Cisco Email Security Field Engineer (700-280)

Exam Description: The Cisco Email Security Field Engineer (700-280) (ESFE) exam has 6070 questions
and its duration is 75 minutes. The exam tests your knowledge of securing email systems by requiring
you to evaluate, install, operate, and troubleshoot the Email Security Appliance (ESA).

The following topics are general guidelines for the content likely to be included on the exam. However,
other related topics may also appear on any specific delivery of the exam. To better reflect the contents
of the exam and for clarity purposes, the guidelines below may change at any time without notice.

9% 1.0 Introduction
1.1 Describe the problems the Cisco ESA solves

1.2 Describe ESA delivery platforms

1.2.a Hardware systems
1.2.b Virtual appliances

1.2 Describe customer use cases

1.4 Understand basic Simple Mail Transfer Protocol (SMTP) concepts

9% 2.0 Performing Evaluations and Installations

2.1 Execute the evaluation process
2.2 Perform an installation based on the customer Interview
2.3 Describe the process of troubleshooting an installation
2.4 Use the System Setup wizard
2.5 Configure clustering of appliances

21% 3.0 Configuring Sender and Recipient Groups

3.1 Configure private and public listeners
3.2 Describe the email pipeline
3.3 Describe the function(s) of the Host Access Table (HAT)
3.4 Use SensorBase Reputation Scores (SBRS) to manage mail
3.5 Describe the function(s) of the Recipient Access Table
3.6 Configure SMTP routes
3.7 Describe how to add a second mail server
3.8 Configure Recipient Access Table to accept mail
3.9 Configure HAT Relay list to allow outgoing email delivery
3.10 Configure Destination Control for Transport Layer Security (TLS)

7% 4.0 Centralized Quarantine, Message Tracking, and Reporting

4.1 Configure centralized email reporting

2013 Cisco Systems, Inc. This document is Cisco Public. Page 1

 4.2 Configure centralized message tracking
4.3 Configure centralized spam quarantine
4.4 Configure centralized policy, virus, and outbreak quarantines

9% 5.0 Configuring Anti-Spam and Anti-Virus

5.1 Describe the Email Security Manager
5.2 Adjust SBRS
5.3 Configure and use anti-spam settings (IPAS)
5.4 Configure and use marketing message detection
5.5 Configure anti-virus settings
5.6 Describe intelligent multi-scan
5.7 Configure outbreak filters settings

9% 6.0 Configuring Content Filters

6.1 Describe content filters and content scanning
6.2 Describe content filter applications
6.3 Configure basic content filters
6.4 Describe weighted dictionary matching
6.5 Describe file matching and embedded file scanning
6.6 Understand regular expressions
6.7 Understand Policy Quarantine and matched content visibility

9% 7.0 Data Loss Prevention

7.1 Identify conditions where companies or IT staff may be held accountable for loss of data
through email
7.2 Describe Data Loss Prevention (DLP)
7.3 Describe the Cisco DLP Solution
7.4 Configure DLP and implement the solution in an outgoing mail policy
7.5 Track DLP policy usage
7.6 Describe the RSA engine

9% 8.0 Encrypting Outgoing Mail

8.1 Describe Cisco Registered Envelope Service use cases
8.2 Configure encryption on the ESA
8.3 Provision with Cisco Registered Envelope Service
8.4 Associate a content filtering rule with an encrypt action
8.5 Configure Guaranteed Secure Delivery

9% 9.0 Configuring Lightweight Directory Access Protocol (LDAP)

9.1 Describe LDAP, as used by the ESA
9.2 Use the Active Directory wizard
9.3 Configure LDAP server profiles
9.4 Configure and apply LDAP accept queries
9.5 Configure and use LDAP group queries
9.6 Use query tokens and operators
9.7 Configure LDAP domain assignments
9.8 Configure LDAP chain queries

2013 Cisco Systems, Inc. This document is Cisco Public. Page 2

9% 10.0 Troubleshooting
10.1 Use debugging tools and troubleshooting practices
10.2 Use the findevent command to track a message from CLI
10.3 Use the grep command to track a message from CLI
10.5 Use packet capture in GUI to diagnose issues
10.4 Use ping, nslookup, and traceroute commands to troubleshoot network connectivity
issues
10.6 Use Telnet/SMTP Ping to send test messages

2013 Cisco Systems, Inc. This document is Cisco Public. Page 3