350-701 · Question #90
Drag and Drop Question Drag and drop the capabilities from the left onto the correct technologies on the right. Answer:
The correct answer is superior threat prevention and mitigation for known and unknown threats; detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks; application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs; combined integrated solution of strong defense and web protection, visibility, and controlling solutions. Drag-and-Drop Explanation: Security Technology Capabilities This question maps security capabilities to specific security technologies (most likely Cisco security products: NGIPS, AMP, NGFW, and WSA/CWS). --- Position 1 -> "Superior threat prevention and mitigation for known and
Question
Drag and Drop Question Drag and drop the capabilities from the left onto the correct technologies on the right. Answer:
Exhibit
Answer Area
Drag items
Correct arrangement
- superior threat prevention and mitigation for known and unknown threats
- detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks
- application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs
- combined integrated solution of strong defense and web protection, visibility, and controlling solutions
Explanation
Drag-and-Drop Explanation: Security Technology Capabilities
This question maps security capabilities to specific security technologies (most likely Cisco security products: NGIPS, AMP, NGFW, and WSA/CWS).
Position 1 -> "Superior threat prevention and mitigation for known and unknown threats"
Technology: Next-Generation IPS (NGIPS)
NGIPS is purpose-built for deep packet inspection and threat prevention at the network layer. It handles both signature-based (known) and behavioral/heuristic-based (unknown) threats. The keyword "prevention and mitigation" distinguishes it from tools that only detect.
Position 2 -> "Detection, blocking, tracking, analysis, and remediation to protect against targeted persistent malware attacks"
Technology: Advanced Malware Protection (AMP)
AMP's defining feature is its full lifecycle coverage - it doesn't just block malware on entry; it continuously tracks files, performs retrospective analysis, and remediates after the fact. The phrase "targeted persistent malware attacks" (APTs) is the key signal - AMP is specifically designed for advanced, evasive threats.
Common mistake: Confusing this with NGIPS. NGIPS prevents threats at the network level but doesn't provide post-infection tracking and remediation.
Position 3 -> "Application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs"
Technology: Next-Generation Firewall (NGFW)
NGFW operates at Layer 7 (application layer), enabling granular control over specific applications and URLs - not just ports and protocols. The ability to define custom application policies is a core NGFW differentiator over traditional firewalls.
Common mistake: Confusing this with a Web Security Appliance. NGFW applies to all application traffic broadly; WSA is web-specific.
Position 4 -> "Combined integrated solution of strong defense and web protection, visibility, and controlling solutions"
Technology: Web Security Appliance (WSA) / Cloud Web Security (CWS)
WSA/CWS is explicitly an integrated platform combining multiple capabilities (malware defense + web filtering + visibility + control) into one solution. The word "combined integrated solution" is the giveaway - it's not a single-function tool but a unified web security platform.
Key Takeaway
| Position | Technology | Core Differentiator |
|---|---|---|
| 1 | NGIPS | Known + unknown threat prevention |
| 2 | AMP | Malware lifecycle - track, analyze, remediate |
| 3 | NGFW | Application-layer policy and URL control |
| 4 | WSA/CWS | Integrated web defense + visibility platform |
The most common mistake is swapping AMP (2) and NGIPS (1) - remember AMP = remediation lifecycle, NGIPS = active prevention.
Topics
Community Discussion
No community discussion yet for this question.
