CCNP/CCIESecuritySCOR思科網(wǎng)絡(luò)工程師題庫2

Ql.WhatcanbeintegratedwithCiscoThreatIntelligenceDirectortoprovideinformation

aboutsecuritythreats,whichallowstheSOCtoproactivelyautomateresponsestothose

threats?

A.CiscoUmbrella

B.ExternalThreatFeeds

C.CiscoThreatGrid

D.CiscoStealthwatch

Answer:C

Explanation:

CiscoThreatIntelligenceDirector(CTID)canbeintegratedwithexistingThreatIntelligence

Platformsdeployedbyyourorganizationtoingestthreatintelligenceautomatically.

Reference:

/developer/automate-threat-intelligence-using-cisco-threat-

intelligence-director

Q2.WhichsolutioncombinesCiscoIOSandIOSXEcomponentstoenableadministratorsto

recognizeapplications,collectandsendnetworkmetricstoCiscoPrimeandotherthird-party

managementtools,andprioritizeapplicationtraffic?

A.CiscoSecurityIntelligence

B.CiscoApplicationVisibilityandControl

C.CiscoModelDrivenTelemetry

D.CiscoDNACenter

Answer:B

Explanation:

TheCiscoApplicationVisibilityandControl(AVC)solutionleveragesmultipletechnologiesto

recognize,analyze,andcontrolover1000applications,includingvoiceandvideo,email,file

sharing,gaming,peer-to-peer(P2P),andcloud-basedapplications.AVCcombinesseveral

CiscoIOS/IOSXEcomponents,aswellascommunicatingwithexternaltools,tointegratethe

followingfunctionsintoapowerfulsolution...

Reference:

/c/en/us/td/docs/ios/solutions_docs/avc/guide/avc-user-

guide/avc_tech_overview.html

Q3.WhichtwoactivitiescanbedoneusingCiscoDNACenter?(Choosetwo)

A.DHCP

B.Design

C.Accounting

D.DNS

E.Provision

Answer:BE

Explanation:

CiscoDNACenterhasfourgeneralsectionsalignedtoITworkflows:

Design:Designyournetworkforconsistentconfigurationsbydeviceandbysite.Physical

mapsandlogicaltopologieshelpprovidequickvisualreference.Thedirectimportfeature

bringsinexistingmaps,images,andtopologiesdirectlyfromCiscoPrimeInfrastructureand

theCiscoApplicationPolicyInfrastructureControllerEnterpriseModule(APIC-EM),making

upgradeseasyandquick.Deviceconfigurationsbysitecanbeconsolidatedina"golden

image"thatcanbeusedtoautomaticallyprovisionnewnetworkdevices.Thesenewdevices

caneitherbepre-stagedbyassociatingthedevicedetailsandmappingtoasite.Ortheycan

beclaimeduponconnectionandmappedtothesite.Policy:Translatebusinessintentinto

networkpoliciesandapplythosepolicies,suchasaccesscontrol,trafficrouting,andquality

ofservice,consistentlyovertheentirewiredandwirelessinfrastructure.Policy-basedaccess

controlandnetworksegmentationisacriticalfunctionoftheCiscoSoftware-DefinedAccess

(SD-Access)solutionbuiltfromCiscoDNACenterandCiscoIdentityServicesEngine(ISE).

CiscoAlNetworkAnalyticsandCiscoGroup-BasedPolicyAnalyticsrunningintheCiscoDNA

Centeridentifyendpoints,groupsimilarendpoints,anddeterminegroupcommunication

behavior.CiscoDNACenterthenfacilitatescreatingpoliciesthatdeterminetheformof

communicationallowedbetweenandwithinmembersofeachgroup.ISEthenactivatesthe

underlyinginfrastructureandsegmentsthenetworkcreatingavirtualoverlaytofollowthese

policiesconsistently.Suchsegmentingimplementszero-trustsecurityintheworkplace,

reducesrisk,containsthreats,andhelpsverifyregulatorycompliancebygivingendpointsjust

therightlevelofaccesstheyneed.

Provision:OnceyouhavecreatedpoliciesinCiscoDNACenter,provisioningisasimple

drag-and-droptask.Theprofiles(calledscalablegrouptagsor"SGTs")intheCiscoDNA

Centerinventorylistareassignedapolicy,andthispolicywillalwaysfollowtheidentity.The

processiscompletelyautomatedandzero-touch.Newdevicesaddedtothenetworkare

assignedtoanSGTbasedonidentity--greatlyfacilitatingremoteofficesetups.

