nerdexam
Exams300-415Questions#329
Cisco

300-415 · Question #329

300-415 Question #329: Real Exam Question with Answer & Explanation

The correct answer is B: Enterprise Firewall. Cisco SD-WAN vEdge devices provide advanced security capabilities, including an Enterprise Firewall and integrated Cisco AMP with Threat Grid.

WAN Edge Router Deployment

Question

Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)

Options

  • ACisco Umbrella DNS Security
  • BEnterprise Firewall
  • Csnort intrusion prevention system
  • DCisco AMP and AMP Threat Grid
  • EURL filtering

Explanation

Cisco SD-WAN vEdge devices provide advanced security capabilities, including an Enterprise Firewall and integrated Cisco AMP with Threat Grid.

Common mistakes.

  • A. While Cisco Umbrella can integrate with SD-WAN, its DNS security feature is not directly 'on the vEdge device' as a built-in feature in the same manner as the firewall or AMP.
  • C. Snort IPS is primarily associated with dedicated security appliances like Firepower, and while some IPS functionalities exist, 'Snort intrusion prevention system' specifically is not a standard advanced security feature directly built into the vEdge platform itself in this context.
  • E. URL filtering is typically part of a more comprehensive security solution often leveraging a cloud-based service like Umbrella or a dedicated proxy, rather than a standalone advanced security feature on vEdge.

Concept tested. Cisco SD-WAN vEdge advanced security features

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-17-book/sdwan-security-config.html

Topics

#SD-WAN Security#WAN Edge Security Features#Enterprise Firewall#Advanced Malware Protection (AMP)

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice