300-725 SWSA

Current Status
Not Enrolled
Get Started

Securing the Web with Cisco Secure Web Appliance v1.1 (300-725)

Exam Description: Securing the Web with Cisco Secure Web Appliance v1.1 (SWSA 300-725) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate’s knowledge of Cisco Secure Web Appliance (formerly Cisco Web Security Appliance), including proxy services; authentication; decryption policies, differentiated traffic access policies, and identification policies; acceptable use control settings; malware defense; and data security and data loss prevention.

The following topics are general guidelines for the content likely to be included on the exam. However,other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

  1. 10% Features
    1. Describe Cisco Secure Web Appliance features and functionality
      1. Proxy service
      2. Cognitive Intelligence (formerly Cognitive Threat Analytics)
      3. Data loss prevention service
      4. Integrated L4TM service
      5. Management tools
    2. Describe Secure Web Appliance solutions
      1. Cisco Advanced Web Security Reporting
      2. Cisco Secure Email and Web Manager
    3. Integrate Cisco Secure Web Appliance with Advanced Web Security Reporting
    4. Integrate Cisco Secure Web Appliance with Cisco ISE
    5. Troubleshoot data security and external data loss using log files
  2. 20% Configuration
    1. Perform initial configuration tasks on the Cisco Secure Web Appliance
    2. Configure an access policy
    3. Configure and verify web proxy features
      1. Explicit proxy functionality
      2. Proxy access logs using CLI
      3. Active Directory proxy authentication
    4. Configure a referrer header to filter web categories
  3. 10% Proxy Services
    1. Describe deployment options
      1. Explicit Proxy
      2. Transparent proxy
      3. Upstream proxy
      4. High availability
    2. Describe these features:
      1. Tune caching
      2. IP spoofing
      3. Web proxy ports
      4. Range requests
    3. Describe the functions of a Proxy Auto-Configuration (PAC) file
    4. Describe the SOCKS protocol and the SOCKS proxy services
  4. 10% Authentication
    1. Describe authentication features
      1. Supported authentication methods
      2. Authentication realms
      3. Supported authentication surrogates supported
      4. Bypassing authentication of problematic agents
      5. Authentication logs for accounting records
      6. Re-authentication
    2. Configure traffic redirection to Cisco Secure Web Appliance using a transparent proxy with WCCP, PBR, or an L4 switch
    3. Describe the FTP proxy authentication
    4. Troubleshoot authentication issues
  5. 10% Decryption Policies to Control HTTPS Traffic
    1. Describe SSL and TLS inspection
    2. Configure HTTPS capabilities
      1. HTTPS decryption policies
      2. HTTPS proxy function
      3. ACL tags for HTTPS inspection
      4. HTTPS proxy and verify TLS/SSL decryption
      5. Certificate types used for HTTPS decryption
    3. Configure self-signed and intermediate certificates within SSL/TLS transactions
  6. 10% Differentiated Traffic Access Policies and Identification Profiles
    1. Describe access policies
    2. Describe identification profiles and authentication
    3. Troubleshoot using access logs
  7. 10% Acceptable Use Control
    1. Configure URL filtering
    2. Configure time-based and traffic volume acceptable use policies and end user notifications
    3. Configure web application visibility and control (Office 365, third-party feeds)
    4. Create a corporate global acceptable use policy
    5. Implement policy trace tool to verify corporate global acceptable use policy
    6. Configure Secure Web Appliance to inspect archive file types
  8. 10% Malware Defense
    1. Describe scanning engines
    2. Configure file reputation filtering and file analysis
    3. Describe the Cisco Secure Endpoint
    4. Describe integration with Cognitive Intelligence
  9. 10% Reporting and Tracking Web Transactions
    1. Configure and analyze web tracking reports
    2. Configure Cisco Advanced Web Security Reporting (AWSR)
      1. Basic web usage
      2. Custom filters
    3. Troubleshoot connectivity issues
    4. Interpret system health using the System Health Dashboard
    5. Describe REST API support