Home > Email & Web Solutions

Email & Web Solutions

September 4th, 2020 Go to comments

Quick summary

Cisco Email Security includes advanced threat protection capabilities to detect, block, and remediate threats faster; prevent data loss; and secure important information in transit with end-to-end encryption.

With Cisco Email Security customers can:
+ Detect and block more threats with superior threat intelligence from Talos.
+ Combat ransomware hidden in attachments that evade initial detection with Cisco Advanced Malware Protection (AMP) and Cisco Threat Grid.
+ Drop emails with risky links automatically or block access to newly infected sites with real-time URL analysis to protect against phishing and BEC.
+ Prevent brand abuse and sophisticated identity-based email attacks with Cisco Domain Protection (CDP) and Cisco Advanced Phishing Protection (CAPP) services.
+ Protect sensitive content in outgoing emails with Data Loss Prevention (DLP) and easy-to-use email encryption, all in one solution.
+ Provide user behavior training with Cisco Security Awareness to help users work smarter and safer.
+ Gain maximum deployment flexibility with a cloud, virtual, on-premises, or hybrid deployment or move to the cloud in phases.

Question 1

Explanation

Protect sensitive content in outgoing emails with Data Loss Prevention (DLP) and easy-to-use email encryption, all in one solution.

Cisco Email Security appliance can now handle incoming mail connections and incoming messages from specific geolocations and perform appropriate actions on them, for example:
– Prevent email threats coming from specific geographic regions.
– Allow or disallow emails coming from specific geographic regions.

Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_00.html

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Explanation

Cisco Hybrid Email Security is a unique service offering that combines a cloud-based email security deployment with an appliance-based email security deployment (on premises) to provide maximum choice and control for your organization. The cloud-based infrastructure is typically used for inbound email cleansing, while the on-premises appliances provide granular control – protecting sensitive information with data loss prevention (DLP) and encryption technologies.

Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf

Question 9

Explanation

Talos’ IP and Domain Data Center is the world’s most comprehensive real-time threat detection network. The data is made up of daily security intelligence across millions of deployed web, email, firewall and IPS appliances. Talos detects and correlates threats in real time using the largest threat detection network in the world spanning web requests, emails, malware samples, open-source data sets, endpoint intelligence, and network intrusions. The Email and Web Traffic Reputation Center is able to transform some of Talos’ data into actionable threat intelligence and tools to improve your security posture.

Question 10

Explanation

There are two possible methods to accomplish the redirection of traffic to Cisco WSA: transparent proxy mode and explicit proxy mode.

In a transparent proxy deployment, a WCCP v2-capable network device redirects all TCP traffic with a destination of port 80 or 443 to Cisco WSA, without any configuration on the client. The transparent proxy deployment is used in this design, and the Cisco ASA firewall is used to redirect traffic to the appliance because all of the outbound web traffic passes through the device and is generally managed by the same operations staff who manage Cisco WSA.

Reference: https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVD-WebSecurityUsingCiscoWSADesignGuide-AUG13.pdf

Question 11

Explanation

Message tracking helps resolve help desk calls by giving a detailed view of message flow. For example, if a message was not delivered as expected, you can determine if it was found to contain a virus or placed in a spam quarantine — or if it is located somewhere else in the mail stream.

Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011110.html

Question 12

Explanation

Cisco Hybrid Secure Email is a unique service offering that combines a cloud-based email security deployment with an appliance-based email security deployment (on premises) to provide maximum choice and control for your organization. The cloud-based infrastructure is typically used for inbound email cleansing, while the on-premises appliances provide granular control – protecting sensitive information with data loss prevention (DLP) and encryption technologies.

Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf

Question 13

Explanation

Cisco Email Security Appliance (ESA) protects the email infrastructure and employees who use email at work by filtering unsolicited and malicious email before it reaches the user. Cisco ESA easily integrates into existing email infrastructures with a high degree of flexibility. It does this by acting as a Mail Transfer Agent (MTA) within the email-delivery chain. Another name for an MTA is a mail relay.

Reference: https://www.cisco.com/c/dam/en/us/td/docs/solutions/SBA/February2013/Cisco_SBA_BN_EmailSecurityUsingCiscoESADeploymentGuide-Feb2013.pdf

Question 14

Question 15

Comments (21) Comments
  1. Anonymous
    September 4th, 2020

    Question 15 should be: B, E. pls advise

  2. micheale
    September 7th, 2020

    please ……………………where can i get these questions

  3. Anonymous
    September 7th, 2020

    Q15: answer is BE, PBR and WCCP

  4. Robsosa
    September 8th, 2020

    Q15 correct is BE.

