web analytics
  • RSS

  • Polls

    What Cisco Cert Are You Currently Studying?

    View Results

    Loading ... Loading ...
  • Search on CiscoBibles

  • Popular Posts

  • Recent Comments

  • Archives

  • « | Main | »

    [Free-Dumps] Testing PassLeader 650-153 Exam Questions and Answers To 100% Pass 650-153 Exam (Question 11 – Question 40)

    By admin | December 23, 2016

    New Updated 650-153 Exam Questions from PassLeader 650-153 PDF dumps! Welcome to download the newest PassLeader 650-153 VCE dumps: http://www.passleader.com/650-153.html (113 Q&As)

    Keywords: 650-153 exam dumps, 650-153 exam questions, 650-153 VCE dumps, 650-153 PDF dumps, 650-153 practice tests, 650-153 study guide, 650-153 braindumps, Cisco Email Security Field Engineer Specialist (ESFE) Exam

    p.s. Free 650-153 dumps download from Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpQUt3UnhsblFiUW8

    QUESTION 11
    In a "one armed installation" using a single listener, how would the system differentiate between incoming and outgoing email?

    A.    Mail flow direction is determined by using the source IP address.
    B.    Mail flow direction is determined by the type of listener, public verses private.
    C.    Mail flow direction is determined by the "Recipient to" field in the SMTP envelope.
    D.    Mail flow direction is determined by the "Mail From" field in the SMTP envelope.

    Answer: A

    QUESTION 12
    You are performing a test of the IronPort Anti-Spam engine. In order to trigger the anti-spam engine for suspect spam, what is the value of the x-advertisement header needs to be added to the message? Enter the string in lowercase ____.

    Answer:
    spam

    QUESTION 13
    One of the items on the Pre-Install Worksheet is "Base DN". Which of the following sections in the work sheet contains this item?

    A.    Network Settings
    B.    Firewall Rules
    C.    Mail Information
    D.    Authentication

    Answer: D

    QUESTION 14
    A new C-160 has been delivered and needs to be configured. What subnet and C-Series interface does your laptop need to be configured on?

    A.    Data 2 192.168.10.0/24
    B.    Data l 192.168.42.0/24
    C.    Data 2 192168.42.0/24
    D.    Data l 192.168.10.0/24

    Answer: B

    QUESTION 15
    Your customer has several DLP policies enabled such that policy order effects the operation. In which menu is the order of the DLP policies changed?

    A.    Mail Policies > DLP Policy Manager, edit policy order
    B.    Security Settings > RSA DLP > edit policy order
    C.    Mail Policies > Outgoing Mail Policies > DLP, edit order
    D.    Mail Policies > Mailflow policies, edit policy order

    Answer: A

    QUESTION 16
    Drag and Drop question
    Match only the following default sender groups with their default senderbase reputation scores.

    Answer:

    QUESTION 17
    At what point in the SMTP conversation can the SMTP client send message headers?

    A.    Between MAIL FROM and RCPT TO
    B.    Between RCPT TO and DATA
    C.    Between DATA and a period "." on a single line
    D.    Between HELO and MAIL FROM

    Answer: C

    QUESTION 18
    In the default settings, which of the following sender groups will match on a reputation score of +2?

    A.    SUSPECTLIST
    B.    BLACKLIST
    C.    RELAYUST
    D.    UNKNOWNUST
    E.    WHITEUST

    Answer: D

    QUESTION 19
    Which of the following types of DNS records deals with mail delivery for a specific domain?

    A.    TXT
    B.    MX
    C.    PTR
    D.    A

    Answer: B

    QUESTION 20
    By default, how do Outbreak filters avoid quarantining false positives?

    A.    All false positives must be quarantined until a Virus signature is received so that they can be checked.
    B.    False positives are released as updates provide a better description of suspected attachment.
    C.    Positive matches are not quarantined. They are dropped.
    D.    False positives do not occur as the Anti-Virus engine will check the signature against the incoming mail.
    Only positive matches against the signature are quarantined for checking later on.

    Answer: B

    QUESTION 21
    Drag and Drop question
    Order the following (applicable) steps so that McAfee is enabled as the second of two anti-virus engines. Assume that this follows the system setup wizard.

    Answer:

    QUESTION 22
    How does a customer report spam that gets through the C-Series appliance? (Choose two.)

    A.    Send the spam as an attachment in RFC 822 format to [email protected]
    B.    Use the Submission plugin to submit this email back to IronPort
    C.    Open a case for this problem and attach the spam to an RFC 822 format
    D.    Send the spam as an attachment in RFC 822 format to [email protected]

    Answer: AB

    QUESTION 23
    During system setup, how are scheduled reports handled?

    A.    By default scheduled reports are sent to the alert recipient specified in the system setup.
    B.    Scheduled reports are only configured after system setup.
    C.    The recipient for scheduled reports can be different than the alert recipient and scheduled reports can be configured during system setup or afterwards.

    Answer: B

    QUESTION 24
    When saving a configuration file that will be reloaded into the appliance, which one of the following must be changed before saving?

    A.    Unmask the password strings
    B.    Shut down the mail listeners
    C.    Clustered systems must be un-clustered
    D.    Feature key strings must be recorded

    Answer: A

    QUESTION 25
    Drag and Drop question
    The following ate steps for registering a Recipient with CRES. Place them in the correct order.

    Answer:

    QUESTION 26
    By default a domain that falls into either of two sender groups, in the following list, will have its messages tagged for both Anti-spam and Anti-virus scanning. Which two sender groups are these? (Choose two.)