Assurance:CiscoDNAAssurance,usingAI/ML,enableseverypointonthenetworktobecome

asensor,sendingcontinuousstreamingtelemetryonapplicationperformanceanduser

connectivityinrealtime.Thecleanandsimpledashboardshowsdetailednetworkhealthand

flagsissues.Then,guidedremediationautomatesresolutiontokeepyournetworkperforming

atitsoptimalwithlessmundanetroubleshootingwork.Theoutcomeisaconsistent

experienceandproactiveoptimizationofyournetwork,withlesstimespenton

troubleshootingtasks.

Reference:

https://www.cisco.eom/c/en/us/products/collateral/cloud-systems-management/dna-

center/nb-06-dna-center-so-cte-en.html

Q4.Whatmustbeusedtosharedatabetweenmultiplesecurityproducts?

A.CiscoRapidThreatContainment

B.CiscoPlatformExchangeGrid

C.CiscoAdvancedMalwareProtection

D.CiscoStealthwatchCloud

Answer:B

Q5.WhichCiscoproductisopen,scalable,andbuiltonIETFstandardstoallowmultiple

securityproductsfromCiscoandothervendorstosharedataandinteroperatewitheach

other?

A.AdvancedMalwareProtection

B.PlatformExchangeGrid

C.MultifactorPlatformIntegration

D.FirepowerThreatDefense

Answer:B

Explanation:

WithCiscopxGrid(PlatformExchangeGrid),yourmultiplesecurityproductscannowshare

dataandworktogether.Thisopen,scalable,andIETFstandards-drivenplatformhelpsyou

automatesecuritytogetanswersandcontainthreatsfaster.

Q6.WhatisafeatureoftheopenplatformcapabilitiesofCiscoDNACenter?

A.intent-basedAPIs

B.automationadapters

C.domainintegration

D.applicationadapters

Answer:A

Q7.WhatisthefunctionoftheContextDirectoryAgent?

A.maintainsusers'groupmemberships

B.relaysuserauthenticationrequestsfromWebSecurityAppliancetoActiveDirectory

C.readstheActiveDirectorylogstomapIPaddressestousernames

D.acceptsuserauthenticationrequestsonbehalfofWebSecurityApplianceforuser

identification

Answer:C

Explanation:

CiscoContextDirectoryAgent(CDA)isamechanismthatmapsIPAddressestousernames

inordertoallowsecuritygatewaystounderstandwhichuserisusingwhichIPAddressinthe

network,sothosesecuritygatewayscannowmakedecisionsbasedonthoseusers(orthe

groupstowhichtheusersbelongto).

CDArunsonaCiscoLinuxmachine;monitorsinrealtimeacollectionofActiveDirectory

domaincontroller(DC)machinesforauthentication-relatedeventsthatgenerallyindicate

userlogins;learns,analyzes,andcachesmappingsofIPAddressesanduseridentitiesinits

database;andmakesthelatestmappingsavailabletoitsconsumerdevices.

Reference:

https://www.cisco.eom/c/en/us/td/docs/security/ibf/cda_10/lnstall_Config_guide/cdal

0/cda_oveviw.html

Q8.WhatisacharacteristicofabridgegroupinASAFirewalltransparentmode?

A.Itincludesmultipleinterfacesandaccessrulesbetweeninterfacesarecustomizable

B.ItisaLayer3segmentandincludesoneportandcustomizableaccessrules

C.ItallowsARPtrafficwithasingleaccessrule

D.IthasanIPaddressonitsBVIinterfaceandisusedformanagementtrafficAnswer:A

Explanation:

AbridgegroupisagroupofinterfacesthattheASAbridgesinsteadofroutes.Bridgegroups

areonlysupportedinTransparentFirewallMode.Likeanyotherfirewallinterfaces,access

controlbetweeninterfacesiscontrolled,andalloftheusualfirewallchecksareinplace.Each

bridgegroupincludesaBridgeVirtualInterface(BVI).TheASAusestheBVIIPaddressasthe

sourceaddressforpacketsoriginatingfromthebridgegroup.TheBVIIPaddressmustbeon

thesamesubnetasthebridgegroupmemberinterfaces.TheBVIdoesnotsupporttrafficon

secondarynetworks;onlytrafficonthesamenetworkastheBVIIPaddressissupported.You

canincludemultipleinterfacesperbridgegroup.Ifyouusemorethan2interfacesperbridge

group,youcancontrolcommunicationbetweenmultiplesegmentsonthesamenetwork,

andnotjustbetweeninsideandoutside.Forexample,ifyouhavethreeinsidesegmentsthat

youdonotwanttocommunicatewitheachother,youcanputeachsegmentonaseparate

interface,andonlyallowthemtocommunicatewiththeoutsideinterface.Oryoucan

customizetheaccessrulesbetweeninterfacestoallowonlyasmuchaccessasdesired.

Reference:

https://www.cisco.eom/c/en/us/td/docs/security/asa/asa95/configuration/general/asa

-95-general-config/intro-fw.html

Note:BVIinterfaceisnotusedformanagementpurpose.Butwecanaddaseparate

Managementslot/portinterfacethatisnotpartofanybridgegroup,andthatallowsonly

managementtraffictotheASA.

Q9.WhenCiscoandotherindustryorganizationspublishandinformusersofknownsecurity

findingsandvulnerabilities,whichnameisused?

A.CommonSecurityExploits

B.CommonVulnerabilitiesandExposures

C.CommonExploitsandVulnerabilities

D.CommonVulnerabilities,ExploitsandThreats

Answer:B

Explanation:

Vendors,securityresearchers,andvulnerabilitycoordinationcenterstypicallyassign

vulnerabilitiesanidentifierthat'sdisclosedtothepublic.Thisidentifierisknownasthe

CommonVulnerabilitiesandExposures(CVE).CVEisanindustry-widestandard.CVEis

sponsoredbyUS-CERT,theofficeofCybersecurityandCommunicationsattheU.S.

DepartmentofHomelandSecurity.ThegoalofCVEistomakeit'seasiertosharedataacross

tools,vulnerabilityrepositories,andsecurityservices.

Reference:

QlO.WhichtwofieldsaredefinedintheNetFlowflow?(Choosetwo)

A.typeofservicebyte

B.classofservicebits

C.Layer4protocoltype

D.destinationport

E.outputlogicalinterface

Answer:AD

Explanation:

CiscostandardNetFlowversion5definesaflowasaunidirectionalsequenceofpacketsthat

allsharesevenvalueswhichdefineauniquekeyfortheflow:

+Ingressinterface(SNMPiflndex)

+SourceIPaddress

+DestinationIPaddress

+IPprotocol

+SourceportforUDPorTCP,0forotherprotocols

+DestinationportforUDPorTCP,typeandcodeforICMP,or0forotherprotocols+IPType

ofService

Note:Aflowisaunidirectionalseriesofpacketsbetweenagivensourceanddestination.

Qll.Whatprovidestheabilitytoprogramandmonitornetworksfromsomewhereotherthan

theDNACGUI?

A.NetFlow

B.desktopclient

C.ASDM

D.API

Answer:D

Q12.Anorganizationhastwomachineshostingwebapplications.Machine1isvulnerableto

SQLinjectionwhilemachine2isvulnerabletobufferoverflows.

Whatactionwouldallowtheattackertogainaccesstomachine1butnotmachine2?

A.sniffingthepacketsbetweenthetwohosts

B.sendingcontinuouspings

C.overflowingthebuffer'smemory

D.insertingmaliciouscommandsintothedatabase

Answer:D

Q13AnorganizationistryingtoimprovetheirDefenseinDepthbyblockingmalicious

destinationspriortoaconnectionbeingestablished.Thesolutionmustbeabletoblock

certainapplicationsfrombeingusedwithinthenetwork.

Whichproductshouldbeusedtoaccomplishthisgoal?

A.CiscoFirepower

B.CiscoUmbrella

C.ISE

D.AMP

Answer:B

Explanation:

CiscoUmbrellaprotectsusersfromaccessingmaliciousdomainsbyproactivelyanalyzingand

blockingunsafedestinations?beforeaconnectionisevermade.Thusitcanprotectfrom

phishingattacksbyblockingsuspiciousdomainswhenusersclickonthegivenlinksthatan

attackersent.

Q14.Acompanyisexperiencingexfiltrationofcreditcardnumbersthatarenotbeingstored

on-premise.Thecompanyneedstobeabletoprotectsensitivedatathroughoutthefull

environment.

Whichtoolshouldbeusedtoaccomplishthisgoal?

A.SecurityManager

B.Cloudlock

C.WebSecurityAppliance

D.CiscoISE

Answer:B

Explanation:

CiscoCloudlockisacloud-nativecloudaccesssecuritybroker(CASB)thathelpsyoumoveto

thecloudsafely.Itprotectsyourcloudusers,data,andapps.CiscoCloudlockprovides

visibilityandcompliancechecks,protectsdataagainstmisuseandexfiltration,andprovides

threatprotectionsagainstmalwarelikeransomware.

