Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Cisco®
  3. 300-720

Cisco® 300-720 Exam (page: 2)
Cisco® Securing Email with Email Security Appliance (300-720 SESA)
Updated on: 25-Dec-2025

Viewing Page 2 of 31
300-720 PDF 179 Questions

What are two phases of the Cisco ESA email pipeline? (Choose two.)

  1. reject
  2. workqueue
  3. action
  4. delivery
  5. quarantine

Answer(s): B,D

Explanation:

With DomainKeys or DKIM email authentication, the sender signs the email using public key cryptography. Configuring DomainKeys and DKIM Signing A signing key is the private key stored on the appliance. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11- 1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010101.html?bookSearch =true


Reference:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-1/user_guide/ b_ESA_Admin_Guide_12_1/b_ESA_Admin_Guide_12_1_chapter_011.pdf (p.1)



Which two action types are performed by Cisco ESA message filters? (Choose two.)

  1. non-final actions
  2. filter actions
  3. discard actions
  4. final actions
  5. quarantine actions

Answer(s): A,D

Explanation:

Non-final actions are actions that do not terminate the message filter evaluation, such as adding headers, setting variables, logging, etc. Final actions are actions that end the message filter evaluation and determine the fate of the message, such as accept, drop, bounce, quarantine, etc.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 3-4.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01000.html



Which setting affects the aggressiveness of spam detection?

  1. protection level
  2. spam threshold
  3. spam timeout
  4. maximum depth of recursion scan

Answer(s): B

Explanation:

Spam threshold is a setting that determines the minimum score that a message must have to be classified as spam by Cisco ESA. The lower the threshold, the more aggressive the spam detection is.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 6-5.
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118220- technote- esa-00.html



What is the order of virus scanning when multilayer antivirus scanning is configured?

  1. The default engine scans for viruses first and the McAfee engine scans for viruses second.
  2. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
  3. The McAfee engine scans for viruses first and the default engine scans for viruses second.
  4. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.

Answer(s): D

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12- 0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01011.html

According to the User Guide for AsyncOS 12.0 for Cisco Email Security Appliances2, the order of virus scanning when multilayer antivirus scanning is configured is as follows:
The McAfee engine scans the message first. If the McAfee engine detects a virus, the message is dropped or repaired, depending on the configuration. If the McAfee engine does not detect a virus, the message is passed to the next layer of scanning.
The Sophos engine scans the message second. If the Sophos engine detects a virus, the message is dropped or repaired, depending on the configuration. If the Sophos engine does not detect a virus, the message is delivered to the recipient.



Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?

  1. end user allow list
  2. end user spam quarantine access
  3. end user passthrough list
  4. end user safelist

Answer(s): D

Explanation:

End user safelist is a feature that allows end users to specify email addresses or domains that they want to receive messages from, regardless of the spam verdict or action assigned by Cisco ESA. Messages from senders on the end user safelist are delivered to the end user's inbox without any spam filtering.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-13.



Viewing Page 2 of 31



Share your comments for Cisco® 300-720 exam with other users:

rodrigo 6/22/2023 7:55:00 AM

i need the exam
Anonymous


Dan 6/29/2023 1:53:00 PM

please upload
Anonymous


Ale M 11/22/2023 6:38:00 PM

prepping for fsc exam
AUSTRALIA


ahmad hassan 9/6/2023 3:26:00 AM

pd1 with great experience
Anonymous


Žarko 9/5/2023 3:35:00 AM

@t it seems like azure service bus message quesues could be the best solution
UNITED KINGDOM


Shiji 10/15/2023 1:08:00 PM

helpful to check your understanding.
INDIA


Da Costa 8/27/2023 11:43:00 AM

question 128 the answer should be static not auto
Anonymous


bot 7/26/2023 6:45:00 PM

more comments here
UNITED STATES


Kaleemullah 12/31/2023 1:35:00 AM

great support to appear for exams
Anonymous


Bsmaind 8/20/2023 9:26:00 AM

useful dumps
Anonymous


Blessious Phiri 8/13/2023 8:37:00 AM

making progress
Anonymous


Nabla 9/17/2023 10:20:00 AM

q31 answer should be d i think
FRANCE


vladputin 7/20/2023 5:00:00 AM

is this real?
UNITED STATES


Nick W 9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it
Anonymous


Naveed 8/28/2023 2:48:00 AM

good questions with simple explanation
UNITED STATES


cert 9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s
Anonymous


Yves 8/29/2023 8:46:00 PM

very inciting
Anonymous


Miguel 10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;
SPAIN


Byset 9/25/2023 12:49:00 AM

it look like real one
Anonymous


Debabrata Das 8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps
Anonymous


nITA KALE 8/22/2023 1:57:00 AM

i need dumps
Anonymous


CV 9/9/2023 1:54:00 PM

its time to comptia sec+
GREECE


SkepticReader 8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
UNITED STATES


Nabin 10/16/2023 4:58:00 AM

helpful content
MALAYSIA


Blessious Phiri 8/15/2023 3:19:00 PM

oracle 19c is complex db
Anonymous


Sreenivas 10/24/2023 12:59:00 AM

helpful for practice
Anonymous


Liz 9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.
UNITED STATES


Namrata 7/15/2023 2:22:00 AM

helpful questions
Anonymous


lipsa 11/8/2023 12:54:00 PM

thanks for question
Anonymous


Eli 6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
EUROPEAN UNION


open2exam 10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?
Anonymous


Gerald 9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
UNITED STATES


ryo 9/10/2023 2:27:00 PM

very helpful
MEXICO


Jamshed 6/20/2023 4:32:00 AM

i need this exam
PAKISTAN