What are the two different phases in the process of Cisco Secure Email Gateway performing S/MIME encryption? (Choose two.)
A security administrator deployed a Cisco Secure Email Gateway appliance with a mail policy configured to store suspected spam for review. The appliance is the DMZ and only the standard HTTP/HTTPS ports are allowed by the firewall. An administrator wants to ensure that users can view any suspected spam that was blocked. Which action must be taken to meet this requirement?
Enabling End-User Quarantine Access and pointing to an LDAP server for authentication is the action that must be taken to meet this requirement. End-User Quarantine Access is a feature that allows users to access their personal quarantine on Cisco ESA using their email address and password, without requiring an administrator account or access to Secure Email and Web Manager.
To enable End-User Quarantine Access on Cisco ESA, the administrator can follow these steps:
Select Security Services > IronPort Anti-Spam > End User Safelist/Blocklist Settings and click Edit Settings.
Under End User Quarantine Access, select Enable End User Quarantine Access.
Under Authentication Server, select LDAP Server from the drop-down menu and choose an LDAP server profile from the drop-down menu.
Click Submit.
Which feature utilizes sensor information obtained from Talos intelligence to filter email servers connecting into the Cisco ESA?
SenderBase Reputation Filtering is a feature that allows Cisco ESA to reject or throttle connections from email servers based on their reputation score, which is calculated by Talos using sensor information from various sources.
An engineer wants to ensure that emails received by company users that contain URLs do not make them susceptible to data loss from accessing malicious or undesired external content sources Which two features must be configured on Cisco Secure Email Gateway to meet this requirement1? (Choose two.)
To meet the requirement of ensuring that emails received by company users that contain URLs do not make them susceptible to data loss from accessing malicious or undesired external content sources, the administrator must configure two features on Cisco Secure Email Gateway: antispam scanning and URL filtering. Antispam scanning can block or quarantine messages that are identified as spam based on various criteria, such as sender reputation, message content, and message headers. URL filtering can rewrite or defang URLs in messages that are associated with malicious or undesirable websites, such as phishing, malware, adult, or gambling sites.Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring Antispam Scanning] and [Cisco Secure Email Gateway Administrator Guide - Configuring URL Filtering]
When a network engineer is troubleshooting a mail flow issue, they discover that some emails are rejected with an SMTP code of 451 and the error message "#4.7.1 Unable to perform DMARC verification". In the DMARC verification profile on the Cisco Secure Email Gateway appliance, which action must be set for messages that result in temporary failure to prevent these emails from being rejected?
Accept is the action that must be set for messages that result in temporary failure to prevent these emails from being rejected. Accept allows Cisco ESA to deliver the messages without applying any DMARC actions or modifications.
To configure the accept action for messages that result in temporary failure on Cisco ESA, the administrator can follow these steps:
Select Mail Policies > DMARC Verification Profile and click Edit Settings for the DMARC verification profile that applies to the messages.
Under DMARC Actions, select Accept from the drop-down menu for Messages That Result in Temporary Failure.
Click Submit.
The other options are not valid actions for messages that result in temporary failure to prevent these emails from being rejected, because they either apply DMARC actions or modifications or do nothing.
