Securing the Web with Cisco Web Security Appliance (300-725 SWSA) v1.0
Question 1
Which two benefits does AMP provide compared to the other scanning engines on the Cisco WSA? (Choose two.)
- A. protection against malware
- B. protection against zero-day attacks
- C. protection against spam
- D. protection against viruses
- E. protection against targeted file-based attacks
Answer : BD
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/advanced-malware-protection/solution-overview-c22-734228.html
Question 2
Refer to the exhibit. Which command displays this output?
- A. grep
- B. logconfig
- C. rollovernow
- D. tail
Answer : A
Reference:
https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117938-configure-wsa-00.html
Question 3
Which information within Cisco Advanced Web Security Reporting is used to generate a report that lists visited domains?
- A. URL categories
- B. web reputation
- C. websites
- D. application visibility
Answer : A
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/security/wsa/Advanced_Reporting/WSA_Advanced_Reporting_6/
Advanced_Web_Security_Reporting_6_6.pdf
(39)
Question 4
What is required on the Cisco WSA when an AMP file reputation server private cloud is configured?
- A. private key from the server to encrypt messages
- B. private key to decrypt messages
- C. public and private keys from the server
- D. public key from the server
Answer : D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_010001.html
Question 5
Which IP address and port are used by default to run the system setup wizard?
- A. http://192.168.42.42:80
- B. https://192.168.42.42:8080
- C. https://192.168.42.10:8443
- D. http://192.168.43.42:8080
Answer : B
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/security/content_security/hardware/x95_series/Sx95_GSG.pdf
(14)
Question 6
What is the function of a PAC file on a Cisco WSA?
- A. The file allows redirection of web traffic to a specific proxy server
- B. The file is mandatory for a transparent proxy to redirect user traffic
- C. The file provides instructions about which URL categories are permitted
- D. The file is mandatory for an explicit proxy to forward user traffic
Answer : A
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/116052-config-webauth-proxy-00.html
Question 7
Which two modes of operation does the Cisco WSA provide? (Choose two.)
- A. connector
- B. proxy
- C. transparent
- D. standard
- E. explicit
Answer : CE
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVD-WebSecurityUsingCiscoWSADesignGuide-AUG13.pdf
Question 8
Which response code in the access logs indicates that a transaction was blocked due to policy?
- A. TCP_DENIED/407
- B. TCP_DENIED/401
- C. TCP_DENIED/403
- D. TCP_DENIED/307
Answer : A
Reference:
https://docuri.com/download/instructions_59a8d562f581719e12ad43fe_pdf
Question 9
Which two features on the Cisco WSA help prevent outbound data loss for HTTP or FTP traffic? (Choose two.)
- A. web reputation filters
- B. Advanced Malware Protection
- C. third-party DLP integration
- D. data security filters
- E. SOCKS proxy
Answer : CD
Reference:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-5/user_guide/b_WSA_UserGuide_11_5_1/ b_WSA_UserGuide_11_5_1_chapter_010000.pdf
Question 10
Which configuration mode does the Cisco WSA use to create an Active Directory realm for Kerberos authentication?
- A. Forward
- B. Connector
- C. Transparent
- D. Standard
Answer : D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_01001.html#con_1406137
Question 11
Which statement about identification profile default settings on the Cisco WSA is true?
- A. Identification profiles do not require authentication
- B. Guest identification profile should be processed first
- C. Identification profiles can include only one user group
- D. AsyncOS processes identification profiles alphabetically
Answer : A
Reference:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_011001.html#con_1415970
Question 12
Which action is a valid default for the Global Access Policy in the Application Visibility Control engine on the Cisco WSA?
- A. bandwidth limit
- B. permit
- C. restrict
- D. monitor
Answer : D
Reference:
https://hrouhani.org/cisco-web-security-appliance-ironport/
Question 13
A network administrator noticed that all traffic that is redirected to the Cisco WSA from the Cisco ASA firewall cannot get to the Internet in a Transparent proxy environment using WCCP.
Which troubleshooting action must be taken on the CLI to make sure that WCCP communication is not failing?
- A. Disable WCCP to see if the WCCP service is causing the issue
- B. Explicitly point the browser to the proxy
- C. Ping the WCCP device
- D. Check WCCP logs in debug mode
Answer : D
Question 14
DRAG DROP -
Drag and drop the Cisco WSA access policy elements from the left into the order in which they are processed on the right.
Select and Place:
Answer : 
Question 15
What must be configured to require users to click through an acceptance page before they are allowed to go to the Internet through the Cisco WSA?
- A. Enable End-User Acknowledgement Page and set to Required in Identification Profiles
- B. Enable End -User URL Filtering Warning Page and set to Required in Identification Profiles
- C. Enable End-User Acknowledgement Page and set to Required in Access Policies
- D. Enable End-User URL Filtering Warning Page and set to Required in Access Policies
Answer : C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_010100.html