Exam SY0-601 topic 1 question 233 discussion

"A secure web gateway (SWG) protects users from web-based threats in addition to applying and enforcing corporate acceptable use policies."

For the given scenario, implementing an SWG would be the best choice as it provides the following benefits: Content Filtering: An SWG can block access to malicious or unauthorized websites based on the organization's AUP, preventing users from being exposed to harmful content. Cloud Application Visibility and Control: An SWG can extend its security controls to cloud applications, allowing administrators to monitor and enforce security policies for users accessing cloud services from remote locations. Protection for Remote Users: Since many users work from home or remote locations, an SWG can provide protection regardless of the user's location, ensuring consistent security policies across the entire network. User Authentication: An SWG can integrate with user authentication systems, such as LDAP or Active Directory, to apply different security policies based on user roles or groups.

The SWG is typically a cloud-based service, but it can be an on-site appliance. Clients are configured to access all Internet resources via the SWG, and it filters traffic to prevent threats from infiltrating the network. Some of the services provided by the SWG include: URL filtering to prevent users from visiting unauthorized sites Stateless packet filtering to detect and block malicious traffic Malware detection and filtering to block malware Network-based data loss protection (DLP) Sandboxing to check for threats

A secure web gateway protects an organization from online security threats and infections by enforcing company policy and filtering Internet-bound traffic. A secure web gateway is an on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible. A secure web gateway includes essential security technologies such as URL filtering, application control, data loss prevention, antivirus, and https inspection to provide organizations with strong web security.

Pick option B. Check this URL for more details: https://www.checkpoint.com/cyber-hub/network-security/what-is-secure-web-gateway/

The best solution for the network administrator to implement to meet the criteria of blocking access to sites based on the AUP and protecting users from malicious content is an SWG (Secure Web Gateway). An SWG provides a centralized solution for monitoring and controlling internet usage on the network. It inspects all web traffic, scans for malicious content and implements policies to block access to websites that violate the organization's AUP (Acceptable Use Policy). Additionally, an SWG can provide protection to users when they are accessing cloud applications from remote locations.

An SWG plays a crucial role in traffic inspection as it analyzes all the web traffic passing through to and from the organization. It blocks content that does not conform to corporate policies, such as denying entry to unencrypted content from any site. These inspection policies can also be customized for better organizational implementation.

https://internet2-0.com/the-difference-between-a-secure-web-gateway-and-a-firewall/ Firewalls inspect data packets Secure web gateways inspect applications Secure web gateways set and enforce rules for users Software as a Service (SaaS) applications Remote networking Cloud-based computing

Answer is B, NAC is something else, it is associated with 802.1x, which is basically local MFA.

Not url, because apps

Agree with B here. Don't agree with NAC.

NAC= Network Access Control