Securing Email with Cisco Email Security Appliance (SESA) — Question 87

An administrator has created a content filter to quarantine all messages that result in an SPF hardfail to review the messages and determine whether a trusted partner has accidentally misconfigured the DNS settings. The administrator sets the policy quarantine to release the messages after 24 hours, allowing time to review while not interrupting business.

Which additional option should be used to help the end users be aware of the elevated risk of interacting with these messages?

Answer options

• A. Notify Recipient
• B. Strip Attachments
• C. Notify Sender
• D. Modify Subject

Correct answer: D

Explanation

Modifying the subject line of the emails is an effective way to signal to end users that these messages carry a potential risk due to the SPF hardfail. This alert prompts users to exercise caution. The other options, while useful in different contexts, do not directly inform users about the heightened risk associated with these specific messages.