PrepAway - Latest Free Exam Questions & Answers

You are attempting to locate some missing messages by using the Message Tracking feature on a Cisco ESA.

You are attempting to locate some missing messages by using the Message Tracking feature on a Cisco ESA.

Which of the following statements is correct?

A. A maximum of 250 results can be displayed.

B. Quarantined messages will not appear in the search results.

C. Tracking searches are case sensitive.

D. Message tracking must first be enabled by issuing the trace command.

E. Wildcard characters and regular expressions are supported.

F. Results can be exported to a CSV file.

Explanation:
Results can be exported to a comma separated values (CSV) file. This is particularly useful for queries that match more than 1,000 messages on a Cisco Email Security Appliance (ESA). The Cisco ESA is designed to protect against email threats, such as malware attachments, phishing scams, and spam. It is also designed to provide data loss prevention (DLP).

The Cisco ESA Message Tracking feature is useful for locating messages that were not delivered as expected. Before you can use the Message Tracking feature, you must first enable message tracking by issuing the trackingconfig command in the command-line interface (CLI) or by clicking Security Services > Message Tracking and then clicking Enable Message Tracking Service in the GUI. You can configure local tracking, in which messages are tracked on a single ESA device, or centralized tracking, in which a Cisco Content Security Management Appliance (SMA) tracks messages for multiple ESA devices.

When the Message Tracking feature is used, wildcard characters and regular expressions are not supported. However, tracking searches are not case sensitive. All queries are assumed to be an AND search unless otherwise specified; AND queries return only messages that match all of the search criteria.

By default, up to 250 search results are displayed. However, you can set the maximum number of results to 1,000. If more than 1,000 messages match the search criteria, you can export up to 50,000 results to a CSV file.

Quarantined messages will appear in the search results. You can determine the reason that a message was quarantined by clicking a link in the message-tracking search results.

Message tracking is not enabled by issuing the trace command. The trace command launches the Trace tool, which is used to emulate a message as it flows through the ESA to a simulated listener. Alternatively, you can click System Administration > Trace in the GUI to start the Trace tool.

Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-5/user_guide/b_ESA_Admin_Guide_12_5/b_ESA_Admin_Guide_12_1_chapter_011110.html
https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-5-1/cli_reference_guide/b_CLI_Reference_Guide_13_5_1/b_CLI_Reference_Guide_chapter_0100.html#con_1888477


Leave a Reply