WATCHGUARD NETWORK SECURITY ESSENTIALS PRAC, Exams of Social Sciences

WATCHGUARD NETWORK SECURITY ESSENTIALS PRAC

Typology: Exams

2023/2024

Available from 10/21/2024

ROCKY-B
ROCKY-B šŸ‡°šŸ‡Ŗ

4.4

(16)

40K documents

1 / 22

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
WATCHGUARD NETWORK SECURITY ESSENTIALS
PRACTICE QUIZ
What is the URL of the Firebox Authentication web page? (Select one.)
A. https://auth.watchguard.com:4100/
B. https://<trusted or optional device interface IP address>:4100/
C. http://ip address of device interface:411/
D. https://gateway IP address of Firebox:4000/ - Answers-What is the URL of the
Firebox Authentication web page?
B. https://<trusted or optional device interface IP address>:4100/
What are the four types of network interfaces you can configure on your firewall?
A. External, Trusted, Optional, Custom
B. External, Optional, Trusted, Optional
C. Trusted, Primary, Optional, DHCP
D. Optional, Trusted, Custom, Internet - Answers-What are the four types of network
interfaces you can configure on your firewall?
B. External, Trusted, Optional, Custom
True or False: In order to enable NAT Loopback on your firewall, you have to configure
this under the Dynamic NAT settings.
False
True - Answers-False. NAT Loopback does not require anything to be enabled. You
simple have to write a policy to allow it.
Choose the actions that SpamBlocker can take when configuring SpamBlocker with an
SMTP proxy. (Select five.)
1. Deny Stops the message without a reply
2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
4. Ignore Sends the message to SpamBlocker for processing
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient -
Answers-1. Deny Stops the message without a reply
2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16

Partial preview of the text

Download WATCHGUARD NETWORK SECURITY ESSENTIALS PRAC and more Exams Social Sciences in PDF only on Docsity!

WATCHGUARD NETWORK SECURITY ESSENTIALS

PRACTICE QUIZ

What is the URL of the Firebox Authentication web page? (Select one.) A. https://auth.watchguard.com:4100/ B. https://:4100/ C. http://ip address of device interface:411/ D. https://gateway IP address of Firebox:4000/ - Answers-What is the URL of the Firebox Authentication web page? B. https://:4100/ What are the four types of network interfaces you can configure on your firewall? A. External, Trusted, Optional, Custom B. External, Optional, Trusted, Optional C. Trusted, Primary, Optional, DHCP D. Optional, Trusted, Custom, Internet - Answers-What are the four types of network interfaces you can configure on your firewall? B. External, Trusted, Optional, Custom True or False: In order to enable NAT Loopback on your firewall, you have to configure this under the Dynamic NAT settings. False True - Answers-False. NAT Loopback does not require anything to be enabled. You simple have to write a policy to allow it. Choose the actions that SpamBlocker can take when configuring SpamBlocker with an SMTP proxy. (Select five.)

  1. Deny Stops the message without a reply
  2. Quarantine option: Isolates the message on a Quarantine Server
  3. Allow Option: allow messages to reach the Firebox without tags
  4. Ignore Sends the message to SpamBlocker for processing
  5. Drop Option: It drops the connection immediately and does not send error messages to the sender.
  6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient - Answers-1. Deny Stops the message without a reply
  7. Quarantine option: Isolates the message on a Quarantine Server
  8. Allow Option: allow messages to reach the Firebox without tags
  9. Drop Option: It drops the connection immediately and does not send error messages to the sender.
  10. Tag Add a "spam" tag to the email title and allow messages to reach the recipient

