Duration: 90 minutes
Languages: English and Japanese
Associated certifications
CCNP Security
Cisco Certified Specialist – Web Content Security
Exam overview
This exam tests your knowledge of Cisco Web Security Appliance, including:
Proxy services
Authentication
Decryption policies
Differentiated traffic access policies and identification policies
Acceptable use control settings
Malware defense
Data security and data loss prevention
Exam Description:
Securing the Web with Cisco Web Security Appliance v1.0 (SWSA 300-725) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate’s knowledge of Cisco Web Security Appliance, including proxy services, authentication, decryption policies differentiated traffic access policies and identification policies, acceptable use control settings, malware defense, and data security and data loss prevention. The course, Securing Web with Cisco Email Security Appliance, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
10% 1.0 Cisco WSA Features
1.1 Describe Cisco WSA features and functionality
1.1.a Proxy service
1.1.b Cognitive Threat Analytics
1.1.c Data loss prevention service
1.1.d Integrated L4TM service
1.1.e Management tools
1.2 Describe WSA solutions
1.2.a Cisco Advanced Web Security Reporting
1.2.b Cisco Content Security Management Appliance
1.3 Integrate Cisco WSA with Splunk
1.4 Integrate Cisco WSA with Cisco ISE
1.5 Troubleshoot data security and external data loss using log files
20% 2.0 Configuration
2.1 Perform initial configuration tasks on Cisco WSA
2.2 Configure an Acceptable Use Policy
2.3 Configure and verify web proxy features
2.3.a Explicit proxy functionality
2.3.b Proxy access logs using CLI
2.3.c Active directory proxy authentication
2.4 Configure a referrer header to filter web categories
10% 3.0 Proxy Services
3.1 Compare proxy terms
3.1.a Explicit proxy vs. transparent proxy
3.1.b Upstream proxy vs. downstream proxy
3.2 Describe tune caching behavior for safety or performance
3.3 Describe the functions of a Proxy Auto-Configuration (PAC) file
3.4 Describe the SOCKS protocol and the SOCKS proxy services
10% 4.0 Authentication
4.1 Describe authentication features
4.1.a Supported authentication protocols
4.1.b Authentication realms
4.1.c Supported authentication surrogates supported
4.1.d Bypassing authentication of problematic agents
4.1.e Authentication logs for accounting records
4.1.f Re-authentication
4.2 Configure traffic redirection to Cisco WSA using explicit forward proxy mode
4.3 Describe the FTP proxy authentication
4.4 Troubleshoot authentication issues
10% 5.0 Decryption Policies to Control HTTPS Traffic
5.1 Describe SSL and TLS inspection
5.2 Configure HTTPS capabilities
5.2.a HTTPS decryption policies
5.2.b HTTPS proxy function
5.2.c ACL tags for HTTPS inspection
5.2.d HTTPS proxy and verify TLS/SSL decryption
5.2.e Certificate types used for HTTPS decryption
5.3 Configure self-signed and intermediate certificates within SSL/TLS transactions
10% 6.0 Differentiated Traffic Access Policies and Identification Profiles
6.1 Describe access policies
6.2 Describe identification profiles and authentication
6.3 Troubleshoot using access logs
10% 7.0 Acceptable Use Control
7.1 Configure URL filtering
7.2 Configure the dynamic content analysis engine
7.3 Configure time-based & traffic volume acceptable use policies and end user notifications
7.4 Configure web application visibility and control (Office 365, third-party feeds)
7.5 Create a corporate global acceptable use policy
7.6 Implement policy trace tool to verify corporate global acceptable use policy
7.7 Configure WSA to inspect archive file types
10% 8.0 Malware Defense
8.1 Describe anti-malware scanning
8.2 Configure file reputation filtering and file analysis
8.3 Describe Advanced Malware Protection (AMP)
8.4 Describe integration with Cognitive Threat Analytics
10% 9.0 Reporting and Tracking Web Transactions
9.1 Configure and analyze web tracking reports
9.2 Configure Cisco Advanced Web Security Reporting (AWSR)
9.2.a Basic web usage
9.2.b Custom filters
9.3 Troubleshoot connectivity issues
QUESTION 1
What causes authentication failures on a Cisco WSA when LDAP is used for authentication?
A. when the passphrase contains only 5 characters
B. when the passphrase contains characters that are not 7-bit ASCI
C. when the passphrase contains one of following characters ‘@ # $ % ^’
D. when the passphrase contains 50 characters
Answer: B
QUESTION 2
Refer to the exhibit. Which statement about the transaction log is true?
