# Secure Web Gateway and Proxy Operations One-sentence definition: Operate web filtering, TLS inspection, and egress controls to reduce web-borne risk. ## Key Facts - URL categorization, malware scanning, sandbox detonation. - TLS inspection with privacy controls/exclusions; cert management. - Block risky file types; enforce acceptable use; log user attribution. - Integrate with DLP and CASB; policy exceptions time-bound. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose SWG policy to curb phishing/malware downloads. **Mnemonic:** “**Filter**, **inspect**, **enforce**.” ## Mini Scenario Q: Users bypass via direct IP—fix? A: Egress force-proxy; block direct outbound; add firewall pinholes. ## Revision Checklist - Two SWG features. - Privacy consideration. - Bypass prevention. ## Related [[Email Security Operations (SPF DKIM DMARC Sandboxing)]] · [[Data Loss Prevention (DLP) Testing (Email Web Endpoint)]] · [[Network Segmentation and NAC]] · [[Playbooks and SOAR Automation]] · [[Domain 7 - Index]]