True False? The Firebox can only send log messages to one WatchGuard Log Server at a time. True False - Answers-False True or false? If you want to report on the use of applications that are not blocked, you must enable logging of allowed packages in each policy that has Application Control enabled. True False - Answers-True What is the default port of the Web UI? (Select one.) 8100 8080 8000 8088 - Answers- 8080 True or False: When setting up a static route, a lower metric means a lower precedence. True False - Answers-False. A lower metric indicates a higher precedence in the routing table. True or false? Dynamic NAT rewrites the IP source addresses of the packets to use the IP addresses of the outgoing interface. True False - Answers-True True or False: Policy precedence is most often determined by the alphabetical order of policy names. False True - Answers-False. Policy precedence is determined by how specific the policy is in regards to what traffic is allowed. When setting up an IPSec Mobile VPN, what must you make sure to configure?(2) IPSec Tunnel Allowed Resources IPSec Gateway Virtual IP Address Pool - Answers-IPSec Tunnel Virtual IP Address Pool When setting up a Firecluster, what requirements must you follow? Select all that apply. Each device must have a special FireCluster subscription. Each device must be running the same firmware. Each device must be the same model.

What are the benefits of Link Aggregation? Select all that apply. Allows you to bridge interfaces so your firewall can act as a switch. Allows for redundancy of interfaces. Allows for additional throughput between your firewall and switches. Creates a separate, management interface for your firewall. - Answers-Allows for redundancy of interfaces Allows for additional throughput between your firewall and switches When setting up Traffic Management on your firewall, what is the order of actions that it will be applied? Policy > Application Category > Application Application Category > Application > policy Application > Application Category > Policy Policy > Application > Application Category - Answers-Application > Application Category > Policy When going through the initial Dimension installation, what must you make sure to do? Pick all that apply. Set a static IP for the Dimension server Set an encryption password Set up account for all users that will be accessing Dimension Enter the IP of all firewalls that will be logged - Answers-Set a static IP for the Dimension server Set an encryption password How often should you backup your firebox? Every time there is a major change to the configuration Monthly Weekly Daily Never - Answers-Every time there is a major change to the configuration Through Firebox System Manager, you can run the TCP Dump command? False True - Answers-True. This option is available under Diagnostic Tasks tool Which of the following options are necessary before you can use the Quick Setup Wizard to do a basic device setup that allows more than one Internet connection (4) The model number of the firebox An account on the WG Website An IP address to give to the internal and external interfaces of the Firebox The IP address of the gateway to which to connect this appliance An active internet connection A web browser feature key - Answers-An account on the WG website An IP address to give to the internal and external interfaces of the Firebox

The IP address of the gateway to which to connect this appliance Feature Key Which format would you use to block an executable file from being uploaded through FTP? *EXE .EXE. EXE .exe - Answers-.exe You can only add one appliance administrator account to your Firebox False True - Answers-False You can save the Firebox configuration file to a local hard disk from the Web UI False True - Answers-True How many users can simultaneously enter the Web UI with the admin account?(1) 2 1 4 unlimited - Answers- 1 APT Blocker requires that you activate Gateway AntiVirus on your chosen proxy True False - Answers-True Only the trusted interface of a Firebox is capable of assigning addresses as a DHCP server True False - Answers-False Which of the following services utilize firewall-based Intrusion Prevention Services? Select all that apply. Gateway Antivirus Blocked Sites IPS Service Blocked Ports - Answers-Blocked Sites Blocked Ports When you see the log "Unhandled Internal Packet," What does this mean? The Firewall encountered an error when trying to review the traffic. Someone inside of your network tried to send outbound traffic Someone inside of your network got blocked due to WebBlocker

False - Answers-True. APT Blocker uses the same scanning engine as APT Blocker, so the GAV service must first be enabled. When adding a WebBlocker exception for .microsoft.com/ which sites would be allowed? Select all that apply. microsoft.com/updates microsoft.com/downloads updates.microsoft.com downloads.microsoft.com - Answers-All of them are correct A Feature Key can be migrated between devices True False - Answers-False The Global Application control Action applies to all policies in your configuration True False - Answers-False You can use the same VLAN ID for multiple VLANS on your firewall True False - Answers-False. Each VLAN must have a unique ID When you view appliance group reports in Dimension, the data for each Firebox is included in a separate report. True False - Answers-False. When you create a group of fixtures in Dimension, the data for each fixture in the group is included in a single report. Which of the following components are from WG System Manager(3) Router Log Viewer Policy Manager Appliance Monitor Windows NT server Management Computer Report Server - Answers-LogViewer Policy Manager Report Server What are the three components of the WG System Manager software Policy Manager, HostWatch, Dimension Policy Manager, Firebox System Manager(FSM), Management Server

