Which of the following is least likely to be a function of a Cisco ESA? (Select the best answer.)
- protecting against phishing
- protecting against spam
- protecting against a DDoS attacks
- protecting against malicious files
Protecting against a Distributed Denial of Service (DDoS) attack is least likely to be a function of a Cisco Email Security Appliance (ESA). A DDoS attack is a security threat that attacks availability by overwhelming a device or network with traffic from many varying sources. An ESA is designed to protect against email threats, such as malware attachments, phishing scams, and spam.
The Cisco Context Adaptive Scanning Engine (CASE) on an ESA is a technology that is intended to detect email threats as they are received. CASE checks the reputation of email senders, scans the content of email messages, and analyzes the construction of email messages. As part of this process, CASE submits the email sender to the Cisco SenderBase Network, which contains data on hundreds of thousands of email networks. The sender is assigned a score based on this information. The content of the email messaging is scanned because it could contain language, links, or a call to action that is indicative of a phishing scam.