Fireware-Essentials Dumps Fireware-Essentials Braindumps Fireware-Essentials Real Questions Fireware-Essentials Practice Test
Fireware-Essentials Actual Questions
killexams.com
Fireware Essentials
https://killexams.com/pass4sure/exam-detail/Fireware-Essentials
You configured four Device Administrator user accounts for your Firebox.
To see a report of witch Device Management users have made changes to the device configuration, what must you do? (Select two.)
Start Firebox System Manager for the device and review the activity for the Management Users on the Authentication List tab.
Connect to Report Manager or Dimension and view the Audit Trail report for your device.
Open WatchGuard Server Center and review the configuration history for managed devices.
Configure your device to send audit trail log messages to your WatchGuard Log Server or Dimension Log Server.
Which takes precedence: WebBlocker category match or a WebBlocker exception?
WebBlocker exception
WebBlocker category match
From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.
True
False
Users on the trusted network cannot browse Internet websites.
Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)
The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
The HTTP-proxy policy is configured for the wrong port.
The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
Match each WatchGuard Subscription Service with its function:
wrong
Gateway / Antivirus APT Blocker Application Control Quarantee Server
Intrusion Prevention Server IPS Data Loss Prvention DLP Reputation Enable Defense RED
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
Access to inappropriate websites
Denial of service attacks
Flood attacks
Malware in downloaded files
Port scans
Viruses in email messages
IP spoofing
In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)
Any-optional
Any-External
Optional-1
Any
Any-Trusted
To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)
You can only send log messages to Dimension from a computer that is on the network behind your gateway Firebox.
You must change the connection settings in Dimension, not on the gateway Firebox.
You must add a policy to the remote device configuration file to allow traffic to a Dimension.
You must make sure that either the WG-Logging packet filter policy, or another policy that allows external connections to Dimension over port 4115, is included in the configuration file.
An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
Add a spamBlocker exception based on the From field of the newsletter email.
Set the spamBlocker action to quarantine the email for later retrieval.
Add a spamBlocker subject tag for bulk email messages.
Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.
You can use Firebox-DB authentication with any type of Mobile VPN.
True
False
You can configure your Firebox to automatically redirect users to the Authentication Portal page.
True
False
Your company denies downloads of executable files from all websites.
What can you do to allow users on the network to download executable files from the companyâs remote website? (Select one.)
Add an HTTP proxy exception for the companyâs remote website.
Create a WebBlocker exception to allow access to the companyâs remote website.
Create an IPS exception.
Create a Blocked Sites exception.
Configure HTTP Request > URL Paths to allow the companyâs remote website.
You have a privately addressed email server behind your Firebox.
If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
In the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113.25.
Create a global dynamic NAT rule for traffic from the email server and set the source IP address to 203.0.113.25.
Create a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25.
While troubleshooting a branch office VPN tunnel, you see this log message:
2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES What settings could you modify in the local device configuration to resolve this issue? (Select one.)
BOVPN Gateway settings
BOVPN-Allow policies
BOVPN Tunnel settings
BOVPN Tunnel Route settings
Explanation:
The WatchGuard BOVPN settings error in this example states phase one encryption. Only the BOVPN Gateway settings can specify phase one settings. BOVPN Tunnel settings specify phase 2 settings.
Which WatchGuard tools can you use to review the log messages generated by your Firebox? (Select three).
Firebox System Manager > Traffic Monitor
Fireware XTM Web UI > Traffic Monitor
Firebox System Manager > Status Report
Dimension > Log manager
WatchGuard System Manager > Policy Manager