Updated 300-720 Dumps (V11.02) 2026 for SESA Eam Preparation: Start with 300-720 Free Dumps (Part 1, Q1-Q40)

Are you preparing for the Securing Email with Cisco Secure Email Gateway (300-720 SESA) exam? As a concentration exam for the borader CCNP Security track, it is designed to validate expertise in deploying, configuring, and managing Cisco’s enterprise email security solutions. To help you prepare well and understand all the exam topics deeply, DumpsBase updated the 300-720 dumps to V11.02, aligned with the latest changes of Securing Email with Cisco Secure Email Gateway (SESA) exam objectives. We have 190 questions and answers in V11.02, which are actual and up-to-date to help you master the Cisco SESA 300-720 exam content efficiently and confidently. Using these updated 300-720 dumps (V11.02), you can gain in-depth knowledge and practice with scenarios they will encounter on the actual exam, ensuring both exam readiness and professional growth. More, we have free dumps, which are a free demo of 300-720 dumps (V11.02). You can start with the first part to access quality before downloading.

Cisco 300-720 free dumps (Part 1, Q1-Q40) of V11.02 are below to help you check the SESA exam questions:

1. Which attack is mitigated by using Bounce Verification?

spoof

denial of service

eavesdropping

smurf

2. Which setting affects the aggressiveness of spam detection?

protection level

spam threshold

spam timeout

maximum depth of recursion scan

3. What is the maximum message size that can be configured for encryption on the Cisco ESA?

20 MB

25 MB

15 MB

30 MB

4. Which action on the Cisco ESA provides direct access to view the safelist/blocklist?

Show the SLBL cache on the CL

Monitor Incoming/Outgoing Listener.

Export the SLBL to a .csv file.

Debug the mail flow policy.

5. When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)

DKIM

Public Keys

Domain Keys

Symmetric Keys

Private Keys

6. Which two query types are available when an LDAP profile is configured? (Choose two.)

proxy consolidation

user

recursive

group

routing

7. A network administrator is modifying an outgoing mail policy to enable domain protection for the organization. A DNS entry is created that has the public key.

Which two headers will be used as matching criteria in the outgoing mail policy? (Choose two.)

message-ID

sender

URL reputation

from

mail-from

8. Email encryption is configured on a Cisco ESA that uses CRES.

Which action is taken on a message when CRES is unavailable?

It is requeued.

It is sent in clear text.

It is dropped and an error message is sent to the sender.

It is encrypted by a Cisco encryption appliance.

9. What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?

provisioned email encryption profile

message encryption from a content filter that select "Message Encryption" over TLS

message encryption from the mail flow policies with "CRES" selected

content filter to forward the email to the Cisco Registered Envelope server

10. Which two certificate authority lists are available in Cisco ESA? (Choose two.)

default

system

user

custom

demo

11. An analyst creates a new content dictionary to use with Forged Email Detection.

Which entry will be added into the dictionary?

mycompany.com

Alpha Beta

^Alpha Beta$

[email protected]

12. Which benefit does enabling external spam quarantine on Cisco SMA provide?

ability to back up spam quarantine from multiple Cisco ESAs to one central console

access to the spam quarantine interface on which a user can release, duplicate, or delete

ability to scan messages by using two engines to increase a catch rate

ability to consolidate spam quarantine data from multiple Cisco ESA to one central console

13. Which two components must be configured to perform DLP scanning? (Choose two.)

Add a DLP policy on the Incoming Mail Policy.

Add a DLP policy to the DLP Policy Manager.

Enable a DLP policy on the Outgoing Mail Policy.

Enable a DLP policy on the DLP Policy Customizations.

Add a DLP policy to the Outgoing Content Filter.

14. What are two prerequisites for implementing undesirable URL protection in Cisco ESA? (Choose two.)

Enable outbreak filters.

Enable email relay.

Enable antispam scanning.

Enable port bouncing.

Enable antivirus scanning.

15. Refer to the exhibit.





Which SPF record is valid for mycompany.com?

v=spf1 a mx ip4:199.209.31.2 -all

v=spf1 a mx ip4:10.1.10.23 -all

v=spf1 a mx ip4:199.209.31.21 -all

v=spf1 a mx ip4:172.16.18.230 -all

16. Which two are configured in the DMARC verification profile? (Choose two.)

name of the verification profile

minimum number of signatures to verify

ESA listeners to use the verification profile

message action into an incoming or outgoing content filter

message action to take when the policy is reject/quarantine

17. Which two steps configure Forged Email Detection? (Choose two.)

Configure a content dictionary with executive email addresses.

Configure a filter to use the Forged Email Detection rule and dictionary.

Configure a filter to check the Header From value against the Forged Email Detection dictionary.

Enable Forged Email Detection on the Security Services page.

Configure a content dictionary with friendly names.

18. When virtual gateways are configured, which two distinct attributes are allocated to each virtual gateway address? (Choose two.)

domain

IP address

DNS server address

DHCP server address

external spam quarantine

19. Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

Uncheck the Enable Spam Quarantine check box.

Select Monitor and click Spam Quarantine.

Check the External Safelist/Blocklist check box.

Select External Spam Quarantine and click on Configure.

Select Security Services and click Spam Quarantine.

20. An engineer is testing mail flow on a new Cisco ESA and notices that messages for domain abc.com are stuck in the delivery queue. Upon further investigation, the engineer notices that the messages pending delivery are destined for 192.168.1.11, when they should instead be routed to 192.168.1.10.

What configuration change needed to address this issue?

Add an address list for domain abc.com.

Modify Destination Controls entry for the domain abc.com.

Modify the SMTP route for the domain and change the IP address to 192.168.1.10.

Modify the Routing Tables and add a route for IP address to 192.168.1.10.

21. Which type of attack is prevented by configuring file reputation filtering and file analysis features?

denial of service

zero-day

backscatter

phishing

22. When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?

Enabling the End-User Safelist/Blocklist feature

Spam Quarantine External Authentication Query

Spam Quarantine End-User Authentication Query

Spam Quarantine Alias Consolidation Query

23. DRAG DROP

Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.

24. Which two actions are configured on the Cisco ESA to query LDAP servers? (Choose two.)

accept

relay

delay

route

reject

25. Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?

Designate as the active query

Update Frequency

Server Priority

Entity ID

26. A Cisco ESA administrator has several mail policies configured. While testing policy match using a specific sender, the email was not matching the expected policy.

What is the reason of this?

The Tram* header is checked against all policies in a top-down fashion.

The message header with the highest priority is checked against each policy in a top-down fashion.

The To" header is checked against all policies in a top-down fashion.

The message header with the highest priority is checked against the Default policy in a top-down fashion.

27. Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

Set up the interface group with the flag.

Issue the altsrchost command.

Map the envelope sender address to the host.

Apply a filter on the message.

28. Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?

end user allow list

end user spam quarantine access

end user passthrough list

end user safelist

29. Which SMTP extension does Cisco ESA support for email security?

ETRN

UTF8SMTP

PIPELINING

STARTTLS

30. How does the graymail safe unsubscribe feature function?

It strips the malicious content of the URI before unsubscribing.

It checks the URI reputation and category and allows the content filter to take an action on it.

It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.

31. When URL logging is configured on a Cisco ESA, which feature must be enabled first?

antivirus

antispam

virus outbreak filter

senderbase reputation filter

32. Refer to the exhibit.





An engineer is trying to connect to a Cisco ESA using SSH and has been unsuccessful. Upon further inspection, the engineer notices that there is a loss of connectivity to the neighboring switch.

Which connection method should be used to determine the configuration issue?

Telnet

HTTPS

Ethernet

serial

33. Which type of query must be configured when setting up the Spam Quarantine while merging notifications?

Spam Quarantine Alias Routing Query

Spam Quarantine Alias Consolidation Query

Spam Quarantine Alias Authentication Query

Spam Quarantine Alias Masquerading Query

34. Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

load balancing

SLA monitor

active-standby

failover

active-active

35. Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

The filters command executed from the CLI is used to configure the message filters.

Message filters configuration within the web user interface is located within Incoming Content Filters.

The filterconfig command executed from the CLI is used to configure message filters.

Message filters can be configured only from the CL

Message filters can be configured only from the web user interface.

36. DRAG DROP

An Encryption Profile has been set up on the Cisco ESA.

Drag and drop the steps from the left for creating an outgoing content filter to encrypt emails that contains the subject "Secure:" into the correct order on the right.

37. What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?

8025

6443

6025

8443

38. Which action must be taken before a custom quarantine that is being used can be deleted?

Delete the quarantine that is assigned to a filter.

Delete the quarantine that is not assigned to a filter.

Delete only the unused quarantine.

Remove the quarantine from the message action of a filter.

39. Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

Set up the interface group with the flag.

Issue the altsrchost command.

Map the envelope sender address to the host.

Apply a filter on the message.

40. Refer to the exhibit.





How should this configuration be modified to stop delivering Zero Day malware attacks?

Change Unscannable Action from Deliver As Is to Quarantine.

Change File Analysis Pending action from Deliver As Is to Quarantine.

Configure mailbox auto-remediation.

Apply Prepend on Modify Message Subject under Malware Attachments.

 Loading...