Cisco
350-701 · Question #607
350-701 Question #607: Real Exam Question with Answer & Explanation
The correct answer is C. explicit forward. Client requests a website - Browser connects first to WSA - WSA connects to a website - Firewall usually only allows web traffic from proxy - DNS Resolutions done by WSA Transparent Proxy + Client requests a website + Browser tries to connect to the website + Network Device redir
Submitted by thandi_sa· Mar 30, 2026Content Security
Question
An engineer is configuring Cisco WSA and needs to ensure end clients are protected against DNS spoofing attacks. Which deployment method accomplishes this goal?
Options
- Atransparent mode
- BWeb Cache Communication Protocol
- Cexplicit forward
- Dsingle-context mode
Explanation
- Client requests a website - Browser connects first to WSA - WSA connects to a website - Firewall usually only allows web traffic from proxy - DNS Resolutions done by WSA Transparent Proxy + Client requests a website + Browser tries to connect to the website + Network Device redirects traffic to WSA using WCCP + WSA proxies the request + DNS Resolution is done by the Client
Topics
#Cisco WSA#WSA deployment modes#DNS spoofing protection#Explicit proxy
Community Discussion
No community discussion yet for this question.