WATCHGUARD NETWORK SECURITY ESSENTIALS CLOUD EXAM, Exams of Computer Science

WATCHGUARD NETWORK SECURITY ESSENTIALS CLOUD EXAM WATCHGUARD NETWORK SECURITY ESSENTIALS CLOUD EXAM

Typology: Exams

2025/2026

Available from 06/12/2026

nurse-wendy
nurse-wendy 🇺🇸

2.3K documents

1 / 14

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
WATCHGUARD NETWORK
SECURITY ESSENTIALS CLOUD
EXAM
Route to 10.0.20.0/24, Gateway 10.0.2.254 - ANSWERS-Clients on
the trusted network need to connect to a server behind a router on the
optional network. Based on this image, what static route must be
added to the Firebox for traffic from clients on the trusted network to
reach a server at 10.0.20.100? (Select one.)
A.
Route to 10.0.20.0/24, Gateway 10.0.2.1
B.
Route to 10.0.20.0/24, Gateway 10.0.2.254
C.
Route to 10.0.20.0, Gateway 10.0.2.254
D.
Route to 10.0.10.0/24, Gateway 10.0.10.1
Which of these options are private IPv4 addresses you can assign to a
trusted interface, as described in RFC 1918, Address Allocation for
Private Internets?(Select three.)
A.
192.168.50.1/24
B.
10.50.1.1/16
C.
198.51.100.1/24
D.
172.16.0.1/16
E.
192.0.2.1/24 - ANSWERS-192.168.50.1/24
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe

Partial preview of the text

Download WATCHGUARD NETWORK SECURITY ESSENTIALS CLOUD EXAM and more Exams Computer Science in PDF only on Docsity!

WATCHGUARD NETWORK

SECURITY ESSENTIALS CLOUD

EXAM

Route to 10.0.20.0/24, Gateway 10.0.2.254 - ANSWERS-Clients on the trusted network need to connect to a server behind a router on the optional network. Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.) A. Route to 10.0.20.0/24, Gateway 10.0.2. B. Route to 10.0.20.0/24, Gateway 10.0.2. C. Route to 10.0.20.0, Gateway 10.0.2. D. Route to 10.0.10.0/24, Gateway 10.0.10. Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets?(Select three.) A. 192.168.50.1/ B. 10.50.1.1/ C. 198.51.100.1/ D. 172.16.0.1/ E. 192.0.2.1/24 - ANSWERS-192.168.50.1/

*If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.) A. HTTP port 80 B. NAT policy C. FTP port 21 D. HTTPS port 443 E. DNS port 53 - ANSWERS-HTTP port 80 HTTPS port 443 DNS port 53 The default Outgoing policy has been removed and there is no policy to allow DNS traffic. - ANSWERS-This question was on the exam but the picture was a Watchguard Cloud policy Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.) A. The default Outgoing policy has been removed and there is no policy to allow DNS traffic.

Allows a user on the trusted or optional network to connect to a public server that is on the same physical Firebox interface by its public IP address or domain name. (Choose one) A. 1 - to1 NAT B. Dynamic NAT C. NAT Loopback - ANSWERS-NAT Loopback True of false: a First Run/Last Run policy analyzes traffic at the application, transport, network layers? - ANSWERS-False There are two networks one on floor 1 subnet 192.168.3.0/24 and one network on floor 2 192.168.2.0/24. What route needs to be added so people on floor 1 can reach a server on floor 2. A. A static route from 1 to 2 B. No changes need to be made networks on the same subnet. C. A static route from 2 to 1 D. A static route from 1 to 2 and 2 to 1 - ANSWERS-A static route from 1 to 2 and 2 to 1 If a connection fails to fail over and your boss wants you tell him why it didn't failover? SDWAN ping policy wasn't setup Link monitor failed Link monitor was set to gradually fall back

Link Monitor was set tp ping the default gateway but the outage happened further upstream Basically know exactly how link monitor works - ANSWERS-. You can edit the Advanced settings in an outbound policy to override the global dynamic NAT policy T/F - ANSWERS-?? What does the Firebox do with Outgoing connections that don't apply to a policy? A. Send traffic to the default gateway B. Blocks traffic C. Denies traffic D. Drops traffic - ANSWERS-?? Can two internal networks communicate with each other using the default HTTPS policy? - ANSWERS-?? What NAT allows connection to a server on the internet? - ANSWERS-Dynamic NAT What are the requirements IntelligentAV? - ANSWERS-Need to look up How much RAM, series? etc. There was one odd question where it asked for 3 things

