Which two facts must be considered when deciding whether to deploy the Cisco Secure Web Appliance in Standard mode, Hybrid Web Security mode, or Cloud Web Security Connector mode? (Choose two.)
A.
External DLP is available only in Standard mode and Hybrid Web Security mode.
B.
The onsite web proxy is not supported in Cloud Web Security Connector mode.
C.
Standard mode and Hybrid Web Security mode perform the same actions in response to the application of an individual policy.
D.
Only Standard mode and Hybrid Web Security mode support Layer 4 traffic monitoring.
E.
ISE integration is available only in Standard mode and Hybrid Web Security mode.
Standard Mode:
On-site web proxy and Layer-4 traffic monitoring are available.
Offers External Data Loss Prevention (DLP) capabilities.
Supports ISE integration.
Requires physical or virtual appliance deployment.
Hybrid Mode:
Combines SWA with Cisco Umbrella SIG for policy synchronization.
Enforces the same web policies across on-premises and cloud environments.
Offers granular policy management through Umbrella SIG.
Requires both SWA and Cisco Umbrella SIG.
Cloud Web Security Connector:
Routes traffic to a CWS proxy for policy enforcement.
On-site web proxy and Layer-4 traffic monitoring are not available.
Requires no on-site appliance.
Does not support native FTP or HTTPS decryption.
Deployment of the appliance is the same in both standard and Cloud Security mode except that on-site web
proxy services and Layer-4 Traffic Monitorservices are not available in Cloud WebSecurity Connector mode.
A. External DLP is available only in Standard mode and Hybrid Web Security mode.
Data Loss Prevention (DLP) is a critical security feature that monitors and prevents sensitive data exfiltration.
External DLP integration (e.g., with third-party DLP solutions) is only supported in Standard Mode and Hybrid Web Security Mode.
Cloud Web Security Connector Mode does not support external DLP since it relies on Cisco's cloud-based security services.
B. The onsite web proxy is not supported in Cloud Web Security Connector mode.
Cloud Web Security Connector Mode forwards web traffic directly to Cisco Umbrella or Cisco Cloud Web Security (CWS), bypassing on-premise proxies.
No local proxy is used in this mode because all security processing happens in the cloud.
In Standard Mode and Hybrid Mode, the WSA acts as a local proxy for deeper content inspection and policy enforcement.
BC with reference to:
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_01000.pdf
Deployment of the appliance is the same in both standard and Cloud Security mode except that on-site web
proxy services and Layer-4 Traffic Monitor services are not available in Cloud Web Security Connector mode.
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ITVI
3 weeks, 3 days agoaa4a63c
1 month agomadboy2
1 month, 2 weeks ago3ab324f
7 months, 1 week ago3ab324f
7 months, 1 week ago