Q15.Anengineeristryingtosecurelyconnecttoarouterandwantstopreventinsecure

algorithmsfrombeingused.However,theconnectionisfailing.

Whichactionshouldbetakentoaccomplishthisgoal?

A.Disabletelnetusingthenoiptelnetcommand.

B.EnabletheSSHserverusingtheipsshservercommand.

C.Configuretheportusingtheipsshport22command.

D.GeneratetheRSAkeyusingthecryptokeygeneratersacommand.

Answer:D

Explanation:

Inthisquestion,theengineerwastryingtosecuretheconnectionsomaybehewastryingto

allowSSHtothedevice.Butmaybesomethingwentwrongsotheconnectionwasfailing(the

connectionusedtobegood).Somaybehewasmissingthe"cryptokeygeneratersa"

command.

Q16AnetworkadministratorisusingtheCiscoESAwithAMPtouploadfilestothecloudfor

analysis.Thenetworkiscongestedandisaffectingcommunication.

HowwilltheCiscoESAhandleanyfileswhichneedanalysis?

A.AMPcalculatestheSHA-256fingerprint,cachesit,andperiodicallyattemptstheupload.

B.Thefileisqueuedforuploadwhenconnectivityisrestored.

C.Thefileuploadisabandoned.

D.TheESAimmediatelymakesanotherattempttouploadthefile.

Answer:C

Explanation:

Theappliancew川tryoncetouploadthefile;ifuploadisnotsuccessful,forexamplebecause

ofconnectivityproblems,thefilemaynotbeuploaded.Ifthefailurewasbecausethefile

analysisserverwasoverloaded,theuploadwillbeattemptedoncemore.

Reference:

/c/en/us/support/docs/security/email-security-

appliance/118796-technote-esa-OO.html

Inthisquestion,itstated"thenetworkiscongested"(notthefileanalysisserverwas

overloaded)sotheappliancewillnottrytouploadthefileagain.

Q17.Whichtypeofalgorithmprovidesthehighestlevelofprotectionagainstbrute-force

attacks?

A.PFS

B.HMAC

C.MD5

D.SHA

Answer:D

Q18.WhatmustbeconfiguredinCiscoISEtoenforcereauthenticationofanendpointsession

whenanendpointisdeletedfromanidentitygroup?

A.postureassessment

B.CoA

C.externalidentitysource

D.SNMPprobe

Answer:B

Explanation:

CiscoISEallowsaglobalconfigurationtoissueaChangeofAuthorization(CoA)intheProfiler

Configurationpagethatenablestheprofilingservicewithmorecontroloverendpointsthat

arealreadyauthenticated.

OneofthesettingstoconfiguretheCoAtypeis"Reauth".Thisoptionisusedtoenforce

reauthenticationofanalreadyauthenticatedendpointwhenitisprofiled.

Reference:

https://www.cisco.eom/c/en/us/td/docs/security/ise/1-

3/admin_guide/b_ise_admin_guide_13/bJse_admin_guide_sample_chapter_010101.htm

Q19.Anetworkadministratorisconfiguringaruleinanaccesscontrolpolicytoblockcertain

URLsandselectsthe"ChatandInstantMessaging"category.

Whichreputationscoreshouldbeselectedtoaccomplishthisgoal?

A.1

B.3

C.5

D.10

Answer:D

Explanation:

Wechoose"ChatandInstantMessaging"categoryin"URLCategory":

EditAction

Quarantine

EncryptonDeliveryURLCategory

StripAttachmentbyContentDoesanyURLinthemessagebody

theselecte<3categories?

StripAttachmentbyHieInfo

|URLCategory

AvailableCategories:

URLReputation

/U)verttsements.ya]

AddDisdeinnerTextAlcohol

BypassOutbreakFitterScanning

BypassDK1MSigningAuctions

Buslne&sandIndustry

SendCopy(Bcc:)CHatandInstantMessagir

NotifyandP1?9?ertbm

ComputerSecunty

ChangeRecipienttoComputersandIr?ternet

SendtoAlternateDestinationHost

DeliverfromIPInterfaceOseaURLwliiteiist：MQWB

StripHeader

Add/EditHeaderActiononUR1_:

AddMessageTag?，DefangURL'

AddLO4EntryRedirecttoCiscoSecurityProxy

S/MIMESign/EncryptonDelivery

ReplaceURLwithtextmessage

EncryptarkdDeliverNow(Final

Action)

S/MIMESign/EncrypC(FinalAcxion)

Bounce(FinalAction)PerformActionfor:

SkipRemainingContentFitters?Allmessages

(FinalAction)

Unsignedmessages

Drop(FinalAction)

ToblockcertainURLsweneedtochooseURLReputationfrom6to10.