Policy Manager, Report Server, Management Server Policy Manager, Firebox System Manager (FSM), HostWatch - Answers-Policy Manager, Firebox System Manager (FSM), HostWatch In order to review the traffic that passes over your HTTP policy, what do you need to make sure to do first? Turn on logging inside of WebBlocker No Change needs to be made. All policies log by default Turn up Diagnostic Logging under the Setup > Logging menu Turn on Logging in the HTTP policy. - Answers-Turn on Logging in the HTTP policy When implementing Authentication, which service can you utilize? Pick all that apply. LDAPS Active Directory Firebox Database Office 365 Single-Sign-On - Answers-LDAPS Active Directory Firebox Database To protect your DNS server from attacks, configure a proxy policy with the action DNS- incoming True False - Answers-True If you use a third-party server for VPN authentication, that server must have a user group that exactly matches the name of the VPN configuration True False - Answers-True Which of the following monitoring tools can be viewed directly on the Firebox System Manager tab?(2) CA Manager Policy Manager Traffic Monitor HostWatch Bandwidth Meter - Answers-Traffic Monitor Bandwidth Meter DLP scans incoming and outgoing smtp messages just like file transfers True False - Answers-False

Active Directory server WSM Log Server - Answers-WSM Report Server WG Dimension WSM Log Server To configure your firebox to send log messages to Dimension, in Logging Settings of your Firebox, you have to add the IP and encryption key of the Dimension Log Server, just as you would with the WSM Log Server True False - Answers-True What is the best pattern to block an Adobe PDF document in FTP uploads? {DF .p .df .pdf - Answers-.pdf What do you need to know to set up a VPN between 2 devices?(4) The IPSec certificate and the pre-shared key The public IP or domain information of the VPN remote gateway The configuration of phase 1 and phase 2 of the VPN remote gateway The private network address on the remote device where you want to send traffic The name of the gateway and tunnel on the remote VPN gateway - Answers-The IPSec certificate and the pre-shared key. The public IP or domain information of the VPN remote gateway The configuration of phase 1 and phase 2 of the VPN remote gateway The private network address on the remote device where you want to send traffic For each VLAN interface, how many untagged networks can you have? Dependent on the firewall model Four One Unlimited - Answers-One You have configured a BOVPN and have just saved the configuration on both devices. When you look at the tunnel status in Firebox System Manager, the tunnel does not appear active. What could have caused this? (3) There is no connection between the IP addresses of the external interface of each device No traffic was sent to the IP address on the other side of the tunnel There is a difference in the VPN Phase 1 or Phase 2 configuration

The name of the Gateway or the tunnel is not the same as in the remote device. - Answers-There is no connection between the IP addresses of the external interface of each device No traffic was sent to the IP address on the other side of the tunnel. There is a difference in the VPN Phase 1 or Phase 2 configuration Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets(3) 192.168.50.1/ 10.50.1.1/ 198.51.100.1/ 172.16.0.1/ 192.0.2.1/24 - Answers-192.168.50.1/ 10.50.1.1/ 172.16.0.1/ For which of these third party authentication methods must you specify a search base?(2) RADIUS Active Directory SecurID LDAP - Answers-Active Directory LDAP You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which form of NAT would you use?(1) In the SMTP policy that handles traffic from the email server, select the optin to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113. Create a global dynamic NAT rule for traffic from the email server and set the source IP address to 203.0.113. Create a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25 - Answers-Create a global dynamic NAT rule for traffic from the email server and set the source IP address to 203.0.113. Set the Dynamic NAT Source IP Address in a Network Dynamic NAT rule If you want to set the source IP address for traffic that matches a dynamic NAT rule, regardless of any policies that apply to the traffic, select Network > NAT, and add a network dynamic NAT rule that specifies the source IP address. The source IP address you specify must be on the same subnet as the primary or secondary IP address of the interface the traffic leaves. (Page 123 - Fireware Essentials Student Guide) Match each type of NAT with the correct description: Conserves IP addresses and hides the internal topology of your network. (Choose one)

