Table of Contents
Question
An administrator notices that incoming emails with certain attachments do not get delivered to all recipients when the emails have multiple recipients in different domains like cisco.com and test.com. The same emails when sent only to recipients in cisco.com are delivered properly. How must the Cisco ESA be configured to avoid this behavior?
A. Modify DLP configuration to ensure that all attachments are permitted for test.com.
B. Modify DLP configuration to exempt DLP scanning for messages sent to test.com domain.
C. Modify mail policies so email recipients do not match multiple policies.
D. Modify mail policies for cisco.com to ensure that emails are not dropped.
Answer
B. Modify DLP configuration to exempt DLP scanning for messages sent to test.com domain.
Explanation
The correct answer is B. Modify DLP configuration to exempt DLP scanning for messages sent to test.com domain.
The explanation is as follows:
The scenario describes a situation where incoming emails with attachments are not being fully delivered when they have recipients in multiple domains (cisco.com and test.com). But the same emails to just cisco.com recipients are delivered properly.
This indicates that the Cisco ESA appliance has some DLP (Data Loss Prevention) policy configured which is blocking the delivery to test.com recipients. The DLP policy may flag the attachments as sensitive and block delivery to external domains.
Since cisco.com is an internal domain, emails to those recipients pass the DLP check. But test.com is an external domain, so the emails to those recipients fail the DLP check and get blocked.
To fix this, we need to exempt emails to test.com from DLP scanning, so that attachments are always delivered to those recipients. This can be done by:
B. Modifying the DLP configuration to exempt the test.com domain from DLP scanning. This will allow the emails to bypass the DLP checks and be delivered to test.com recipients.
The other options are incorrect:
A. Simply permitting all attachments will not fix the issue. DLP exemption based on domain is needed.
C. Mail policies based on recipient domains are correct, but DLP exemption is also required.
D. Modifying cisco.com policies will not help deliver emails to test.com recipients.
So in summary, exempting the test.com domain from DLP scanning using the Cisco ESA DLP configuration is the required change to ensure emails with attachments are delivered to both cisco.com and test.com recipients.
Reference
- Best Practices Guide for Data Loss Prevention and Encryption – Cisco
- User Guide for AsyncOS 12.0 for Cisco Email Security Appliances – GD (General Deployment) – Data Loss Prevention [Cisco Secure Email Gateway] – Cisco
- DLP Best Practices (cisco.com)
Securing Email with Cisco Email Security Appliance (300-720 SESA) certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Securing Email with Cisco Email Security Appliance (300-720 SESA) exam and earn Securing Email with Cisco Email Security Appliance (300-720 SESA) certification.