You want to configure a WSA to permit access to a particular social media site? however, you also want to
deny access to some of the features on that site, such as uploading files and liking posts.
Which of the following WSA features should you configure to achieve your goal (Select the best answer.)
A.
AMP
B.
AVC
C.
DCA
D.
DLP
Explanation:
You should configure the Application Visibility and Control (AVC) feature on a Cisco Web Security Appliance
(WSA) if you want to permit access to a particular social media site and deny the use of some of the features
on that site, such as uploading files and liking posts. A WSA is a standalone web gateway that offers features
that can mitigate webbased attacks, enforce acceptable use policies, and provide detailed reporting. The AVC
feature provides an administrator with granular control over a wide range of web applications, including the
ability to disable application features, limit application bandwidth, and constrain application access to a
particular set of users or period of time. The AVC feature is included as part of the Cisco Web Security
Essentials software license, which also includes the following:
Uniform Resource Locator (URL) filtering
Threat intelligence using the Cisco Talos threat detection network
Layer 4 traffic monitoring – Policy management
Actionable reporting
Data Loss Prevention (DLP), including thirdparty DLP integration
The URL filtering feature on a WSA can be used to permit or deny access to a particular social media site?however, it does not provide the ability to deny access to some of the features on that site. The URL filtering
feature uses a database of over 50 million URLs to protect users from sites that are known to host malicious
content. The Dynamic Content Analysis (DCA) feature enhances basic URL filtering by enabling the WSA to
determine whether unknown URLs post a threat. The DCA engine can scan unknown URLs and their
associated content text in real time and can successfully categorize URLs with an error rate of less than 10
percent.
The DLP feature on a WSA can be used to prevent sensitive data from being transmitted to the web. DLP
engines, which include any integrated thirdparty solutions, inspect outbound traffic for specified criteria, such as
credit card numbers or customer data, and can take the appropriate action. A WSA can use the Internet
Content Adaptation Protocol (ICAP) to integrate thirdparty DLP solutions to enhance its traffic inspection and
analysis capabilities. The Advanced Malware Protection (AMP) feature on a WSA can be used to enable
advanced malware detection, blocking, analysis, and retroactive reporting on a WSA. The AMP feature
enhances the dynamic reputationbased and behaviorbased malware analysis processes available on the WSA
with enhanced file reputation, file sandboxing, and retrospective file analysis. Enhanced file analysis enables
the WSA to fingerprint a file and send it to the Cisco Security Intelligence Operations (SIO) for a reputation
verdict. File sandboxing provides a secure environment where the behavior of a file, such as a compressed
archive or a Microsoft Office document, can be analyzed. Retrospective file analysis, which is also known as file
retrospection, enables the WSA to track files that were originally deemed as safe and were later determined to
be a threat. This helps an administrator determine who might be at risk from those files.Cisco: Cisco Web Security: Granular Acceptable Use Controls
Cisco: Cisco Web Security Appliance Data Sheet: Features and Benefits
QUESTION 183
What is the primary purposed of a defined rule in an IPS?
A. to detect internal attacks
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to configure an event action that takes place when a signature is triggered.
Answer: C
Explanation:
Defined rules are defined by the sysadmin, Event Action Rules take place when an event triggers an action.
QUESTION 184
How does PEAP protect EAP exchange?
A. it encrypts the exchange using the client certificate.
B. it validates the server-supplied certificate and then encrypts the exchange using the client certificate
C. it encrypts the exchange using the server certificate
D. it validates the client-supplied certificate and then encrypts the exchange using the server certificate.
Answer: C
Explanation:
The client certificate is not used for encryption with PEAP.
QUESTION 185
How can firepower block malicious email attachments?
A. It forwards email requests to an external signature engine
B. It sends the traffic through a file policy
C. It scans inbound email messages for known bad URLs
D. It sends an alert to the administrator to verify suspicious email messages
Answer: B
QUESTION 186
A proxy firewall protects against which type of attacks?
A. DDoS
B. port scanning
C. worm traffic
D. cross-site scripting attacks
Answer:
2017 New 210-260 Exam Dumps and 210-260 VCE Dumps: https://www.braindump2go.com/210-260.html