In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.) Default route VPN allows your Firebox to examine all remote user traffic Default route VPN uses less bandwidth Default route VPN uses less processing power Default route VPN automatically allows dynamic NAT - Answers-Default route VPN allows your Firebox to examine all remote user traffic Match the monitoring tool to the correct task. Which tool can view a list of users connected to the Firebox? (Select one) FireBox System Manager - Blocked Sites list Log Server FireWatch Firebox System Manager - Subscription services Firebox System Manager - Authentication list Traffic Monitor - Answers-Firebox System Manager - Authentication list You can view a list of users connected to the Firebox through HostWatch, and you can also use Authentication List, which identifies the IP addresses and user names of all the users that are authenticated to the Firebox. Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181 A local branch office VPN tunnel route is configured as shown below. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.) Local: 10.0.1.0/ Remote: 10.0.20.1/ Direction Local <--> Remote 1:1 NAT: 10.0.10.0/ 10.0.1.0/ 10.0.10.0/ 10.0.20.0/24 - Answers-10.0.10.0/ If you use an external authentication server for mobile VPN, which option must you complete before remote users can authenticate? (Select one.) Create aliases for each remote user's virtual IP address. Reboot the authentication server Add the Mobile VPN user group and remote users to your authentication server. Add the remote users to a Mobile VPN user group on your Firebox. - Answers-Add the Mobile VPN user group and remote users to your authentication server. Match the monitoring tool to the correct task: Not a Fireware monitoring tool

Log Server Firewatch Firbox System Manager - Blocked State List Traffic Monitor Firebox System Manager - Subscription Services - Answers-Log Server Match the monitoring tool to the correct task: See a treemap visualization of the traffic through your Firebox Log Server Firewatch Firbox System Manager - Blocked State List Traffic Monitor Firebox System Manager - Subscription Services - Answers-Firewatch Match the monitoring tool to the correct task: Add a IP address for the Firebox to permanently block Log Server Firewatch Firbox System Manager - Blocked State List Traffic Monitor Firebox System Manager - Subscription Services - Answers-Firebox System Manager - Blocked State List Match the monitoring tool to the correct task: Ping the source of a denied packet Log Server Firewatch Firbox System Manager - Blocked State List Traffic Monitor Firebox System Manager - Subscription Services - Answers-Traffic Monitor Match the monitoring tool to the correct task: Learn the status of your IPS signature database Log Server Firewatch Firbox System Manager - Blocked State List Traffic Monitor Firebox System Manager - Subscription Services - Answers-Firebox System Manager - Subscription Services What rule in the SMTP-Outgoing proxy action can you use to prevent spam relay through your email server? Rcpt To Mail From Headers Authentication

APT Blocker - Answers-WebBlocker WebBlocker controls access to the good and bad places that are reachable on the web, preventing users from gaining access to sites that have evil intentions. If you configure WebBlocker to use the Websense cloud for WebBlocker lookups, WebBlocker uses the Websense content categories. A web site is added to a category when the content of the web site meets the criteria for the content category. Match each type of NAT with the correct description: Allows a user on the trusted or optional network to connect to a public server that is on the same physical Firebox interface by its public IP address or domain name. (Choose one) 1 - to1 NAT Dynamic NAT NAT Loopback - Answers-NAT Loopback NAT loopback allows a user on the trusted or optional networks to get access to a public server that is on the same physical Firebox or XTM device interface by its public IP address or domain name. Match each type of NAT with the correct description: Changes and routes all incoming and outgoing packets sent from one range of addresses to a different range of addresses. (Choose one) 1 - to1 NAT Dynamic NAT NAT Loopback - Answers- 1 - to1 NAT When you enable 1-to-1 NAT, the Firebox changes and routes all incoming and outgoing packets sent from one range of addresses to a different range of addresses. Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 74 Which policies can use the Intrusion Prevention Service to block network attacks? (Select one?) Only HTTP and HTTPS Proxy policies Only proxy policies All Policies Only packet filter policies Only inbound policies - Answers-All policies Which of these services would you use to allow the use of P2P programs for a specific department in your organization? (Select one.) Reputation Enabled Defense Application Control Data Loss Prevention IPS - Answers-Application Control