EditCondition

MessageBodyorAttachment

MessageBodyURLReputation

URLCategoryWhatisthereputationofURL'sintt

evaluatesURL'susingtheirWebBai

URLReputation

MessageSize

AttachmentContentURLReputationis:

AttachmentFileInfo0Malicious(-10.0to-6.0)

AttachmentProtectionSuspect(-5.9toS.9)

SubjectHeader

Clean(6.0to10.0)

OtherHeader

EnvelopeSenderCustomRange(mintomax)

EnvelopeRecipientI-1-

ReceivingListenerNoScore

RemoteIP/Hostname

ReputationScoreuseaURLwhitelist：None：

Q20.WhichgroupwithinCiscowritesandpublishesaweeklynewslettertohelpcybersecurity

professionalsremainawareoftheongoingandmostprevalentthreats?

A.PSIRT

B.Talos

C.CSIRT

D.DEVNET

Answer:B

Explanation:

TalosThreatSourceisaregularintelligenceupdatefromCiscoTalos,highlightingthebiggest

threatseachweekandothersecuritynews.

Reference:/newsletters

Q21.WhatarethetwotypesofmanagedIntercloudFabricdeploymentmodels?(Choose

two)

A.ServiceProvidermanaged

B.Publicmanaged

C.Hybridmanaged

D.Usermanaged

E.Enterprisemanaged

Answer:AE

Explanation:

Manyenterprisesprefertodeploydevelopmentworkloadsinthepubliccloud,primarilyfor

convenienceandfasterdeployment.ThisapproachcancauseconcernforITadministrators,

whomustcontroltheflowofITtrafficandspendingandhelpensurethesecurityofdataand

intellectualproperty.Withouttheproper

controls,dataandintellectualpropertycanescapethisoversight.TheCiscoIntercloudFabric

solutionhelpscontrolthisshadowIT,discoveringresourcesdeployedinthepubliccloud

outsideITcontrolandplacingtheseresourcesunderCiscoIntercloudFabriccontrol.Cisco

IntercloudFabricaddressestheclouddeploymentrequirementsappropriatefortwohybrid

clouddeploymentmodels:EnterpriseManaged(anenterprisemanagesitsowncloud

environments)andServiceProviderManaged(theserviceprovideradministersandcontrols

allcloudresources).

Reference:

https://www.cisco.eom/c/en/us/td/docs/solutions/Hybrid_Cloud/lntercloud/lntercloud

_Fabric.pdf

TheCiscoIntercloudFabricarchitectureprovidestwoproductconfigurationstoaddressthe

followingtwoconsumptionmodels:

+CiscoIntercloudFabricforBusiness

+CiscoIntercloudFabricforProvidersReference:

https://www.cisco.eom/c/en/us/td/docs/solutions/Hybrid_Cloud/lntercloud/lntercloud

_Fabric/lntercloud_Fabric_2.html

Q22.WhataretwoDDoSattackcategories?(Choosetwo)

A.sequential

B.protocol

C.database

D.volume-based

E.screen-based

Answer:BD

Explanation:

Therearethreebasiccategoriesofattack:

+volume-basedattacks,whichusehightraffictoinundatethenetworkbandwidth+protocol

attacks,whichfocusonexploitingserverresources+applicationattacks,whichfocusonweb

applicationsandareconsideredthemostsophisticatedandserioustypeofattacksReference:

/networks/types-of-ddos-attacks/

Q23.Refertotheexhibit.

Whichtypeofauthenticationisinuse?

A.LDAPauthenticationforMicrosoftOutlook

B.POP3authentication

C.SMTPrelayserverauthentication

D.externaluserandrelaymailauthentication

Answer:D

Explanation:

TheTLSconnectionsarerecordedinthemaillogs,alongwithothersignificantactionsthat

arerelatedtomessages,suchasfilteractions,anti-virusandanti-spamverdicts,anddelivery

attempts.IfthereisasuccessfulTLSconnection,therewillbeaTLSsuccessentryinthemail

logs.Likewise,afailedTLSconnectionproducesaTLSfailedentry.Ifamessagedoesnothave

anassociatedTLSentryinthelogfile,thatmessagewasnotdeliveredoveraTLSconnection.

