CCNP Security 350-701 Passing Score

To deploy Cisco WSA in transparent mode, the configuration component that must be used is WCCP on switch. WCCP stands for Web Cache Communication Protocol, which is a protocol that allows a network device (such as a switch) to redirect web traffic to a proxy server (such as Cisco WSA) transparently. This means that the client does not need to configure any proxy settings on the browser, and the proxy server can intercept and process the web requests and responses without the client’s knowledge. WCCP can also provide load balancing and failover capabilities for multiple proxy servers.

The other options are incorrect because they are not required or relevant for transparent mode deployment. Option A is incorrect because MDA (Multilink PPP Dial Access) is a feature that allows multiple physical links to be aggregated into a single logical link for dial-up connections. It has nothing to do with transparent mode. Option B is incorrect because PBR (Policy-Based Routing) is a feature that allows routing decisions to be based on criteria other than the destination IP address, such as source IP address, protocol, port, etc. It is not necessary for transparent mode, as WCCP can handle the traffic redirection. Option D is incorrect because DNS resolution on Cisco WSA is not a configuration component, but a function that allows the proxy server to resolve domain names to IP addresses. It is not specific to transparent mode, as it is also used in explicit mode. References:

• What is the difference between transparent and forward proxy mode?
• User Guide for AsyncOS 12.7 for Cisco Web Security Appliances - LD (Limited Deployment) - Acquire End-User Credentials
• Cisco WSA : Is it possible to use web proxy in transparent mode without WCCP?

In a remote access VPN configuration, dynamic split tunneling allows traffic to certain trusted domains to bypass the VPN tunnel and exit through the client's local internet gateway. This feature selectively directs only the necessary traffic over the VPN, while allowing direct internet access for specific domains or traffic deemed safe or trusted, optimizing bandwidth and performance for remote users.

ExplanationMalware means “malicious software”, is any software intentionally designed to cause damage to a computer, server, client, or computer network. The most popular types of malware includes viruses, ransomware and spyware. Virus Possibly the most common type of malware, viruses attach their malicious code to clean code and wait to be run.

Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.Spyware is spying software that can secretly record everything you enter, upload, download, and store on your computers or mobile devices. Spyware always tries to keep itself hidden.An exploit is a code that takes advantage of a software vulnerability or security flaw.Exploits and malware are two risks for endpoints that are not up to date. ARP spoofing and eavesdropping are attacks against the network while denial-of-service attack is based on the flooding of IP packets.

The Talos IP and Domain Reputation Center is the world’s most comprehensive real-time threat detection network. It collects and analyzes data from millions of web requests, emails, malware samples, open-source data sets, endpoint intelligence, and network intrusions. It assigns a reputation score to IP addresses and domains based on their observed malicious activity and behavior. The reputation score can range from -10 (very malicious) to +10 (very benign). The reputation score can be used to block or allow traffic, or to trigger further inspection or analysis. The Talos IP and Domain Reputation Center allows you to track the reputation of IP addresses for email and web traffic, as well as to look up the category, volume, and history of any IP address or domain. You can also submit feedback or request a change of reputation for any IP address or domain. References