The Cisco ESA is processing many messages that are sent to invalid recipients. To reduce this excessive processing, an engineer is preparing to use LDAP for recipient verification. Which two steps are required to accomplish this task? (Choose two.)
A.
Configure LDAP server profiles.
B.
Enable external LDAP authentication.
C.
Configure the LDAP query.
D.
Enable LDAP authentication on a listener.
E.
Configure incoming mail policy to query LDAP server.
A and C are Correct.
Directory Harvest Attack Prevention within the SMTP Conversation
You can prevent DHAs by entering only domains in the Recipient Access Table (RAT), and performing the LDAP acceptance validation in the SMTP conversation.
To drop messages during the SMTP conversation, configure an LDAP server profile for LDAP acceptance. Then, configure the listener to perform an LDAP accept query during the SMTP conversation.
Once you configure LDAP acceptance queries for the listener, you must configure DHAP settings in the mail flow policy associated with the listener.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_011011.html?bookSearch=true#con_1163450
This section is not available anymore. Please use the main Exam Page.300-720 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
hakimbenda
10 months, 2 weeks agoGVKD
10 months, 1 week agoGVKD
10 months, 1 week agoGVKD
10 months, 3 weeks agoGVKD
10 months, 1 week ago