Web Security for Field Engineers v6.2

Page:    1 / 4   
Exam contains 50 questions

What is the S-Series Proxy Bypass List?

  • A. a list of clients and destinations that will bypass the proxy in explicit forward mode
  • B. a list of clients and destinations that will bypass the proxy in transparent mode
  • C. a list of user agents exempt from authentication
  • D. a list of proxy servers that are to be bypassed


Answer : B

Which CLI command is used to create a W3C log?

  • A. mklogfiie
  • B. advancedproxyconfig
  • C. makelog
  • D. logconfig
  • E. w3clogconfig


Answer : D

Which statement about the DVS engine is true?

  • A. The DVS engine can use Webroot and McAfee scanning in parallel
  • B. The DVS engine never inspects the client HTTP request.
  • C. The DVS engine generates the WBRS.
  • D. The DVS engine is only used for Layer 4 traffic monitoring.


Answer : A

Which sites does WBRS block by default?

  • A. those with a reputation score equal to or less than -6
  • B. those with a reputation score less than -6
  • C. those with a reputation score greater than 6
  • D. those with a reputation score less than -5.9
  • E. those with a reputation score equal to or less than -5.9


Answer : A

TRR and TRT are associated with which WSA component?

  • A. L4TM
  • B. Anti-Malware
  • C. URL Filters
  • D. Web Reputation


Answer : B

In AsyncOS 7.0 for web the choice of Authentication Surrogate is?

  • A. Defined separately for each Identity
  • B. A global setting
  • C. Defined separately for each Access Policy
  • D. Defined separately for each malware engine


Answer : A

Which of the following is NOT provided by AVC?

  • A. Deep IM control
  • B. Media bandwidth control
  • C. Web usage quotas
  • D. Safe Search


Answer : C

Which option describes a reason that a security administrator would configure suspect user agent scanning?

  • A. to block Microsoft Updates
  • B. to identify compromised hosts that are trying "phone home"
  • C. to block corporate users from using nonsanctioned web browsers
  • D. to protect web servers from attack


Answer : C

How long is reporting data kept on record in WIRe by default?

  • A. 45 days for both "blocked traffic", and for "allowed traffic"
  • B. 1 year for "blocked traffic", and 45 days for "allowed traffic"
  • C. 1 year for both "blocked traffic", and for "allowed traffic"
  • D. 45 days for "blocked traffic", and 1 year for "allowed traffic"


Answer : A

Which statement is true?

  • A. The L4TM allow list overrides the block list.
  • B. The overlap of the L4TM allow list and block list is the L4TM grey list
  • C. The L4TM block lists override the allow lists.
  • D. L4TM allow list and block list overlaps are not permitted.


Answer : A

What are PAC files used for?

  • A. user agent-based policies
  • B. explicit forward mode proxy deployments
  • C. transparent mode proxy deployments
  • D. L4TM


Answer : B

When do you need to configure the P1 interface?

  • A. whenever you have an upstream proxy
  • B. whenever you want to enable the WSA proxy
  • C. whenever you intend to deploy the L4TM in blocking mode
  • D. whenever you have a separate management VLAN or subnetwork


Answer : D

Which of these is an optional feature, requiring the purchase of a separate license after 30 days?

  • A. L4TM
  • B. Data Security
  • C. HTTPS Proxy
  • D. Web Reputation filtering


Answer : C

Which authentication protocol takes precedence by default when WSA uses AD authentication?

  • A. LDAPS
  • B. Kerberos
  • C. NTLMv3
  • D. NTLMv2
  • E. LDAP
  • F. NTLMSSP


Answer : F

What feature on the WSA provides Day Zero Revocation of access to third party sites such as Salesforce?

  • A. Application Visibility and Control
  • B. SaaS Access Control
  • C. Dynamic Vectoring and Streaming engine
  • D. Day Zero Revocation engine


Answer : B

Page:    1 / 4   
Exam contains 50 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.