MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.
Question2: When your device is in a default state, to which interface do you connect your management computer so you can use the Quick Setup Wizard or Web Setup Wizard to configure the device? (Select one.)
Question3: Match each type of NAT with the correct description:Conserves IP addresses and hides the internal topology of your network. (Choose one)
Question4: If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)
Question5: Which of these services would you use to allow the use of P2P programs for a specific department in your organization? (Select one.)
Question6: If you use an external authentication server for mobile VPN, which option must you complete before remote users can authenticate? (Select one.)
Question7: To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)
Question8: Clients on the trusted network need to connect to a server behind a router on the optional network. Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.)
Question9: After you enable spamBlocker, your users experience no reduction in the amount of spam they receive.What could explain this? (Select three.)
Question10: Which policies can use the Intrusion Prevention Service to block network attacks? (Select one?)
Question11: In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)
Question12: Match each type of NAT with the correct description:Allows a user on the trusted or optional network to connect to a public server that is on the same physical Firebox interface by its public IP address or domain name. (Choose one)
Question13: You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select one.)
Question14: Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets? (Select three.)
Question15: The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.
Question16: In the default Firebox configuration file, which policies control management access to the device? (Select two.)
Question17: For which of these third party authentication methods must you specify a search base? (Select two.)
Question18: You configured four Device Administrator user accounts for your Firebox. To see a report of witch Device Management users have made changes to the device configuration, what must you do? (Select two.)
Question19: From the SMTP proxy action settings in this image, which of these options is configured for outgoing SMTP traffic? (Select one.)
Question20: You can configure the SMTP-proxy policy to restrict email messages and email content based on which of these message characteristics? (Select four.)
Question21: What is one reason that users could see a certificate warning in their web browsers when they connect to Fireware XTM Web UI? (Select one.)
Question22: In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)
Question23: To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)
Question24: How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2?(Select one.)
Question25: Which takes precedence: WebBlocker category match or a WebBlocker exception?
Question26: A local branch office VPN tunnel route is configured as shown in this image. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.)
Question27: If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? (Select one.)
Question28: Match each WatchGuard Subscription Service with its function.Prevents accidental or unauthorized transmission of confidential information outside your network.(Choose one).
Question29: You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? (Select one.)
Question30: Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.)
Question31: What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? (Select two.)
Question32: Match each WatchGuard Subscription Service with its function.Uses signatures to provide real-time protection against network attacks. (Choose one).
Question33: An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
Question34: From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.
Question35: The IP address for the trusted interface on your Firebox is 10.0.40.1/24, but you want to change the IP address for this interface. How can you avoid a network outage for clients on the trusted network when you change the interface IP address to 10.0.50.1/24? (Select one.)
Question36: After you enable Gateway AntiVirus, IPS, or Application control, how can you make sure the services protect your network from the latest known threats? (Select one.)
Question37: Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
Question38: Match each WatchGuard Subscription Service with its function.Scans files to detect malicious software infections. (Choose one).
Question39: When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)
Question40: How is a proxy policy different from a packet filter policy? (Select two.)
Question41: Your company denies downloads of executable files from all websites. What can you do to allow users on the network to download executable files from the company's remote website? (Select one.)
Question42: What is the best method to downgrade the version of Fireware OS on your Firebox without losing all device configuration settings? (Select one.)
Question43: Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)
Question44: Which WatchGuard Subscription Service must be enabled in a proxy policy before you can use APT Blocker? (Select one.)
Question45: Match each type of NAT with the correct description:Changes and routes all incoming and outgoing packets sent from one range of addresses to a different range of addresses. (Choose one)
Question46: You can use Firebox System Manager to download a PCAP file that includes packet information about the protocols that manage traffic on your network.
Question47: When you configure the Global Application Control action, it is automatically applied to all policies.
Question48: Match each WatchGuard Subscription Service with its function.Controls access to website based on content categories. . (Choose one).
Question49: When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning message in their browsers? (Select one.)
Question50: Only 50 clients on the trusted network of your Firebox can connect to the Internet at the same time. What could cause this? (Select one.)
Question51: Match each WatchGuard Subscription Service with its function.A repository where email messages can be sent based on analysis by spamBlocker, Gateway AntiVirus, or Data Loss Prevention. (Choose one).
Question52: How can you include log messages from more than one Firebox in a single report generated by Dimension? (Select two.)
Question53: In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)
Question54: A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download of the installation file? (Select one.)
Question55: Match each WatchGuard Subscription Service with its function.Manages use of applications on your network. (Choose one).
Question56: You can configure your Firebox to automatically redirect users to the Authentication Portal page.
Question57: You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
Question58: To prevent certificate error warnings in your browser when you use deep content inspection with the HTTPS proxy, you can export the proxy authority certificate from the Firebox and import that certificate to all client devices.
Question59: You can use Firebox-DB authentication with any type of Mobile VPN.
Question60: Which WatchGuard tools can you use to review the log messages generated by your Firebox? (Select three).
Question61: While troubleshooting a branch office VPN tunnel, you see this log message:2 014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AESWhat settings could you modify in the local device configuration to resolve this issue? (Select one.)
Question62: Match each WatchGuard Subscription Service with its function.Uses rules, pattern matching, and sender reputation to block unwanted email messages. (Choose one).
Question63: From the Fireware Web UI, you can generate a report that shows your device configuration settings.