Cisco 300-720 Exam Dumps

According to the [Cisco Secure Email User Guide], Non-Viral threat detection is a feature of Outbreak Filters that detects and blocks email messages that contain non-viral threats such as phishing, fraud, or social engineering[1, p. 25]. To use this feature, you need to enable either AntiSpam or Intelligent Multi-Scan on your Cisco Secure Email Gateway, as these features provide the necessary scanning and filtering capabilities for Non-Viral threat detection[1, p. 26].

The other options are not valid because:

A) Non-Viral threat detection does not require Antivirus or AMP enablement to properly function. Antivirus and AMP are features that detect and block email messages that contain viral threats such as malware or ransomware[1, p. 27-28].

B) The Outbreak Filters option Graymail Header does not affect Non-Viral threat detection. Graymail Header is an option that allows you to add a header to email messages that are classified as graymail, which are messages that are not spam but may be unwanted by some recipients, such as newsletters or promotions[1, p. 25].

D) The Outbreak Filters option URL Rewriting does not affect Non-Viral threat detection. URL Rewriting is an option that allows you to rewrite the URLs in email messages to point to a Cisco proxy server, which can scan the URLs for malicious content and redirect the users to a warning page if needed[1, p. 25].

https://www.cisco.com/c/en/us/products/security/what-is-dmarc.html

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are two email authentication mechanisms that are utilized during this process. SPF and DKIM allow the domain owner to publish DNS records that specify the authorized IP addresses or hosts for sending emails from that domain and sign the messages with a cryptographic key to prove their authenticity and integrity.

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication standard that builds on SPF and DKIM and allows the domain owner to publish DNS records that specify how receivers should handle messages that fail SPF or DKIM verification, such as reject, quarantine, or none, and how to report back the results of DMARC validation.

The other options are not valid email authentication mechanisms that are utilized during this process, because they are not part of DMARC standard.

With DomainKeys or DKIM email authentication, the sender signs the email using public key cryptography. Configuring DomainKeys and DKIM Signing A signing key is the private key stored on the appliance. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010101.html?bookSearch=true

If the McAfee antivirus scanning is enabled on the Cisco Secure Email Gateway and the virus scanning action is set to ''scan for viruses only'', then no repair is attempted, and the attachment is either dropped or delivered based on the antivirus policy settings. The administrator can choose to drop or deliver the infected attachment by selecting the appropriate action in the antivirus policy.Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring McAfee Antivirus Scanning]

Message filter and content filter are two filters that should be configured to address this issue. Message filter and content filter are rules that allow Cisco ESA to perform actions on messages based on predefined or custom conditions, such as headers, envelope, body, attachments, etc.

To reduce the number of inappropriate emails containing profanity, the network administrator can create a dictionary that contains a list of profane words or phrases and use it as a condition in a message filter or content filter that applies an action of ''drop'', ''quarantine'', or ''modify subject'' on the matching messages.

The other options are not valid filters to address this issue, because they do not use dictionaries or conditions based on message content.