300-725 Online Practice Questions and Answers

Which two configuration options are available on a Cisco WSA within a decryption policy? (Choose two.)

A. Pass Through

B. Warn

C. Decrypt

D. Allow

E. Block

Which method is used by AMP against zero-day and targeted file-based attacks?

A. analyzing behavior of all files that are not yet known to the reputation service

B. periodically evaluating emerging threats as new information becomes available

C. implementing security group tags

D. obtaining the reputation of known files

What is a valid predefined time range when configuring a Web Tracking query?

A. year

B. minute

C. hour

D. month

Which command is used to flush a single user from authentication memory?

A. isedata

B. authcache

C. diagnostic

D. clear

Which statement about configuring an identification profile for machine authentication is true?

A. Cloud Web Security Connector mode with an active directory enabled supports machine authentication

B. Identification profile machine ID is supported locally, but the Cisco WSA does not support machine ID authentication

C. Cloud Web Security with Kerberos enabled supports machine authentication

D. If an Active Directory realm is used, identification can be performed for an authenticated user or IP address but not for a machine ID

Refer to the exhibit. Which command displays this output?

A. grep

B. logconfig

C. rollovernow

D. tail

Which action is a valid default for the Global Access Policy in the Application Visibility Control engine on the Cisco WSA?

A. bandwidth limit

B. permit

C. restrict

D. monitor

What is the default action when a new custom category is created and added to an access policy?

A. monitor

B. allow

C. block

D. decrypt

Which two caching modes are available in the Cisco WSA? (Choose two.)

A. active cache

B. all cache

C. aggressive cache

D. safe cache

E. no cache

Which port is configured in a browser to use the Cisco WSA web proxy with default settings?

A. 8080

B. 8443

C. 8021

D. 3128