Table of Contents
Question
To comply with a recent audit, an engineer must configure anti-virus message handling options on the incoming mail policies to attach warnings to the subject of an email. What should be configured to meet this requirement for known viral emails?
A. Virus Infected Messages
B. Unscannable Messages
C. Encrypted Messages
D. Positively Identified Messages
Answer
A. Virus Infected Messages
Explanation
The correct answer is: A. Virus Infected Messages
To comply with the requirement of attaching warnings to the subject of an email for known viral emails, the engineer should configure the “Virus Infected Messages” handling option on the incoming mail policies of the Cisco Email Security Appliance (ESA).
The “Virus Infected Messages” handling option allows the ESA to take specific actions on emails that are positively identified as carrying known viruses. When the ESA detects a virus in an incoming email, it can modify the subject of the email to include a warning or notification that the message contains a virus. This modification is helpful in alerting the recipient and discouraging them from opening potentially dangerous attachments or links.
By adding a warning to the subject of infected emails, the organization can improve its security posture and prevent users from inadvertently spreading malware by opening infected attachments.
The other options mentioned are not applicable for attaching warnings to the subject of an email for known viral emails:
B. Unscannable Messages: This option is used to handle messages that cannot be scanned or have not been scanned successfully due to various reasons. It is not related to known viral emails and does not involve attaching warnings to the subject.
C. Encrypted Messages: This option deals with handling emails that are encrypted and may require special processing. It is not directly related to known viral emails and does not involve subject warning attachments.
D. Positively Identified Messages: While it might sound relevant, this option is not specific to virus-infected emails. “Positively Identified Messages” refers to messages that have been identified positively based on certain criteria defined in the mail policies. It is a general category and does not focus solely on known viral emails with subject warning attachments.
In conclusion, to meet the requirement of attaching warnings to the subject of an email for known viral emails, the engineer should configure the “Virus Infected Messages” handling option in the incoming mail policies on the Cisco ESA. This helps in improving email security awareness and protecting users from potential virus threats.
Reference
- Best Practice Guide for Anti-Spam, Anti-Virus, Graymail and Outbreak Filters – Cisco
- User Guide for AsyncOS 12.0 for Cisco Email Security Appliances – GD (General Deployment) – Anti-Virus [Cisco Secure Email Gateway] – Cisco
- Anti-Virus (cisco.com)
- Best Practice Guide for Anti-Spam, Anti-Virus, Graymail and Outbreak Filters (cisco.com)
Securing Email with Cisco Email Security Appliance (300-720 SESA) certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Securing Email with Cisco Email Security Appliance (300-720 SESA) exam and earn Securing Email with Cisco Email Security Appliance (300-720 SESA) certification.