Exam SY0-601 topic 1 question 458 discussion

For those who have the same confusion as i did regarding WAF vs SWG, this is how i rationalised: WAF primarily focuses on protecting the web application against application layer attacks (SQLi,XSS,CSRF,SSRF etc), not controlling or filtering access to external websites based on categories. Secure Web Gateway (SWG) on the other hand, are specifically designed to enforce web access policies and control what websites users can access.

B. A Secure Web Gateway (SWG) is the best solution for protecting against certain categories of websites whether the employee is in the office or away. A SWG is a security solution that protects users and devices from web-based threats by filtering web traffic based on policies set by the organization. It acts as a proxy server between the user and the internet, scanning web traffic for malicious content and blocking access to unauthorized or inappropriate websites.

I think it is VPN (with full tunnel) because SWG will only protects within the office network and may not protect once you are outside office.

I had originally gone with WAF glad I am reviewing I test tomorrow would of gotten this wrong. so it is answer B. SWG this site is such help. thank you to everyone that explain these out for us to better understand you guys rock.

the key difference lies in their primary purpose and the scope of protection. WAF is tailored for web application security, while SWG is a comprehensive solution for securing web access for users and networks.

The CISO should implement a Secure Web Gateway (SWG). A SWG protects users from web-based threats and enforces corporate acceptable use policies. Instead of connecting directly to a website, a user accesses the SWG, which is then responsible for connecting the user to the desired website and performing functions such as URL filtering, web visibility, malicious content inspection, web access controls and other security measures . This can help protect against certain categories of websites whether the employee is in the office or away.

To implement a solution that can protect against certain categories of websites whether the employee is in the office or away, the Chief Information Security Officer (CISO) should implement a B. SWG (Secure Web Gateway). A Secure Web Gateway is a security solution that provides real-time protection against web-based threats by filtering and monitoring web traffic. It can be configured to block access to certain categories of websites, such as gambling or social media sites, regardless of the employee’s location. By implementing an SWG, the CISO can ensure that employees are protected against web-based threats and that they comply with the organization’s web usage policies.

-B is correct SWG (Secure Web Gateway) would be the best solution for protecting against certain categories of websites, whether the employee is in the office or away. SWGs are designed to monitor and filter internet traffic to and from user devices, blocking access to known malicious sites or sites that violate company policies. They provide protection against web-based threats such as malware, phishing, and other types of attacks.