Which of the following functions can you perform with the advancedproxyconfig command on a Cisco WSA? (Choose two.)
A. set the maximum HTTP header size or URL size for proxy requests
B. set a minimum upload request body size for external DLP servers
C. take a snapshot of the proxy
D. allow or block content-encoding types
E. set a minimum upload request body size for Cisco Data Security Filters
F. set the URI logging style
Explanation:
You can set the Universal Resource Identifier (URI) logging style as well as allow or block content-encoding types with the advancedproxyconfig command on a Cisco Web Security Appliance (WSA). The Cisco WSA is a web gateway that is designed to mitigate web-based attacks, enforce acceptable use policies, and provide detailed reporting features. Like the Cisco Email Security Appliance (ESA) and the Cisco Content Security Management Appliance (SMA), the Cisco WSA uses AsyncOS commands.
The advancedproxyconfig command offers the following subcommands:
• AUTHENTICATION – configures authentication options
• CACHING – configures the proxy caching mode
• DNS – configures Domain Name System (DNS) options
• EUN – configures end-user notification parameters
• NATIVEFTP – configures File Transfer Protocol (FTP) proxy options
• FTPOVERHTTP – configures FTP over Hypertext Transfer Protocol (HTTP) options
• Highperformance – enables or disables high performance mode
• HTTPS – configures HTTP Secure (HTTPS) options, including the URI logging style
• SCANNING – configures malware scanning options
• SCANNERS – excludes Multipurpose Internet Mail Extension (MIME) types from being scanned by the Advanced Malware Protection (AMP) engine
• PROXYCONN – specifies user agents that cannot accept the proxy connection header
• CUSTOMHEADERS – manages custom request headers for specific domains
• MISCELLANEOUS – configures miscellaneous parameters
• SOCKS – configures SOCKS proxy options
• CONTENT-ENCODING – allows or blocks content-encoding types, such as compress, deflate, and gzip
You cannot take a snapshot of the proxy with the advancedproxyconfig command. To take a snapshot of the proxy, you should issue the diagnostic command with the PROXY subcommand, then choose the SNAP operation. You can also take the proxy offline with the OFFLINE operation, resume proxy traffic with the RESUME operation, and clear the proxy cache with the CACHE option.
You cannot set the maximum HTTP header size or Uniform Resource Locator (URL) size for proxy requests with the advancedproxyconfig command. To set the maximum HTTP header size or URL size for proxy requests, you should issue the maxhttpheadersize command. Policy Trace can fail if an HTTP response header or URL size is greater than this configured value.
You cannot set a minimum upload request body size for Cisco Data Security Filters with the advancedproxyconfig command. To set a minimum upload request body size for Cisco Data Security Filters, you should issue the datasecurityconfig command. By default, the minimum upload request body size is 4 kilobytes (KB). Upload requests that are smaller than the minimum request body size are not scanned by the Cisco Data Security Filters.
You cannot set a minimum upload request body size for external data loss protection (DLP) servers with the advancedproxyconfig command. To set a minimum upload request body size for external DLP servers, you should issue the externaldlpconfig command. By default, the minimum request body size is 4 KB. Upload requests that are smaller than the minimum request body size are not scanned by external DLP servers.
Reference: https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa_12-5/User-Guide/b_WSA_UserGuide_12_5/b_WSA_UserGuide_11_7_appendix_011000.html
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa_12-5/User-Guide/b_WSA_UserGuide_12_5/b_WSA_UserGuide_11_7_chapter_010000.html