IP01-06 Barracuda Email Protection -
Impersonation Protection – Foundation
UPDATED ACTUAL Exam Questions and
CORRECT Answers
Impersonation Protection provides a number of reports as part of its real-time protection
capabilities. Which of the following is NOT included? - CORRECT ANSWER -
Impersonated services
*Geographical origin of email*
Impersonated senders
Recipient of fraudulent mails
Administrators can opt to leave emails which trigger spearphishing alerts in their users' inboxes.
- CORRECT ANSWER - True
Impersonation Protection can only provide reporting on any threats received from the last 30
days. - CORRECT ANSWER - TRUE
What tasks are NOT possible when creating an account takeover incident? - CORRECT
ANSWER - Internal malicious emails can be sent to the user's junk folder or deleted.
Delete malicious inbox rules created on the compromised account.
*Outbound External malicious emails can be sent to the user's junk folder or deleted.*
Impersonation Protection provides a list of tasks you need to perform on Microsoft 365 to secure
the account.
What does Impersonation Protection NOT protect against? - CORRECT ANSWER -
Account takeover.
, *Network attacks.*
Spearphishing attacks.
Account Takeover Protection allows you to check suspicious MS365 sign-ins. - CORRECT
ANSWER - True
An attacker can use hijacked accounts to... - CORRECT ANSWER - *...launch social
engineering attacks.*
*...initiate transactions.*
*...use stolen accounts for (spear) phishing.*
*...gather sensitive information.*
Impersonation Protection's Account Takeover protection... - CORRECT ANSWER -
*...can send notifications to external users.*
*...deletes compromised email from internal users' inboxes.*
*...shows alerts for suspicious sign-ins and inbox rules.*
The maximum reporting period for sign-ins to the Microsoft 365 tenant is... - CORRECT
ANSWER - ...7 days.
*...30 days.*
...1 day.
...14 days.
Targeted attacks... - CORRECT ANSWER - *...often persuade users to run an apparently
innocuous action.*
*...include spearphishing and whaling.*
*...are directed at a selected user with a particular role.*
...can be easily identified by email gateway solutions and end-users.
Impersonation Protection – Foundation
UPDATED ACTUAL Exam Questions and
CORRECT Answers
Impersonation Protection provides a number of reports as part of its real-time protection
capabilities. Which of the following is NOT included? - CORRECT ANSWER -
Impersonated services
*Geographical origin of email*
Impersonated senders
Recipient of fraudulent mails
Administrators can opt to leave emails which trigger spearphishing alerts in their users' inboxes.
- CORRECT ANSWER - True
Impersonation Protection can only provide reporting on any threats received from the last 30
days. - CORRECT ANSWER - TRUE
What tasks are NOT possible when creating an account takeover incident? - CORRECT
ANSWER - Internal malicious emails can be sent to the user's junk folder or deleted.
Delete malicious inbox rules created on the compromised account.
*Outbound External malicious emails can be sent to the user's junk folder or deleted.*
Impersonation Protection provides a list of tasks you need to perform on Microsoft 365 to secure
the account.
What does Impersonation Protection NOT protect against? - CORRECT ANSWER -
Account takeover.
, *Network attacks.*
Spearphishing attacks.
Account Takeover Protection allows you to check suspicious MS365 sign-ins. - CORRECT
ANSWER - True
An attacker can use hijacked accounts to... - CORRECT ANSWER - *...launch social
engineering attacks.*
*...initiate transactions.*
*...use stolen accounts for (spear) phishing.*
*...gather sensitive information.*
Impersonation Protection's Account Takeover protection... - CORRECT ANSWER -
*...can send notifications to external users.*
*...deletes compromised email from internal users' inboxes.*
*...shows alerts for suspicious sign-ins and inbox rules.*
The maximum reporting period for sign-ins to the Microsoft 365 tenant is... - CORRECT
ANSWER - ...7 days.
*...30 days.*
...1 day.
...14 days.
Targeted attacks... - CORRECT ANSWER - *...often persuade users to run an apparently
innocuous action.*
*...include spearphishing and whaling.*
*...are directed at a selected user with a particular role.*
...can be easily identified by email gateway solutions and end-users.
