Exam 350-701 topic 1 question 473 discussion

ESA - Email Umbrella - DNS/URL Block.. B&C is correct

B. using Cisco Umbrella C. using Cisco ESA

B & C is correct: The following are the benefits of deploying Cisco Advanced Phishing Protection on the Cisco Email Security Gateway (ESA): Prevents the following: Attacks that use compromised accounts and social engineering. Phishing, ransomware, zero-day attacks and spoofing. BEC with no malicious payload or URL. Cisco Umbrella protects users from accessing malicious domains by proactively analyzing and blocking unsafe destinations – before a connection is ever made. Thus it can protect from phishing attacks by blocking suspicious domains when users click on the given links that an attacker sent.

The answer is B & C The following are the benefits of deploying Cisco Advanced Phishing Protection on the Cisco Email Security Gateway (ESA): Prevents the following: + Attacks that use compromised accounts and social engineering. + Phishing, ransomware, zero-day attacks and spoofing. + BEC with no malicious payload or URL. Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-5/user_guide/b_ESA_Admin_Guide_13-5/m_advanced_phishing_protection.html Cisco Umbrella protects users from accessing malicious domains by proactively analyzing and blocking unsafe destinations – before a connection is ever made. Thus it can protect from phishing attacks by blocking suspicious domains when users click on the given links that an attacker sent.

BE: Cisco Email Security Appliance (ESA) is an email security solution that provides protection against spam, phishing, malware, and other email-borne threats. While it can be an effective tool for preventing employees from receiving phishing emails, it does not provide the same level of protection as Umbrella and FTD. Umbrella is a cloud-based security service that provides protection against phishing and other types of internet-based threats by blocking access to known malicious domains and IP addresses, and FTD is a next-generation firewall that integrates advanced threat protection capabilities, such as intrusion prevention (IPS), advanced malware protection (AMP), and URL filtering. These two solutions focus on the network level, providing the first line of defense and blocking the phishing website before it reaches the employees. While ESA focus on the email level, it can detect and block malicious emails, but it doesn't protect the device from visiting a malicious website.

I prefer B,C

ESA and Umbrella should be the answer.

I would go for B and C, according to the links below: https://trustportal.cisco.com/c/dam/r/ctp/docs/privacydatasheet/security/cisco-advanced-phishing-privacy-data-sheet.pdf https://umbrella.cisco.com/trends-threats/how-to-stop-and-block-phishing-attacks