Cisco Exam 300-720 Topic 16 Question 78 Discussion

Actual exam question for Cisco's 300-720 exam

Question #: 78
Topic #: 16

The company security policy requires that the finance department have an easy way to apply encryption to their outbound messages that contain sensitive data Users must be able to flag the messages that require encryption versus a Cisco Secure Email Gateway appliance scanning all messages and automatically encrypting via detection Which action enables this capability?

ACreate an encryption profile with [SECURE] in the Subject setting and enable encryption on the mail flow policy

BCreate an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting

CCreate an encryption profile and an outgoing content filter that includes \[SECURE\] within the Subject Header: Contains condition along with the Encrypt and Deliver Now action

DCreate a DLP policy manager message action with encryption enabled and apply it to active DLP policies for outgoing mail.

Show Suggested Answer

Suggested Answer: C

According to the [Cisco Secure Email Encryption Service Add-In User Guide], you can create an encryption profile that defines the encryption settings and options for your encrypted messages[2, p. 11]. You can also create an outgoing content filter that applies the encryption profile to the messages that match certain conditions, such as having [SECURE] in the subject header[2, p. 12]. This way, you can allow users to flag the messages that require encryption by adding [SECURE] to the subject line.

The other options are not valid because:

A) Creating an encryption profile with [SECURE] in the Subject setting and enabling encryption on the mail flow policy will not work, as the Subject setting in the encryption profile is used to specify the subject line of the encrypted message envelope, not the original message[2, p. 11].

B) Creating an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting will not work, as this will encrypt all outgoing messages regardless of whether they have [SECURE] in the subject line or not[2, p. 12].

D) Creating a DLP policy manager message action with encryption enabled and applying it to active DLP policies for outgoing mail will not work, as this will encrypt messages based on DLP rules that detect sensitive data in the message content, not based on user flags in the subject line.

by Justine at Mar 10, 2024, 12:44 PM

Limited Time Offer

25%

Off

Get Premium 300-720 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Margot

3 days ago

You know, I was totally going to pick option D, but now I'm having second thoughts. Seems like a bit of overkill to set up a whole DLP policy just for this. Plus, the users want an easy way to do it themselves.

upvoted 0 times

...

Alonzo

4 days ago

I was leaning towards option B at first, but I see your point about it not giving the users the ability to flag the messages themselves. C definitely seems like the most user-friendly approach.

upvoted 0 times

...

Gilma

5 days ago

Yeah, I agree with Shawn. Option C is the most straightforward solution that meets the requirements. The other options either don't give the users enough control, or involve more complex setup with DLP policies.

upvoted 0 times

...

Shawn

6 days ago

Hmm, this is an interesting question. I think option C is the way to go here. Creating an encryption profile and an outgoing content filter with the [SECURE] subject condition seems like the easiest way to give the finance department the control they need over encryption, without having the appliance scanning everything.

upvoted 0 times

...