A Cisco Secure Email Gateway administrator recently enabled the Outbreak Filters Global Service Setting to detect Viral as well as Non-Viral threat detection, with no detection of Non-viral threats after 24 hours of monitoring Outbreak Filters What is the reason that Non-Viral threat detection is not detecting any positive verdicts?
According to the [Cisco Secure Email User Guide], Non-Viral threat detection is a feature of Outbreak Filters that detects and blocks email messages that contain non-viral threats such as phishing, fraud, or social engineering[1, p. 25]. To use this feature, you need to enable either AntiSpam or Intelligent Multi-Scan on your Cisco Secure Email Gateway, as these features provide the necessary scanning and filtering capabilities for Non-Viral threat detection[1, p. 26].
The other options are not valid because:
A) Non-Viral threat detection does not require Antivirus or AMP enablement to properly function. Antivirus and AMP are features that detect and block email messages that contain viral threats such as malware or ransomware[1, p. 27-28].
B) The Outbreak Filters option Graymail Header does not affect Non-Viral threat detection. Graymail Header is an option that allows you to add a header to email messages that are classified as graymail, which are messages that are not spam but may be unwanted by some recipients, such as newsletters or promotions[1, p. 25].
D) The Outbreak Filters option URL Rewriting does not affect Non-Viral threat detection. URL Rewriting is an option that allows you to rewrite the URLs in email messages to point to a Cisco proxy server, which can scan the URLs for malicious content and redirect the users to a warning page if needed[1, p. 25].
Which type of DNS record would contain the following line, which references the DKIM public key per RFC 6376?
v=DKIM1; p=76E629F05F709EF665853333EEC3F5ADE69A2362BECE406582670456943283BE
A TXT record is a type of DNS record that contains arbitrary text data that can be used for various purposes such as verification, configuration, or authentication. A TXT record can contain the DKIM public key per RFC 6376, which is used to verify the digital signature of an email message generated by the DKIM private key of the sender domain.
The other options are not valid because:
A) A CNAME record is a type of DNS record that maps an alias name to a canonical name or another alias name. It does not contain any DKIM public key information.
B) An AAAA record is a type of DNS record that maps a hostname to an IPv6 address. It does not contain any DKIM public key information.
D) A PTR record is a type of DNS record that maps an IP address to a hostname, which is the reverse of an A or AAAA record. It does not contain any DKIM public key information.
The company security policy requires that the finance department have an easy way to apply encryption to their outbound messages that contain sensitive data Users must be able to flag the messages that require encryption versus a Cisco Secure Email Gateway appliance scanning all messages and automatically encrypting via detection Which action enables this capability?
According to the [Cisco Secure Email Encryption Service Add-In User Guide], you can create an encryption profile that defines the encryption settings and options for your encrypted messages[2, p. 11]. You can also create an outgoing content filter that applies the encryption profile to the messages that match certain conditions, such as having [SECURE] in the subject header[2, p. 12]. This way, you can allow users to flag the messages that require encryption by adding [SECURE] to the subject line.
The other options are not valid because:
A) Creating an encryption profile with [SECURE] in the Subject setting and enabling encryption on the mail flow policy will not work, as the Subject setting in the encryption profile is used to specify the subject line of the encrypted message envelope, not the original message[2, p. 11].
B) Creating an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting will not work, as this will encrypt all outgoing messages regardless of whether they have [SECURE] in the subject line or not[2, p. 12].
D) Creating a DLP policy manager message action with encryption enabled and applying it to active DLP policies for outgoing mail will not work, as this will encrypt messages based on DLP rules that detect sensitive data in the message content, not based on user flags in the subject line.
What is a benefit of deploying Cisco Secure Email and Web Manager?
One of the benefits of deploying Cisco Secure Email and Web Manager is that it provides centralized management of quarantined email for multiple Cisco Secure Email Gateway appliances. The administrator can use the Cisco Secure Email and Web Manager to view, search, release, delete, or forward quarantined messages from a single web interface.Reference: [Cisco Secure Email and Web Manager User Guide - Configuring Centralized Spam Quarantine]
Refer to the exhibit.
For improved security, an administrator wants to warn users about opening any links or attachments within an email How must the administrator configure an HTML-coded message at the top of an email body to create this warning?
According to the [Cisco Secure Email User Guide], you can create a text resource of type Disclaimer Template and use the code view option to insert HTML code into the text box. Then, you can use this text resource in a content filter to prepend or append the HTML message to the email body[1, p. 15-16].
The other options are not valid because:
A) Creating a text resource type of Disclaimer Template and pasting the HTML code into the text box without changing to code view will not work, as the HTML code will be treated as plain text and not rendered properly[1, p. 15].
C) Creating a text resource type of Notification Template and pasting the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
D) Creating a text resource type of Notification Template and changing to code view to paste the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
Currently there are no comments in this discussion, be the first to comment!