What are Class A, B, and C IP/Subnets? - ANSWERS-A: 1.0.0.0 -

  • HTTP Port - ANSWERS-TCP
  • HTTPS Port - ANSWERS-TCP
  • FTP Port - ANSWERS-TCP 20,
  • SMTP Port - ANSWERS-TCP
  • SSH Port - ANSWERS-TCP
  • POP3 Port - ANSWERS-TCP
  • Telnet Port - ANSWERS-TCP
  • IMAP Port - ANSWERS-TCP
  • NTP Port - ANSWERS-TCP
  • SNMP Port - ANSWERS-UDP
  • 126.255.255.

255.0.0.0 or / B: 128.0.0.0 - 191.255.255. 255.255.0.0 or / C. 192.0.0.0 - 223.255.255. 255.255.255.0 or / List the Private IP ranges - ANSWERS-10.0.0.0 - 10.255.255. 172.16.0.0 - 172.31.255. 192.168.0.0 - 192.168.255. Uses Watchguard Query Language to search log messages stored in Watchguard Cloud - ANSWERS-Log Search Sees logs sent by your Firebox to WG Cloud. Has a log frequency graph that shows the range of log message data for your selected device - ANSWERS-Log Mangager Real-time, aggregate information about the traffic through your Firebox - ANSWERS-FireWatch

Rejects packets that could be a security risk like IP spoofing attack or SYN flood attack Throttles a Distributed Denial of Service attack Blocks and Drops traffic for dangerous activities/port scans - ANSWERS-Default Packet Handling Security service that monitors outbound requests and uses content filters to block connections to domains that are malicious - ANSWERS-DNS Watch IP masquerading. Changes the source IP for outgoing connections - ANSWERS-Dynamic NAT Port Forwarding (Port Mapping). Allows inbound connections on specific ports to one or more public servers - ANSWERS-Static NAT Enables your Firebox to connect to more than one ISP - ANSWERS- Multi-WAN One external interface is primary, others backup. If primary goes down, traffic goes out the next interface - ANSWERS-Failover

Firebox distributes routing of outbound connections through multiple external networks at the same time based on weight - ANSWERS- Round Robin Monitors the physical link state using kernel-level drivers Monitors logical link state by sending ping, TCP, or DNS probes to specified targets to determine connectivity. - ANSWERS-Link Monitoring Software based routing solution. Can include external, internal and guest networks. Automatically routes network traffic across multiple WAN connections based on policies you define - ANSWERS-SD- WAN Allow or deny traffic based on both packet header information and connection content. Control which security services and policy settings are available - ANSWERS-Core Policies Allow or deny traffic based only on packet header information such as source and destination IP, port and protocol - ANSWERS-First Run/Last Run Cloud-based security service integrated with your firebox that monitors, resolves, and filters OUTBOUND requests received from the firebox. Blocks connections from users to malicious clickjacking and phishing domains - ANSWERS-DNSWatch

Performs threat analysis in a cloud-based sandbox to search for attacks that use targeted malware and zero-day exploits - ANSWERS- APT Blocker Must enable Gateway Antivirus first Rus after Gateway Antivirus and IntelligentAV (if enabled) Signature based. Uses signatures to monitor and control the use of web-based applications - ANSWERS-Application Control Uses a database that groups website addresses into content categories. Controls what websites are available to your users - ANSWERS- WebBlocker Cloud-based service, uses industry-leading anti-spam technology to block spam at your Internet Gateway - ANSWERS-spamBlocker Looks for patterns in spam traffic, not individual message content Uses a combo of rules, pattern matching, and sender reputation What is ARP? - ANSWERS-Protocol that associates the IP address with the MAC address of a network device What VPN type uses an app - ANSWERS-SSL

What are Default Threat Protection's three components? - ANSWERS-Default Packet Handling Blocked Sites Blocked Ports