    Transparent mode: WCCP, PBR or L4-7 redirection.
    Explicit forward mode: Browser config or PAC file.

  5. Ande
    October 14th, 2020

    In which two ways does a system administrator send web traffic transparently to the Web Security Appliance? (Choose two)
    A. configure Active Directory Group Policies to push proxy settings
    B. configure policy-based routing on the network infrastructure
    C. reference a Proxy Auto Config file
    D. configure the proxy IP address in the web-browser settings
    E. use Web Cache Communication Protocol

    Answer: C E

    are these answers correct? “reference a Proxy Auto Config file” is for Explicit mode right?
    any suggestions please..

  6. DnG
    November 2nd, 2020

    In an explicit proxy configuration, the client (browser) is explicitly configured to use a proxy server, meaning the browser knows that all requests will go through a proxy. The browser is given the IP address and port number of the proxy service (the ProxySG). You could also use a Proxy Auto-Configuration (PAC) file to configure the browser to download the proxy settings from a Web server. When a user makes a request, the browser connects to the proxy service and sends the request. The disadvantage to explicit proxy is that each desktop must be properly configured to use the proxy, which might not be feasible in a large organization.

    Transparent Proxy works via WCCP (Web Cache Coordination Protocol) on Cisco ASA.

    Q15 correct is BE.

  7. Kaavi
    November 5th, 2020

    For question 15 I think people are getting confused by Cisco wording tricks. The question doesn’t actually say anything about transparent mode. It says “two ways does a system administrator send web traffic transparently”. It is transparent to the end user if you use WCCP or a PAC file.

  8. Mac
    November 24th, 2020

    Is anyone confident on the answers here? Seems to be uncertainty all over the place on this question. I thought C and E seemed correct.

  9. win
    January 31st, 2021

    q15 BE

  10. bura
    February 12th, 2021

    can anyone please suggest which is right answer for Q 15 C,E or B,E?

  11. WhoCares
    February 20th, 2021

    Q15:

    I am going to go with B and E.

    If it was “transparent to the user to use a PAC file” than the answers would be B,C,D,E because a user could just check the web proxy settings and see that the PAC file added a proxy server to the browser settings.

    WCCP and PBR do give any indication to the user that the proxy server is being used. That is the answer I am going to pick when I take the test.

    Best of luck to everyone.

  12. JxLx
    March 21st, 2021

    Q12 why not C? Both of C or D seem to be right for me:

    Cisco Hybrid Email Security gives you the benefits of Cloud Email Security and provides advanced outbound control of encrypting messages and onsite DLP. This hybrid solution lets you transition to a cloud solution at your own pace.
    Ref: https://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/data-sheet-c78-729751.html

  13. JxLx
    March 21st, 2021

    Q15 agree with B,E.

    In B and E the user could never figure in his/her web client that a proxy is configured. In A,C,D something is configured in the browser (proxy IP address or PAC File).

  14. JxLx
    March 21st, 2021

    Q15, agree on B and E.

    User could not figure that a proxy is being used in his/her web browser with options B and E.
    But on A,C,D something is configured in the web browser (proxy IP address or PAC File), and end user can check it.

  15. securitytut
    March 22nd, 2021

    @all: Thanks for your information, we have just updated Q.15.

  16. grimLord
    November 10th, 2021

    Cannot be C or D because those are not transparent to the user.

  17. Jay
    January 11th, 2023

    @Securitytut
    Question 12

    What is the primary benefit of deploying an ESA in hybrid mode?
    A. You can fine-tune its settings to provide the optimum balance between security and performance for your environment
    B. It provides the lowest total cost of ownership by reducing the need for physical appliances
    C. It provides maximum protection and control of outbound messages
    D. It provides email security while supporting the transition to the cloud

    The correct answer should be – C.

    -Maximum protection by cleansing the messages in the Cloud and Control of outbound messages by DLP and Encryption.

  18. Jay
    January 11th, 2023

    =========Cisco Hybrid Secure Email Overview==========
    Cisco Hybrid Secure Email is a unique service offering that combines a cloud-based email security
    deployment with an appliance-based email security deployment (on premises) to provide maximum
    choice and control for your organization. The cloud-based infrastructure is typically used for inbound
    email cleansing, while the on-premises appliances provide granular control—protecting sensitive
    information with data loss prevention (DLP) and encryption technologies.

    https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf

  19. securitytut
    January 11th, 2023

    @Jay: Thank you for your information, we updated Q12!

  20. Jay
    January 26th, 2023

    Thank you :)

  21. Anonymous
    June 20th, 2023

    Sophos engine? Isn’t it a separate security product?

Add a Comment