EMT Practice Test

1. Question Content...


Question List

Question1: HOTSPOT
Match each WatchGuard Subscription Service with its function:

Question2: You can configure your Firebox to automatically redirect users to the Authentication Portal page.

Question3: You can configure the SMTP-proxy policy to restrict email messages and email content based on which of these message characteristics? (Select four.)

Question4: From the SMTP proxy action settings in this image, which of these options is configured for outgoing SMTP traffic? (Select one.)

Question5: You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select one.)

Question6: What is one reason that users could see a certificate warning in their web browsers when they connect to Fireware XTM Web UI? (Select one.)

Question7: Match each WatchGuard Subscription Service with its function.
A repository where email messages can be sent based on analysis by spamBlocker, Gateway AntiVirus, or Data Loss Prevention. (Choose one).

Question8: When your device is in a default state, to which interface do you connect your management computer so you can use the Quick Setup Wizard or Web Setup Wizard to configure the device? (Select one.)

Question9: The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.

Question10: In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)

Question11: While troubleshooting a branch office VPN tunnel, you see this log message:
2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES
What settings could you modify in the local device configuration to resolve this issue? (Select one.)

Question12: A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download of the installation file? (Select one.)

Question13: The IP address for the trusted interface on your Firebox is 10.0.40.1/24, but you want to change the IP address for this interface. How can you avoid a network outage for clients on the trusted network when you change the interface IP address to 10.0.50.1/24? (Select one.)

Question14: In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)

Question15: When you configure the Global Application Control action, it is automatically applied to all policies.

Question16: How is a proxy policy different from a packet filter policy? (Select two.)

Question17: You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? (Select one.)

Question18: In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)

Question19: From the Fireware Web UI, you can generate a report that shows your device configuration settings.

Question20: A local branch office VPN tunnel route is configured as shown in this image. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.)

Question21: Match each WatchGuard Subscription Service with its function.
Uses signatures to provide real-time protection against network attacks. (Choose one).

Question22: In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)

Question23: You configured four Device Administrator user accounts for your Firebox. To see a report of witch Device Management users have made changes to the device configuration, what must you do? (Select two.)

Question24: Your company denies downloads of executable files from all websites. What can you do to allow users on the network to download executable files from the company's remote website? (Select one.)

Question25: To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)

Question26: In the default Firebox configuration file, which policies control management access to the device? (Select two.)

Question27: Match each WatchGuard Subscription Service with its function.
Scans files to detect malicious software infections. (Choose one).

Question28: Clients on the trusted network need to connect to a server behind a router on the optional network. Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.)

Question29: What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? (Select two.)

Question30: An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? (Select one.)

Question31: When you configure the Global Application Control action, it is automatically applied to all policies.

Question32: From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.

Question33: You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select one.)

Question34: How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2?
(Select one.)

Question35: Which takes precedence: WebBlocker category match or a WebBlocker exception?

Question36: You can configure your Firebox to automatically redirect users to the Authentication Portal page.

Question37: If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)

Question38: What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? (Select two.)

Question39: In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)

Question40: You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)

Question41: You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)

Question42: What is the best method to downgrade the version of Fireware OS on your Firebox without losing all device configuration settings? (Select one.)

Question43: If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)

Question44: Clients on the trusted network need to connect to a server behind a router on the optional network. Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.)

Question45: In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)

Question46: Which WatchGuard Subscription Service must be enabled in a proxy policy before you can use APT Blocker?
(Select one.)

Question47: In the default Firebox configuration file, which policies control management access to the device? (Select two.)

Question48: You can use Firebox System Manager to download a PCAP file that includes packet information about the protocols that manage traffic on your network.

Question49: After you enable Gateway AntiVirus, IPS, or Application control, how can you make sure the services protect your network from the latest known threats? (Select one.)

Question50: Which policies can use the Intrusion Prevention Service to block network attacks? (Select one?)

Question51: Match each type of NAT with the correct description:
Conserves IP addresses and hides the internal topology of your network. (Choose one)

Question52: When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning message in their browsers? (Select one.)

Question53: In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)

Question54: Which WatchGuard tools can you use to review the log messages generated by your Firebox? (Select three).

Question55: If you use an external authentication server for mobile VPN, which option must you complete before remote users can authenticate? (Select one.)

Question56: How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2? (Select one.)

Question57: To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)

Question58: With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.

Question59: You can configure the SMTP-proxy policy to restrict email messages and email content based on which of these message characteristics? (Select four.)

Question60: If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? (Select one.)

Question61: Match each type of NAT with the correct description:
Conserves IP addresses and hides the internal topology of your network. (Choose one)

Question62: Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.)