Securing Email with Cisco Email Security Appliance (SESA) — Question 124
An administrator needs to configure a Cisco ESA to verify that a specific mail server is authorized to send emails for a domain. To reduce overhead, the administrator does not want SSL type encryption or decryption to be used in this process. What must be configured on the Cisco ESA to meet this requirement?
Answer options
- A. DomainKeys Identified Mail
- B. PKI signing keys
- C. Asymmetric keys
- D. Sender Policy Framework
Correct answer: D
Explanation
The correct answer is D, Sender Policy Framework (SPF), which enables verification of authorized mail servers without needing SSL encryption. Options A (DomainKeys Identified Mail) and B (PKI signing keys) involve cryptographic methods that may require encryption, while C (Asymmetric keys) is not specifically aimed at email authorization for sending servers.