The global setting that is configured under Cisco ESA Scan Behavior is the actions for unscannable messages due to attachment type. This setting allows the administrator to specify what action to take when a message contains an attachment that cannot be scanned by the appliance, such as encrypted or password-protected files. The possible actions are:

Deliver - Deliver the message normally.

Drop - Drop the message silently without notifying the sender or recipient.

Quarantine - Quarantine the message in a specified policy quarantine.

Bounce - Bounce the message back to the sender with a specified reason.

Configuring DomainKeys and DKIM Signing:

-Signing Keys

-Public Keys

-Domain Profiles

Creating Domain Profiles:

Step 1

-Choose Mail Policies > Signing Profiles.

Step 2

-In the Domain Signing Profiles section, click Add Profile.

https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_1 4-0/b_ESA_Admin_Guide_12_1_chapter_010110.html?bookSearch=true

Relay is the connection behavior that must be selected to properly process the messages. Relay allows Cisco ESA to accept messages from the specified source and deliver them to the intended destination, without applying any content or reputation filters.

To configure a mail flow policy with relay connection behavior on Cisco ESA, the administrator can follow these steps:

Select Mail Policies > Mail Flow Policies and click Add Policy.

Enter a name and description for the mail flow policy, such as Exchange Outbound.

Under Connection Behavior, select Relay.

Click Submit.

The other options are not valid connection behaviors to properly process the messages, because they either reject, delay, or accept the messages with content or reputation filters applied.

End user safelist is a feature that allows end users to specify email addresses or domains that they want to receive messages from, regardless of the spam verdict or action assigned by Cisco ESA. Messages from senders on the end user safelist are delivered to the end user’s inbox without any spam filtering.

To enable LDAP recipient verification on a Cisco Secure Email Gateway appliance, you need to configure the LDAP query on a listener and configure LDAP server profiles. The LDAP query specifies the criteria for matching recipient addresses against an LDAP directory.  The LDAP server profile defines the connection settings and authentication credentials for accessing an L DAP server 2 . References =  User Guide for AsyncOS 12.0 for Cisco Email Sec urity Appliances - GD (General Deployment) - Configuring LDAP Queries [Cisco Secure Email Gateway] - Cisco

Content filter is a component on a Cisco Secure Email Gateway that must be configured to catch attachments, including credit card numbers, and hold them for review until further action is taken. Content filter allows you to define rules based on message content and apply actions such as quarantine, encrypt, or modify. References = [User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (Gene ral Deployment) - Content Filters [Cisco Secure Email Gateway] - Cisco]

According to the  User Guide for Cisco Secure Email Encryption Service Add-In 1 , the ‘Use-Script’ option allows you to use JavaScript in the encrypted message envelope. This option is enabled by default, but you can disable it if you want to send encrypted messages to recipients who have security policies that block JavaScript attachments[ 2 , p. 14].

The other options are not valid because:

A.  Inserting the X-PostX-Use-Script header with a value of false to the encrypted messages is not a supported feature of the Cisco Secure Email Encryption Service Add-in 1 .

B. Selecting JavaScript-free option within the Cisco Secure Email Encryption Service Add-in is not a valid option.  The add-in does not have such an option 1 .

C. Creating an outgoing conte nt filter and adding the Encrypt and Deliver Nov/ action with Use-Script option deselected is not possible. The Encrypt and Deliver Nov/ action does not have a Use-Script option[ 2 , p. 13].