senders address is called?
What is the difference between the ACCEPT and RELAY action in the Mail Flow Policy?
ACCEPT will allow the email in and handle it as an inbound message, RELAY will accept the email but skip the RAT and handle it as an outbound message.
You are using content filters to trigger encryption, but you also want to have DLP scanning. Which of the following is the best choice to send a scanned and encrypted message to the recipient's mailbox?
Since DLP scanning is necessary, use TLS which encrypts after the message is scanned by the DLP engine.
After installing a certificate for TLS, where would you enable outbound TLS connections?
In the DLP Policy engine, what is the default remediation for a message tagged with a severity of "Critical"?
Which of the following devices cannot support NIC Pairing?
In the default settings, which of the following sender groups will match on a reputation score of +2?
Which of the following commands provides a snapshot of the remote hosts connecting to the system?
What is the SMTP command than initiates a TLS connection?
Which two of the following mail flow policies is associated with a private listener? (Choose two.)
Which of the following filters can be used to track privacy information in the message body? (Choose three.)
You have enabled LDAP to search a Microsoft 2003 AD server for valid mail addresses, which of the following two is a valid accept query? (Choose two.)
Which one of the following will allow an administrator to view sensitive compliance information, such as a credit card number in the message body that has triggered a DLP filter?
Which one of the following menus is used to set the Max. Invalid Recipients Per Hour?
Mail Flow Policies
What is a base DN in the LDAP directory?
A starting point with a LDAP schema for searches
How would you configure the Recipient Access Table to only accept the subdomains of mydomain.com?
You have configured your C-Series onto one subnet in the DMZ. But you need separate policies, rules and filters for incoming and outgoing messages, and management, to one IP address on the C-Series. Which of the following descriptions would be the best design?
Data 1 interface with two listeners
In the email pipeline, what filters come directly before and after LDAP routing?
LDAP Recipient Acceptance
When saving a configuration file that will be reloaded into the appliance, which one of the following must be changed before saving?
Unmask the password strings
Which three of the following can be used to skip Anti-Virus scanning? (Choose three.)
Which format must the x509 certificate be in for installing on an ESA?