nerdexam
Cisco

350-701 · Question #90

Drag and Drop Question Drag and drop the capabilities from the left onto the correct technologies on the right. Answer:

The correct answer is superior threat prevention and mitigation for known and unknown threats; detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks; application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs; combined integrated solution of strong defense and web protection, visibility, and controlling solutions. Drag-and-Drop Explanation: Security Technology Capabilities This question maps security capabilities to specific security technologies (most likely Cisco security products: NGIPS, AMP, NGFW, and WSA/CWS). --- Position 1 -> "Superior threat prevention and mitigation for known and

Submitted by jian89· Mar 30, 2026Content Security

Question

Drag and Drop Question Drag and drop the capabilities from the left onto the correct technologies on the right. Answer:

Exhibit

350-701 question #90 exhibit

Answer Area

Drag items

detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attackssuperior threat prevention and mitigation for known and unknown threatsapplication-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLscombined integrated solution of strong defense and web protection, visibility, and controlling solutions

Correct arrangement

  • superior threat prevention and mitigation for known and unknown threats
  • detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks
  • application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs
  • combined integrated solution of strong defense and web protection, visibility, and controlling solutions

Explanation

Drag-and-Drop Explanation: Security Technology Capabilities

This question maps security capabilities to specific security technologies (most likely Cisco security products: NGIPS, AMP, NGFW, and WSA/CWS).


Position 1 -> "Superior threat prevention and mitigation for known and unknown threats"

Technology: Next-Generation IPS (NGIPS)

NGIPS is purpose-built for deep packet inspection and threat prevention at the network layer. It handles both signature-based (known) and behavioral/heuristic-based (unknown) threats. The keyword "prevention and mitigation" distinguishes it from tools that only detect.


Position 2 -> "Detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks"

Technology: Advanced Malware Protection (AMP)

AMP's defining feature is its full lifecycle coverage - it doesn't just block malware on entry; it continuously tracks files, performs retrospective analysis, and remediates after the fact. The phrase "targeted persistent malware attacks" (APTs) is the key signal - AMP is specifically designed for advanced, evasive threats.

Common mistake: Confusing this with NGIPS. NGIPS prevents threats at the network level but doesn't provide post-infection tracking and remediation.


Position 3 -> "Application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs"

Technology: Next-Generation Firewall (NGFW)

NGFW operates at Layer 7 (application layer), enabling granular control over specific applications and URLs - not just ports and protocols. The ability to define custom application policies is a core NGFW differentiator over traditional firewalls.

Common mistake: Confusing this with a Web Security Appliance. NGFW applies to all application traffic broadly; WSA is web-specific.


Position 4 -> "Combined integrated solution of strong defense and web protection, visibility, and controlling solutions"

Technology: Web Security Appliance (WSA) / Cloud Web Security (CWS)

WSA/CWS is explicitly an integrated platform combining multiple capabilities (malware defense + web filtering + visibility + control) into one solution. The word "combined integrated solution" is the giveaway - it's not a single-function tool but a unified web security platform.


Key Takeaway

PositionTechnologyCore Differentiator
1NGIPSKnown + unknown threat prevention
2AMPMalware lifecycle - track, analyze, remediate
3NGFWApplication-layer policy and URL control
4WSA/CWSIntegrated web defense + visibility platform

The most common mistake is swapping AMP (2) and NGIPS (1) - remember AMP = remediation lifecycle, NGIPS = active prevention.

Topics

#Threat Prevention#Advanced Malware Protection#Secure Web Gateway#Content Filtering

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice