Cisco 300-720 SESA: Which action must be taken on Cisco ESA to prevent spammers send emails with recipient field filled with possible combinations of letters and numbers

Question

Spammers routinely try to send emails with the recipient field filled with a list of all possible combinations of letters and numbers. These combinations, appended with a company’s domain name are malicious attempts at learning all possible valid email addresses. Which action must be taken on a Cisco ESA to prevent this from occurring?

A. Quarantine external authentication queries.
B. Enable end user safelist features.
C. Perform LDAP acceptance validation.
D. Select the SMTP Authentication Query checkbox.

Answer

C. Perform LDAP acceptance validation.

Explanation

The answer is C. To prevent spammers from learning all possible valid email addresses by sending emails with the recipient field filled with a list of all possible combinations of letters and numbers, you need to perform LDAP acceptance validation on your Cisco ESA.

LDAP acceptance validation is a feature that allows you to configure your Cisco ESA to only accept emails from senders that are listed in your LDAP directory. This means that if a spammer sends an email with the recipient field filled with a list of all possible combinations of letters and numbers, their email will be rejected by your Cisco ESA because their sender IP address will not be listed in your LDAP directory.

The other options are incorrect. Option A is incorrect because quarantining external authentication queries will not prevent spammers from sending emails with the recipient field filled with a list of all possible combinations of letters and numbers. Option B is incorrect because enabling end user safelist features will only prevent users from receiving emails from senders that are not on their safelist. Option D is incorrect because selecting the SMTP Authentication Query checkbox will only allow you to see the IP address of the sender of an email.

Here are some additional details about LDAP acceptance validation on Cisco ESA:

• To configure LDAP acceptance validation, you need to create an LDAP directory and add the IP addresses of your trusted senders to the directory.
• Once you have created the LDAP directory and added the IP addresses of your trusted senders, you need to configure your Cisco ESA to use the LDAP directory for acceptance validation.
• If you do not configure your Cisco ESA to use LDAP acceptance validation, then all emails will be accepted, regardless of the sender IP address.

Reference

• How to use LDAP Accept Query to validate the recipients of inbound messages using Microsoft Active Directory (LDAP)? – Cisco
• User Guide for AsyncOS 12.0 for Cisco Email Security Appliances – GD (General Deployment) – LDAP Queries [Cisco Secure Email Gateway] – Cisco
• How do you use LDAP Accept Query to validate the sender of relayed messages? – Cisco
• Cisco Email Security Appliance (ESA) Anti-Spam Efficacy Checklist – Cisco
• Detect and Prevent Email Spoofing – Cisco
• Block a Malicious or Problem Sender on the ESA – Cisco
• ESA DHAP Feature Enablement – Cisco

Securing Email with Cisco Email Security Appliance (300-720 SESA) certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Securing Email with Cisco Email Security Appliance (300-720 SESA) exam and earn Securing Email with Cisco Email Security Appliance (300-720 SESA) certification.