Reference:

info,:NewSMTPICID3CinterfaceManageinent(15

addressIC).128.128.200reversednshostu.nknc

Info:ICID30ACCEPTSGSUSPECTLIST^a-chsbrs|

Info:ICID30TLSsuccessprotocolTL5vlciphei

Info:SMTPAuth:(ICID30)succeededforuser:

AUTEmechanism:LOGINwithprofile:lclap_sir.t

Info:MID60matchedallrecipien'csforper-rec

DEFAULTintheoutboundtable

Q24AnorganizationreceivedalargeamountofSPAMmessagesoverashorttimeperiod.

Inordertotakeactiononthemessages,itmustbedeterminedhowharmfulthemessages

areandthisneedstohappendynamically.

Whatmustbeconfiguredtoaccomplishthis?

A.ConfiguretheCiscoWSAtomodifypoliciesbasedonthetrafficseen

B.ConfiguretheCiscoESAtoreceivereal-timeupdatesfromTalos

C.ConfiguretheCiscoWSAtoreceivereal-timeupdatesfromTalos

D.ConfiguretheCiscoESAtomodifypoliciesbasedonthetrafficseen

Answer:D

Explanation:

TheMailPoliciesmenuiswherealmostallofthecontrolsrelatedtoemailfilteringhappens.

Allthesecurityandcontentfilteringpoliciesaresethere,soit'slikelythat,asanESA

administrator,thepagesonthismenuarewhereyouarelikelytospendmostofyourtime.

IRONPORTC160

Monitor

EmailSecurityH^naucr

Overyjjewinco?ni4ngMail=ides

JCCOEEComFibers

SystemOverview6262POkCaM

Out901n9ContentFilters

5sB3-Top3byVifVSThr??L

HWAccessTable(HAT>

s%FullMem4es

SysHATOverview

11.6%|______|7S1

IncomingMesug-MailHowPogoes

0.1%|385

mVExc-epbonTable

0.0%_______|i0.0%_

RecipientAxxessTable(RAT)

SystemStAtusDetailsO?￡tifvat)OHControlsOutbreakOc<4

BounceVenfication

DataLx*Prevention(DLP)

ThneRange:|D?y~

OLPPol?cyHaoacer

01Feb201114:00to02

OomamKeys

IncomingHallStBrnmary

|StoppedbyReputationFilte

ShoppedasInvalidReopier

SpamDetected

.AdditionalSpamdetectedt

?IntelligentMUIH-SSG

■Virusd

StoppedbyContentFilter

Q25,WhataretwodifferencesbetweenaCiscoWSAthatisrunningintransparentmodeand

onerunninginexplicitmode?(Choosetwo)

A.WhentheCiscoWSAisrunningintransparentmode,itusestheWSA'sownIPaddress

astheHTTPrequestdestination.

B.TheCiscoWSArespondswithitsownIPaddressonlyifitisrunninginexplicitmode.

C.TheCiscoWSAisconfiguredinawebbrowseronlyifitisrunningintransparentmode.

D.TheCiscoWSAusesaLayer3devicetoredirecttrafficonlyifitisrunningintransparent

mode.

E.TheCiscoWSArespondswithitsownIPaddressonlyifitisrunningintransparentmode.

Answer:DE

Explanation:

TheCiscoWebSecurityAppliance(WSA)includesawebproxy,athreatanalyticsengine,

antimalware

engine,policymanagement,andreportinginasinglephysicalorvirtualappliance.Themain

useoftheCiscoWSAistoprotectusersfromaccessingmaliciouswebsitesandbeinginfected

bymalware.YoucandeploytheCiscoWSAintwodifferentmodes:

?Explicitforwardmode

?Transparentmode

Inexplicitforwardmode,theclientisconfiguredtoexplicitlyusetheproxy,subsequently

sendingallwebtraffictotheproxy.Becausetheclientknowsthereisaproxyandsendsall

traffictotheproxyinexplicitforwardmode,theclientdoesnotperformaDNSlookupofthe

domainbeforerequestingtheURL.TheCiscoWSAisresponsibleforDNSresolution,aswell.

Client&Firewall

webbrowser

WhenyouconfiguretheCiscoWSAinexplicitmode,youdonotneedtoconfigureanyother

networkinfrastructuredevicestoredirectclientrequeststotheCiscoWS

Internet1.Userii

2.ASAF