650-156 - ISPES Cisco IronPort Security Professional - Email Security
Go back to
Cisco
Example Questions
You are configuring the encryption profile to be used with a content filter. But you see the string "Not Provisioned" in the Email Encryption Profiles table. What is the next step?
Apply the encryption profile in a content filter.
Which of the following CU commands will configure the default route?
setgateway
What is the first CU command for entering a message filter?
filters
Which of the following repotting options will allow you to view aggregate traffic across a group of two email security appliances, separate from other appliance groups?
Domain-Based Executive Summary
In what menu is the encryption algorithm chosen for envelope encryption?
In the Encryption Profile under Advanced Envelope Settings
Which of the following sender groups does not have an SBRS associated with it?
RELAYLIST
What is the best way to create a support ticket?
Support Request via the User Interface.
How does the C-Series differentiate between incoming and outgoing email?
By the source IP address of the SMTP client.
An enterprise has two email domains but only one is covered by their LDAP directory. Of the following, which is the best method to address this?
Configure Bypass LDAP Accept in the RAT
To ensure that mail from a particular network is not blocked you add it to the White list. However, now you are receiving spam messages from that network. Which is the most likely cause?
The Trusted Mail Flow Policyhas Spam detection switched off
Which statements are true regarding Reporting? (Choose two.)
To export a backup of the reporting and tracking data on the SMA, the command is export.
Clustering two ESAs together will allow for both centralized reporting from either of the ESAs user interfaces.
What is the difference between TLS client settings preferred and preferred-verify?
Verify will try and verify the hostname match on the certificate.
Which of the following repotting options will allow you view outgoing mail form a sub-domain based on either the mail server or the email address?
Outgoing Mail Summary
LDAP is enabled for all but one internal domain that is not represented in the LDAP directory, how would you configure the appliance to accept it?
Bypass LDAP accept in a RAT entry.
When configuring a RAT entry, there must be a corresponding________. Which of the following will complete this sentence?
SMTP route
Which of these statements about Post X Encryption is true?
It uses symmetric encryption and creates a unique key for each recipient.
How should marketing messages that are missed by marketing mail detection is handled?
Send samples to [email protected]
Which of the following correctly explains the Message Filter condition "attachment-protected" and "encrypted"? (Choose two.)
Attachment-protected only checks for password protected documents.
Encrypted only checks for PGP and S/MIME encrypted data.
Which of the following statements are true regarding Message Tracking?
Message Tracking polls its data from the mail logs.
Which of the following three LDAP tokens are valid for use on the ESA? (Choose three.)
{d}
{a}
{g}
When a recipient opens a CRES encrypted envelope, and chooses to forward the encrypted envelope to another recipient, which of the following devices is the SMTP client?
The CRES server.
How would you configure the Recipient Access Table to accept all subdomains and the root domain mydomain.com?
Two entries: mydomain.com and .mydomain.com
Which two connection behaviors, specified in each Mail Flow policy, will apply an Inbound Mail Policy? (Choose two.)
ACCEPT
REJECT
IPAS is enabled for all inbound mail but you want to bypass Spam checking for messages from cisco.com. Which three methods will do this? (Choose three.)
Add the IP addresses of the sending the sending mail servers of cisco.com to the White list.
Create a message filter to bypass Spam checking for Cisco.com.
Create an incoming mail policy to match on ©cisco.com and disable IPAS.
Which of the following CU commands configures an SMTP Server? (Receives SMTP connections)
listenerconfig
You can perform an outbound test SMTP connection, without sending a full message by using which of the following two commands? (Choose two.)
telnet
Trace
Which one of the following commands is the "Administrator Role" restricted from exercising?
upgrade
Which of the following commands will show the ARP cache on the C-Series appliance?
arpshow
What is the process of rewriting a private senders address into a public senders address is called?
LDAP Masquerading
What is the difference between the ACCEPT and RELAY action in the Mail Flow Policy?
ACCEPT will allow the email in and handle it as an inbound message, RELAY will accept the email but skip the RAT and handle it as an outbound message.
You are using content filters to trigger encryption, but you also want to have DLP scanning. Which of the following is the best choice to send a scanned and encrypted message to the recipient's mailbox?
Since DLP scanning is necessary, use TLS which encrypts after the message is scanned by the DLP engine.
After installing a certificate for TLS, where would you enable outbound TLS connections?
Destination controls
In the DLP Policy engine, what is the default remediation for a message tagged with a severity of "Critical"?
Drop
Which of the following devices cannot support NIC Pairing?
C160
In the default settings, which of the following sender groups will match on a reputation score of +2?
UNKNOWN LIST
Which of the following commands provides a snapshot of the remote hosts connecting to the system?
topin
What is the SMTP command than initiates a TLS connection?
STARTTLS
Which two of the following mail flow policies is associated with a private listener? (Choose two.)
BLOCKED
RELAYED
Which of the following filters can be used to track privacy information in the message body? (Choose three.)
Content Filters
Message Filters
RSA DLP
You have enabled LDAP to search a Microsoft 2003 AD server for valid mail addresses, which of the following two is a valid accept query? (Choose two.)
(Proxyaddresses=smtp:{a})
Mailroutingaddress={a}
Which one of the following will allow an administrator to view sensitive compliance information, such as a credit card number in the message body that has triggered a DLP filter?
Policy Quarantine
Which one of the following menus is used to set the Max. Invalid Recipients Per Hour?
Mail Flow Policies
What is a base DN in the LDAP directory?
A starting point with a LDAP schema for searches
How would you configure the Recipient Access Table to only accept the subdomains of mydomain.com?
mydomain.com
You have configured your C-Series onto one subnet in the DMZ. But you need separate policies, rules and filters for incoming and outgoing messages, and management, to one IP address on the C-Series. Which of the following descriptions would be the best design?
Data 1 interface with two listeners
In the email pipeline, what filters come directly before and after LDAP routing?
LDAP Recipient Acceptance
Message Filters
When saving a configuration file that will be reloaded into the appliance, which one of the following must be changed before saving?
Unmask the password strings
Which three of the following can be used to skip Anti-Virus scanning? (Choose three.)
Mail Policies
HAT
Message Filters
Which format must the x509 certificate be in for installing on an ESA?
PKCS