300-725 Dumps
          300-725 Braindumps
          300-725 Real Questions
          300-725 Practice Test
          300-725 dumps free






















































            Cisco



            300-725







            Securing the Web with Cisco Web Security Appliance










            http://killexams.com/pass4sure/exam-detail/300-725













             QUESTION 51 How does dynamic content analysis improve URL
             categorization?



             A.  It analyzes content based on cached destination content
             B.  It adds intelligence to detect categories by analyzing responses
             C.  It can be used as the only URL analysis method
             D.  It analyzes content of categorized URL to tune decisions and correct categorization errors

             Correct Answer: D




             Explanation/Reference:
             Reference: https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/118063-qanda-wsa-00.html

             QUESTION 52
             What is needed to enable an HTTPS proxy?

             A.  self-signed server certificate
             B.  trusted third-party CA signed root certificate
             C.  self-signed CSR
             D.  self-signed root certificate

             Correct Answer: C





             Reference: https://community.cisco.com/t5/web-security/cisco-wsa-https-proxy-certificate-issue/td-p/3019392

             QUESTION 53
             Which two configuration options can be configured when invalid certificates are processed with the HTTPS proxy on WSA enabled? (Choose two.)

             A.  allow
             B.  monitor
             C.  drop
             D.  block
             E.  redirect

             Correct Answer: BC






             Reference: https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-7/user_guide/b_WSA_UserGuide_11_7/b_WSA_UserGuide_11_7_chapter_01011.html
             QUESTION 54 What is the purpose of using AMP file analysis on a Cisco WSA to continuously evaluate
             emerging threats?

             A.  to take appropriate action on new files that enter the network
             B.  to remove files from quarantine by stopping their retention period







             C.  to notify you of files that are determined to be threats after they have entered your network
             D.  to send all files downloaded through the Cisco WSA to the AMP cloud

             Correct Answer: C




             Reference: https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-5/user_guide/b_WSA_UserGuide_11_5_1/b_WSA_UserGuide_11_5_1_chapter_01110.html

             QUESTION  55  Which  type  of  certificate  must  be  installed  on  a  Cisco  WSA  for
             HTTPS inspection?

             A.  server
             B.  client
             C.  root
             D.  wildcard

             Correct Answer: C




             Reference: https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117792-technote-wsa-00.html

             QUESTION 56
             Which two log types does the Cisco WSA provide to troubleshoot Cisco data security and external data loss prevention policies? (Choose two.)

             A.  upload data
             B.  data security
             C.  default proxyD. data access
             E. external data

             Correct Answer: CE




             Reference: https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_010011.html

             QUESTION 57 Which port is configured in a browser to use the Cisco WSA web proxy with
             default settings?

             A.  8080
             B.  8443
             C. 8021
             D. 3128

             Correct Answer: D




             Reference: https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVD-WebSecurityUsingCiscoWSADesignGuide-AUG13.pdf (16)
             QUESTION 58
             What is a benefit of integrating Cisco WSA with TrustSec in ISE?
             A.  The policy trace tool can be used to match access policies using specific SGT







             B.  Traffic of authenticated users who use 802.1x can be tagged with SGT to identification profiles in a Cisco WSAC. ISE can block authentication for users who generate multiple
                sessions using suspect TCP ports
             D. Users in a specific SGT can be denied access to certain social websites.

             Correct Answer: D




             Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/ISE-WSAIntegrationDoc/b_ISE-WSAIntegration.html
             QUESTION  59  When  an  access  policy  is  created,  what  is  the  default  option  for  the
             Application Settings?

             A.  Use Global Policy Applications Settings
             B.  Define the Applications Custom Setting
             C.  Set all applications to Block
             D.  Set all applications to Monitor

             Correct Answer: B




             Reference: https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-7/user_guide/b_WSA_UserGuide_11_7/b_WSA_UserGuide_11_7_chapter_01111.html

             QUESTION  60  What  is  the  primary  benefit  of  using  Cisco  Advanced  Web
             Security Reporting?

             A.  ability to see the malicious activity of a user
             B.  L4TM report with client-malware risk
             C.  centralized and granular reporting
             D.  access to a day report with historical data

             Correct Answer: B




             Reference: https://www.cisco.com/c/en/us/products/collateral/security/web-security-appliance/datasheet_c78-729104.html













                            For More exams visit https://killexams.com/vendors-exam-list







































































                               Kill your exam at First Attempt....Guaranteed!