A. The log does not have a date and time
B. The proxy had the content and did not contact other servers
C. The transaction used TCP destination port 8187
D. The AnalizeSuspectTraffic policy group was applied to the transaction
Answer: D
QUESTION 3
Which two features can be used with an upstream and downstream Cisco WSA web proxy to have the upstream WSA identify users by their client IP address? (Choose two.)
A. X-Forwarded-For
B. high availability
C. web cache
D. via
E. IP spoofing
Answer: A,D
Make The Best Choice Chose – Joogate
Make yourself more valuable in today’s competitive computer industry Joogate’s preparation material includes the most excellent features, prepared by the same dedicated experts who have come together to offer an integrated solution. We provide the most excellent and simple method to pass your Cisco Cisco Certified Specialist – Email Content Security 300-725 exam on the first attempt .
will prepare you for your exam effectively. 300-725 Study Guide. Your exam will download as a single 300-725 PDF or complete 300-725 preparation material as well as over +4000 other technical exam PDF and study material downloads. Forget buying your prep materials separately at three time the price of our – skip the 300-725 audio exams and select the one package that gives it all to you at your discretion: 300-725 Study Materials featuring the study material.
Joogate 300-725 Exam Prepration Tools
Joogate Cisco Cisco Certified Specialist – Email Content Security preparation begins and ends with your accomplishing this credential goal. Although you will take each Cisco Cisco Certified Specialist – Email Content Security online test one at a time – each one builds upon the previous. Remember that each Cisco Cisco Certified Specialist – Email Content Security exam paper is built from a common certification foundation.
300-725 Exam preparation materials
Beyond knowing the answer, and actually understanding the 300-725 test questions puts you one step ahead of the test. Completely understanding a concept and reasoning behind how something works, makes your task second nature. Your 300-725 quiz will melt in your hands if you know the logic behind the concepts. Any legitimate Cisco Cisco Certified Specialist – Email Content Security prep materials should enforce this style of learning – but you will be hard pressed to find more than a Cisco Cisco Certified Specialist – Email Content Security practice test anywhere other than Joogate.
300-725 Exam Questions and Answers with Explanation
This is where your Cisco Cisco Certified Specialist – Email Content Security 300-725 exam prep really takes off, in the testing your knowledge and ability to quickly come up with answers in the 300-725 online tests. Using Cisco Certified Specialist – Email Content Security 300-725 practice exams is an excellent way to increase response time and queue certain answers to common issues.
300-725 Exam Study Guides
All Cisco Cisco Certified Specialist – Email Content Security online tests begin somewhere, and that is what the Cisco Cisco Certified Specialist – Email Content Security training course will do for you: create a foundation to build on. Study guides are essentially a detailed Cisco Cisco Certified Specialist – Email Content Security 300-725 tutorial and are great introductions to new Cisco Cisco Certified Specialist – Email Content Security training courses as you advance. The content is always relevant, and compound again to make you pass your 300-725 exams on the first attempt. You will frequently find these 300-725 PDF files downloadable and can then archive or print them for extra reading or studying on-the-go.
300-725 Exam Video Training
For some, this is the best way to get the latest Cisco Cisco Certified Specialist – Email Content Security 300-725 training. However you decide to learn 300-725 exam topics is up to you and your learning style. The Joogate Cisco Cisco Certified Specialist – Email Content Security products and tools are designed to work well with every learning style. Give us a try and sample our work. You’ll be glad you did.
300-725 Other Features
* Realistic practice questions just like the ones found on certification exams.
* Each guide is composed from industry leading professionals real Cisco Cisco Certified Specialist – Email Content Securitynotes, certifying 100% brain dump free.
* Study guides and exam papers are help you prepare effectively or .
* Designed to help you complete your certificate using only
* Delivered in PDF format for easy reading and printing Joogate unique have you dancing the Cisco Cisco Certified Specialist – Email Content Security jig before you know it
* Cisco Certified Specialist – Email Content Security 300-725 prep files are frequently updated to maintain accuracy. Your courses will always be up to date.
Get Cisco Certified Specialist – Email Content Security ebooks from Joogate which contain real 300-725 exam questions and answers. You WILL pass your Cisco Certified Specialist – Email Content Security exam on the first attempt using only Joogate’s Cisco Certified Specialist – Email Content Security excellent preparation tools and tutorials.
