300-415 Question #119: Real Exam Question with Answer & Explanation

The correct answer is A: classification of 1400+ layer 7 applications. The Cisco SD-WAN application firewall provides Layer 7 classification for over 1400 applications and can block traffic based on specific applications or their families.

Security and Quality of Service

Question

Which two features does the application firewall provide? (Choose two.)

Options

Aclassification of 1400+ layer 7 applications
Bblocks traffic by application or application-family
Cnumbered sequences of match-action pairs
Dclassification of 1000+ layer 4 applications
Eapplication match parameters

Explanation

The Cisco SD-WAN application firewall provides Layer 7 classification for over 1400 applications and can block traffic based on specific applications or their families.

Common mistakes.

C. Numbered sequences of match-action pairs describe a general policy configuration method, not a specific feature of the application firewall itself.
D. While firewalls handle Layer 4, the primary distinguishing feature of an application firewall is its ability to classify and act upon Layer 7 applications, and the '1000+' number for Layer 4 applications is not a specific feature or count of the SD-WAN application firewall.
E. Application match parameters are configuration elements used to define policies, not a specific feature provided by the application firewall itself.

Concept tested. SD-WAN application firewall features (Layer 7 classification, blocking)

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/m-sdwan-security.html

Topics

#Application Firewall#Layer 7 Classification#Traffic Control#SD-WAN Security

Community Discussion

No community discussion yet for this question.

Full 300-415 Practice