300-415 Question #411: Real Exam Question with Answer & Explanation

The correct answer is B: DNS-layer enforcement. DNS-layer enforcement in SD-WAN security solutions effectively blocks malware, phishing, and inappropriate content requests by resolving domain names against a threat intelligence database before a connection is even established.

Security and Quality of Service

Question

Which feature blocks malware, phishing, and unacceptable requests to provide faster internet access to users in SD-WAN security solutions?

Options

ASaaS usage controls
BDNS-layer enforcement
Ccloud-delivered firewall
Dcorrelated threat intel

Explanation

DNS-layer enforcement in SD-WAN security solutions effectively blocks malware, phishing, and inappropriate content requests by resolving domain names against a threat intelligence database before a connection is even established.

Common mistakes.

A. SaaS usage controls typically manage access to specific SaaS applications, monitor usage, or enforce policies within those applications, rather than blocking threats like malware or phishing at the network layer.
C. A cloud-delivered firewall provides broader network security, including packet inspection and intrusion prevention, but DNS-layer enforcement specifically targets threats before they reach the firewall by blocking at the domain resolution stage, which is faster for preventing initial connections.
D. Correlated threat intelligence is a source of information that enhances various security features, but it is not a direct feature that performs the blocking itself.

Concept tested. Cisco SD-WAN security features - DNS-layer enforcement

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-cr-book/security.html

Topics

#SD-WAN Security#DNS Security#Threat Prevention#URL Filtering

Community Discussion

No community discussion yet for this question.

Full 300-415 Practice