B. Provision the email appliance
Provisioning the email appliance, also known as an Email Security Gateway or Email Security Appliance, is a solution for protecting data in transit and adding headers to email messages. The email appliance acts as a security layer between the email servers and the Internet, and provides a range of security features such as encryption, anti-virus, anti-spam, and content filtering. These features help to ensure that emails are transmitted securely, and help to prevent unauthorized access to sensitive information. By provisioning the email appliance, the engineer can add protection for data in transit and have headers in the email message.
A. Deploy an encryption appliance.
Deploying an encryption appliance is the configuration that is needed to add protection for data in transit and have headers in the email message. An encryption appliance encrypts data before it is transmitted over a network, providing protection against eavesdropping and unauthorized access to sensitive information. By deploying an encryption appliance, the engineer can add protection for data in transit and ensure that headers are added to the email message. This solution provides a secure way to transmit data and helps to prevent unauthorized access to sensitive information.
Terrible question by Cisco, but let's get to facts: Encryption Appliances are out of support for almost a decade (were made EoS in 2015). Deploying the Email Appliance allows you to add protection for data in transit as you can encrypt the conversation with TLS and/or even encrypt the data itself with S/MIME. Also, using Content Filtering and other features you are able to add/edit Headers. Therefore I would go with B.
Just looked at this again. I'd stick with B. Question says "Which configuration is needed".
The verb 'deploy' corresponds to adding in something new, like a new device.
The verb 'configure' corresponds to changing something that already exists.
After doing more research I will change my answer to A.
To add protection for data in transit and have headers in the email message, an engineer needs to deploy an encryption appliance. This is discussed on page 1 of the Cisco Email Encryption PDF guide under the section "How to Encrypt Messages with a Local Key Server" and on page 11 under "Inserting Encryption Headers into Messages". Therefore, the correct answer is A. Deploy an encryption appliance.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_010010.pdf
It's B.
To add protection for data in transit and have headers in the email message, you need to insert encryption headers into messages using either a content filter or a message filter. The encryption header can override the encryption settings defined in the associated encryption profile, and it can apply specified encryption features to messages. Therefore, option B (provision the email appliance) is needed to accomplish this goal. Option A (deploy an encryption appliance) may also be necessary depending on your organization's needs. Options C (map sender IP addresses to a host interface) and D (enable flagged message handling) are not directly related to this goal.
The encryption header can override the encryption settings defined in the associated encryption profile, and it can apply specified encryption features to messages.
AsyncOS supports using encryption to secure inbound and outbound email. To use this feature, you create an encryption profile that specifies characteristics of the encrypted message and connectivity information for the key server. The key server may either be:
The Cisco Registered Envelope Service (managed service
), or
An Cisco Encryption appliance (locally managed server)
😜it should b (A) as to locally manage one must first deploy it.
A is correct.
WSA: " AsyncOS enables you to add encryption settings to a message by inserting an SMTP HEADER into a message using either a content filter or a message filter. The encryption header can override the encryption settings defined in the associated encryption profile, and it can apply specified encryption features to messages.
NOTE: The Cisco Ironport ENCRYPTION APPLIANCE must be set up to handle flagged messages."
As question states that headers are already in the email messages, we need only Encryption Appliance to do its work.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_010010.html#task_1146822
The Cisco IronPort Encryption Appliance is now obsolete (past End-of-Life and End-of-Support status).
End-of-Sale Date: 2012-07-19
End-of-Support Date: 2015-07-31
=> Either this question is outdated since almost 10 years or this functionality is somehow merged in the ESA itself.
upvoted 3 times
...
...
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
sull3y
Highly Voted 2 years, 2 months agosull3y
2 years, 2 months agoBasuso
Most Recent 5 months, 3 weeks agocristip
1 year, 4 months agojku2cya
1 year, 9 months agojku2cya
1 year, 9 months agoKromwall
1 year, 11 months agoKromwall
1 year, 11 months agoachille5
2 years, 1 month agoachille5
2 years agostalkr3
2 years agostalkr3
2 years agoCCNP21
2 years, 3 months agoEmlia1
2 years, 4 months ago4000000
2 years, 5 months agoNikoNiko
2 years, 9 months agoFortiSherlock
2 years, 8 months ago