Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
57 Cards in this Set
- Front
- Back
|
You can use Firebox-DB authentication with any type of Mobile VPN True or False |
True |
|
|
From the Firebox System Manager > Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them True or False? |
True |
|
|
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? a. 192.168.1.0/24 b. 172.16.10.0/24 c. 10.0.1.0/24 d. 10.0.10.0/24 |
C. 10.0.1.0/24 |
|
|
When you configure the Global Application Control action, it is automatically applied to all policies? True or False |
False |
|
|
You can configure your Firebox to automatically redirect users to the Authentication Portal page? True or False |
True |
|
|
From the Fireware Web UI, you can generate a report that shows your device configuration settings True or False? |
True |
|
|
Which takes precedence: WebBlocker category match or a WebBlocker Exception |
WebBlocker Exception |
|
|
Which of these actions adds a host to the temporary or permanent blocked sites list? a. Enable the AUTO-block sites that attempt to connect option in a deny policy b. Add the site to the Blocked Sites Exceptions List c. Add Site to Blocked Sites List |
A: Enable the Auto-Block sites that attempt to connect option in a deny policy C: Add site to blocked sites list |
|
|
You can configure the SMTP-proxy policy to restrict email messages and email content based on which of these message characteristics? |
a. Sender Mail From address b. Attachment file and content type C. Maximum Email Size D. Number of Addresses |
|
|
After you enable Gateway AntiVirus, IPS, or Application Control, how can you make sure the services protect your network from the latest known threats? |
Enable automatic signature updates |
|
|
When your device is in a default state, to which interface do you connect your management computer so you can use the Quick Setup Wizard or Web Setup Wizard to configure the device? |
Interface 1 |
|
|
How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2? |
Remove the Optional Alias from Eth2 |
|
|
The IP address for the trusted interface on your Firebox is 10.0.40.1/24, but you want to change the IP address for this interface. How can you avoid a network outage for clients on the trusted network when you change the interface IP address to 10.0.50.1/24? |
Add 10.0.40.1/24 as a secondary IP address for the interface. |
|
|
To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? |
Add the IP address for this instance of Dimension, and the Log Server Encryption Key you specified in the Setup Wizard, to the WatchGuard Log Server list. |
|
|
Which policies can use the Intrusion Prevention Service to block network attacks? |
All Policies |
|
|
Which items are included in a Firebox backup image? |
It includes the XTM device OS, configuration file, feature keys, Device Management users, passphrases, DHCP leases, and certificates. The backup image also includes any event notification settings that you configured in Traffic Monitor. |
|
|
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log message mean? |
An unhandled packet is a packet that does not match any policy rule. |
|
|
If you use an external authentication server for mobile VPN, which option must you complete before remote users can authenticate? |
If you create a Mobile VPN user group that authenticates to a third-party server, make sure you create a group on the server that has the same name as the name you added for the Mobile VPN group. |
|
|
How can you include log messages from more than one Firebox in a single report generated by Dimension? |
1. Add the devices to one group
2. Include them in the scheduled reports |
|
|
You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? |
As many as you have configured on your network |
|
|
Which of these services would you use to allow the use of P2P programs for a specific department in your organization? |
Application Control |
|
|
Which WatchGuard Subscription Service must be enabled in a proxy policy before you can use APT Blocker? |
Gateway Antivirus |
|
|
Which of these threats can the Firebox prevent with the default packet handling settings? |
1. Spoofing 2. Flood Attacks (DDOS) 3. Block all traffic to and from an address 4. Probes |
|
|
When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning message in their browsers? |
If you want to remove this warning, you can use a third-party certificate or create a custom certificate that matches the IP address or domain name used for authentication. |
|
|
The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces. |
False |
|
|
Only 50 clients on the trusted network of your Firebox can connect to the Internet at the same time. What could cause this? |
DHCP Address Pool only has 50 addresses |
|
|
You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? |
1-to-1 NAT |
|
|
What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? |
Configure a policy to use a proxy action that has AntiVirus settings configured. |
|
|