    A.    Unknown List
    B.    White List
    C.    Black List
    D.    Suspect List
    E.    Relay List

    Answer: AD

    QUESTION 27
    Which one of the following will allow an administrator to view sensitive compliance information, such as a credit card number, that has triggered a DLP filter?

    A.    mail logs
    B.    Scheduled DLP Reports 4
    C.    Message Tracking
    D.    Policy Quarantine

    Answer: B

    QUESTION 28
    Drag and Drop question
    Instructions:
    Click the button labeled Select, it will change color to light green. Next, click on the area of the picture which corresponds to the selected answer, the button will change back to white and a small check-mark will appear next to the answer indicating that you have selected. You wish to change your selection for one of the areas, click the button labeled Deselect, this will remove the area that you previously selected.

    Answer:

    QUESTION 29
    Drag and Drop question
    Instructions:
    Click the button labeled Select, "t will change color to light green. Nert, click on the area of the picture which corresponds to the selected answer, the button will change back to white and a small check-mark will appear next to the answer indicating that you have selected.

    Answer:

    QUESTION 30
    You need to create an outgoing content filter to perform footer stamping for members of the finance group. The picture shows the Add Condition menu and the LDAP directory. What attribute value needs to be ENTERED in the Add Condition menu?

    Answer:
    Please use the following link to get the answer of this task.
    http://www.cisco.com/en/US/docs/security/esa/esa7.0/getting_started/ESA_7.0.1_GA_Getting_Started_Guide.pdf (Page 51)
    http://www.cisco.com/en/US/docs/security/esa/esa7.1/config_guide/ESA_7.1.1_Configuration_Guide.pdf (Page 416, Page 455-663)
    https://supportforums.cisco.com/thread/1000592

    QUESTION 31
    You need to verify SMTP access to a newly installed C-160. Perform telnet to the appliance from a Linux shell outside of the enterprise. Enter the command string, as you would in this Linux shell. Include the appropriate port number.

    Answer:
    Please use the following link to get the answer of this task.
    http://www.cisco.com/en/US/docs/security/esa/esa7.1/cli_guide/ESA_7.1_FCS_CLI_Reference_G uide.pdf (Page 32)

    QUESTION 32
    Where we usually find the 3xx message?

    A.    EHLO
    B.    Mail From
    C.    Rcpt to
    D.    Data

    Answer: D

    QUESTION 33
    After LDAP accept is enabled, what is the best solution to prevent directory harvest attacks?

    A.    Specify all of the legitimate mailbox addresses in the RAT.
    B.    Modify the default mail flow policy.
    C.    Create an access list as a content dictionary and match this resource, with a content filter, against incoming emails.
    D.    Create an access list as a content dictionary and match this resource, with a message filter, against incoming emails.

    Answer: B

    QUESTION 34
    Your customer has the default spam settings on their appliance. They need an immediate reduction in missed spam, but without increasing their false positive rate. How should you advise them?

    A.    In the HAT settings, increase the SBRS threshold for the BLACKLIST sender group.
    B.    Advise their end users to use the spam plugin or send false negatives samples to [email protected].
    C.    Enable Marketing Mail Detection.
    D.    Enable Intelligent Multi-Scan

    Answer: D

    QUESTION 35
    Which of the following are best practice techniques when deploying content filters? (Choose two.)

    A.    Use the trace tool whenever possible.
    B.    Apply the filter in a test mail policy that contains one mailbox sender or recipient.
    C.    Run the ‘filter test menue’ before applying it to any mail policy.
    D.    Add an action to bcc all matches to your admin account.

    Answer: BC

    QUESTION 36
    Which of the following security features are enabled for incoming mail by default? (Choose three.)

    A.    bounce verification
    B.    IronPort Anti-Spam
    C.    Sophos Anti-Virus
    D.    McAfee Anti-Virus
    E.    Outbreak filters

    Answer: E

    QUESTION 37
    Of the following which one is enabled by default on the C-Series?

    A.    Local Reporting
    B.    Local Message tracking
    C.    Encryption
    D.    Bounce Verification

    Answer: D

    QUESTION 38
    In the C-160’s factory default configuration, which interface has ssh enabled by default on the 192.168.42.42 address?

    A.    Data 2
    B.    Data 1
    C.    None. SSH must be first enabled through the console
    D.    Management

    Answer: B

    QUESTION 39
    Refer to the exhibit. Based on the Add Condition menu which of listed file attachments will be matched? (Choose two.)

    A.    A.pdf attachment
    B.    A. msi attachment that has had its file extension changed to .pdf
    C.    A. pdf attachment that has had its file extension changed to .exe
    D.    A. exe attachment

    Answer: BD

    QUESTION 40
    How can C-Series archived reports be retrieved?

    A.    They cannot be retrieved, since the reporting information is deleted and data is collected for the next reporting period
    B.    Archived reports are retrieved by going to ftp://mgmt.<C-Series host name>.com
    C.    Archived reports can be retrieved through the GUI by going to: Monitor > Archived Reports

    Answer: C


    Download the newest PassLeader 650-153 dumps from passleader.com now! 100% Pass Guarantee!

    650-153 PDF dumps & 650-153 VCE dumps: http://www.passleader.com/650-153.html (113 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)

    p.s. Free 650-153 dumps download from Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpQUt3UnhsblFiUW8

             

    Topics: 650-153 Braindumps, 650-153 Exam Dumps, 650-153 Exam Questions, 650-153 PDF Dumps, 650-153 Practice Tests, 650-153 Study Guide, 650-153 VCE Dumps, All Cisco Exam Dumps | No Comments »

    Comments

    You must be logged in to post a comment.