An email administrator is setting up a new Cisco ESA. The administrator wants to enable the blocking of greymail for the end user. Which feature must the administrator enable first?
For grey zones is the Reputation Filter (C) relevant based on this:
https://www.ironportstore.com/Reputation-Filters.asp?srsltid=AfmBOor9GVrvYe3YVBa8qgMN2H3vQMfzRVEzX2wo4sVXUjP7U33but3_
https://www.ironportstore.com/datasheets/datasheet-email-security-advanced.pdf?srsltid=AfmBOopqQoXF_ov5ijtm3LjpA9THOCBj6hc4Nc0doMWZnkgP1680VO35
"Requirements for Graymail Detection and Safe Unsubscribing
For graymail detection, anti-spam scanning must be enabled globally. This can be either the IronPort Anti-Spam, the Intelligent Multi-Scan feature, or Outbreak Filters"
To effectively block greymail for end users on a Cisco ESA (Email Security Appliance), the administrator should enable the "IP Reputation Filtering" feature. Greylisting is a technique used to combat spam emails by temporarily rejecting emails from unknown senders. IP Reputation Filtering helps in identifying and blocking emails from sources with poor reputation scores, which often includes sources associated with sending spam or greymail. Therefore, by enabling IP Reputation Filtering, the administrator can effectively block greymail for end users. So the correct answer is:
The Intelligent Multi-Scan feature enhances the scanning capabilities of the Cisco ESA by utilizing multiple AV engines and advanced analysis techniques to identify and block various types of threats - including malware, viruses, and phishing emails. While it may help in detecting and blocking graymail to an extent, it's not specifically designed for that purpose.
To effectively block graymail, which typically involves emails from sources with poor reputation scores but may not necessarily contain malware or other malicious content, enabling the IP Reputation Filtering feature would be more suitable. IP Reputation Filtering helps to identify and block emails from sources with known poor reputations - which often includes sources associated with graymail.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa15-0/user_guide/b_ESA_Admin_Guide_15-0/b_ESA_Admin_Guide_12_1_chapter_0101.html
Read the section "How Sender IP Reputation Filters Works"
It is A - specifically designed for that - Greymail engine. Issue of your statements is in understanding what greymail is.
Overview of Graymail - as per link
Graymail messages are messages that do not fit the definition of spam, for example, newsletters, mailing list subscriptions, social media notifications, and so on. These messages were of use at some point in time, but have subsequently diminished in value to the point where the end user no longer wants to receive them.
The difference between graymail and spam is that the end user intentionally provided an email address at some point (for example, the end user subscribed to a newsletter on an e-commerce website or provided contact details to an organization during a conference) as opposed to spam, messages that the end user did not sign up for.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-5-1/user_guide/b_ESA_Admin_Guide_13-5-1/b_ESA_Admin_Guide_12_1_chapter_01110.html#id_101033
Answer 'A' is correct:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjbkeqf2uD7AhUESuUKHTnDDrMQFnoECCQQAQ&url=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fsecurity%2Fesa%2Fesa11-0%2Fuser_guide%2Fb_ESA_Admin_Guide%2Fb_ESA_Admin_Guide_chapter_01101.pdf&usg=AOvVaw2y8Tk0duu03elkbSJ45LZP
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Premium_Pils
2 days, 7 hours agoHappy_Shepherd26
1 month, 1 week agoDRooz
6 months, 3 weeks agoTthurston1
7 months, 2 weeks agoTthurston1
7 months, 2 weeks agoRododendron2
6 months, 3 weeks agoluisseijuro
1 year, 10 months agoNoUserName1234
2 years ago