To prevent certificate error warnings in your browser when you use deep content inspection with the HTTPS proxy, you can export the proxy authority certificate from the Firebox and import that certificate to all client devices. True or False? |
True |
|
|
While troubleshooting a branch office VPN tunnel, you see this log message:2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES. What settings could you modify in the local device configuration to resolve this issue? |
BOVPN GatewaySettings |
|
|
You configured four Device Administrator user accounts for your Firebox. To see a report of witch Device Management users have made changes to the device configuration, what must you do? |
Connect to Report Manager or Dimension and view the Audit Trail report for your device. |
|
|
For which of these third party authentication methods must you specify a search base? |
Active Directory and LDAP |
|
|
Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets? |
192.168.50.1/24 |
|
|
In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? |
The most secure option is to require that all remote user Internet traffic is routed through the VPN tunnel to the XTM device. Then, the traffic is sent back out to the Internet. With this configuration (known as default-route VPN), the XTM device is able to examine all traffic and provide increased security, although it uses more processing power and bandwidth |
|
|
How is a proxy policy different from a packet filter policy? |
A Proxy examines the packet content. A proxy operates at the application layer, as well as the network and transport layers of a TCP/IP packet, while a packet filter operates only at the network and transport protocol layer. |
|
|
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTPproxy policy? |
Add example.com to HTTP-Proxy exception |
|
|
What is the best method to downgrade the version of Fireware OS on your Firebox without losing all device configuration settings? |
Restore a saved backup image that was created for the device before the last Fireware OS upgrade. |
|
|
After you enable spamBlocker, your users experience no reduction in the amount of spam they receive. What could explain this? |
1. No POP3 or SMTP proxy to scan inbound mail 2. DNS is not configured to resolve the spamBlocker addresses |
|
|
In the default Firebox configuration file, which policies control management access to the device? |
Watchguard and Watchguard Web UI |
|
|
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? |
1. Deep inspection of HTTPS content 2. Data Loss Prevention |
|
|
Which authentication servers can you use with your Firebox? |
Fire-DB, RADIUS, VASCO, SecurID, LDAP and Active Directory |
|
|
Your company denies downloads of executable files from all websites. What can you do to allow users on the network to download executable files from the company’s remote website? |
Add a HTTP Request URL Path for executable set to allow or Add a HTTP Body Content Type Allow rule for executable |
|
|
You can use Firebox System Manager to download a PCAP file that includes packet information about the protocols that manage traffic on your network. True or False? |
True |
|
|
Which diagnostic tasks can you run from the Traffic Monitor tab of Firebox System Manager? |
1. DNS Lookup 2. Ping 3. Traceroute 4. TCP Dump |
|
|
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? |
Static NAT |
|
|
What is one reason that users could see a certificate warning in their web browsers when they connect to Fireware XTM Web UI? |
The Firebox or XTM device uses the default self-signed certificate. |
|
|
If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? |
1. HTTP Port 80 2. HTTPS 443 3. DNS Port 53 |
|
|
A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download of the installation file? |
HTTP Request > URL Paths |
|
|
Which WatchGuard tools can you use to review the log messages generated by your Firebox? |
1. Firebox System Manager > Traffic Monitor 2. Web UI > Traffic Monitor 3. Dimension/Log Server |
|
|
An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? |
Add sender's from address to the exception list and use the Allow action |
|
|
What uses Full system emulation (CPU and memory) to scan for advanced threats? |
APT Blocker |
|
What does this policy do? |
Prevent an email relay on the example.com domain |
|
What aliases is Eth 2 apart of? |
Any, Any-Trusted, Firebox |
|
|
NAT Loopback |
NAT loopback allows a user on the trusted or optional networks to connect to a public server with its public IP address or domain name if the server is on the same physical XTM device interface. |
|
|
Dynamic NAT |
Dynamic NAT is the most frequently used type of NAT. It changes the source IP address of an outgoing connection to the public IP address of the XTM device. Outside the XTM device, you see only the external interface IP address of the XTM device on outgoing packets. |
|
|
What is RED? |
Reputation Enabled Defense
|
|
|
What is a SNAT? |
An SNAT action is a NAT mapping which replaces the original destination IP address (and optionally, port) with a new destination. |
