300-720 Question #43: Real Exam Question with Answer & Explanation

The correct answer is B: Configure a filter to use the Forged Email Detection rule and dictionary.. Forged Email Detection is a feature that allows Cisco ESA to detect and block messages that spoof the display names of internal senders in the From header, such as executives or managers, to trick recipients into opening malicious or fraudulent emails. To configure this feature,

Cisco ESA Content Filters and Message Filters

Question

Which two steps configure Forged Email Detection? (Choose two.)

Options

AConfigure a content dictionary with executive email addresses.
BConfigure a filter to use the Forged Email Detection rule and dictionary.
CConfigure a filter to check the Header From value against the Forged Email Detection dictionary.
DEnable Forged Email Detection on the Security Services page.
EConfigure a content dictionary with friendly names.

Explanation

Forged Email Detection is a feature that allows Cisco ESA to detect and block messages that spoof the display names of internal senders in the From header, such as executives or managers, to trick recipients into opening malicious or fraudulent emails. To configure this feature, two steps Configure a content dictionary with friendly names of internal senders that should not appear in the From header of external messages, such as Alpha Beta or John Smith. Configure a filter to use the Forged Email Detection rule and dictionary, which will compare the display name in the From header of incoming messages with the entries in the content dictionary, and apply the configured action if a match is found.

Topics

#Forged Email Detection#Content Dictionaries#Content Filters

Community Discussion

No community discussion yet for this question.

Full 300-720 Practice Browse All 300-720 Questions