Securing Email with Cisco Email Security Appliance (SESA) — Question 111

Which components are required when encrypting SMTP with TLS on Cisco ESA when the sender requires TLS verification?

Answer options

• A. self-signed certificate in PKCS#7 format
• B. X.509 certificate and matching private key from a CA
• C. self-signed certificate in PKCS#12 format
• D. DER certificate and matching public key from a CA

Correct answer: B

Explanation

The correct answer is B, as an X.509 certificate and its corresponding private key from a Certificate Authority (CA) are essential for proper TLS encryption and validation. The other options do not provide the necessary trust and compatibility required for secure email transmission, as self-signed certificates and mismatched keys do not assure the sender's identity.