You can use Firebox System Manager to download a PCAP file that includes packet information about the protocols that manage traffic on your network. True False - Answers-True From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them. True False - Answers-True When your device is in a default state, to which interface do you connect your management computer so you can use the Quick Setup Wizard or Web Setup Wizard to configure the device? Interface 0 Console Interface Any Interface Interface 1 - Answers-Interface 1 To use the Quick Setup Wizard: 1. Connect your computer to interface 1 of the Firebox In the default Firebox configuration file, which policies control management access to the device? (Select two) WatchGuard FTP Ping WatchGuard Web UI Outgoing - Answers-WatchGuard WatchGuard Web UI WatchGuard: The packet filter policy that controls administrative connections to the Firebox is WG-Firebox-Mgmt. The Quick Setup Wizard adds this policy with the name WatchGuard. (Page 31 - Fireware Essentials Student Guide) WatchGuard Web UI: By default, the Firebox allows connections to the WebUI from any computer on a trusted or optional network. Access to the WebUI is controlled by the WatchGuard Web UI policy. This policy is automatically added to your device configuration when you run the Quick Setup Wizard. (Page 458 - Fireware Essentials Student Guide) To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one) 10.0.10.0/ 10.0.1.0/ 172.16.10.0/ 192.168.1.0/24 - Answers-10.0.1.0/

Disable automatic signature updates. Decrease the scan limits. - Answers-Configure a policy to use a proxy action that has AntiVirus settings configured. Configure Gateway AntiVirus settings for a proxy action. Match the function with the appropriate WatchGuard Subscription Service Uses rules, pattern matching and sender reputation to block unwanted email messages WebBlocker Spam Blocker Gateway / Antivirus APT Blocker Application Control Quarantine Server Intrusion Prevention Server (IPS) Data Loss Prevention (DLP) Reputation Enable Defense (RED) - Answers-Spam Blocker Match the function with the appropriate WatchGuard Subscription Service Cloud based service that controls access to websites based on a sites previous behavior WebBlocker Spam Blocker Gateway / Antivirus APT Blocker Application Control Quarantine Server Intrusion Prevention Server (IPS) Data Loss Prevention (DLP) Reputation Enable Defense (RED) - Answers-Reputation Enable Defense (RED) Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.) WebBlocker Gateway AntiVirus Application Control Deep inspection of HTTPS content Data Loss Prevention - Answers-Deep inspection of HTTPS content Data Loss Prevention You can configure your Firebox to automatically redirect users to the Authentication Portal page. True False - Answers-True

You configured four Device Administrator user accounts to your Firebox. To see a report on which Device Management users have made changes to the device configuration, what must you do?(2) Start Firebox System Manager for the device and review the activity for the Management Users on the Authentication List tab. Connect to Report Manager or Dimension and view the Audit Trail report for you device Open WatchGuard Server Center and review the configuration history for managed devices Configure your device to send audit trail log messages to your WatchGuard Log Server or Dimension Log Server - Answers-Connect to Report Manager or Dimension and view the Audit Trail report for your device Open WatchGuard Server Center and review the configuration history for managed devices Which items are included in a Firebox backup image? (4) Support Snapshot Fireware OS Configuration File Log File Feature Keys Certificates - Answers-Fireware OS Configuration File Feature Keys Certificates A Firebox backup image is a saved copy of the working image from the Firebox flash disk. The backup image includes the Firebox appliance software, configuration file, licenses, and certificates. When you purchase an option for your Firebox, you add a new feature key to your configuration file. If you disable the Outgoing policy, which policies must you add to allow trusted interface users to use in order to connect to commonly used websites? (Select THREE) HTTP port 80 NAT policy FTP 21 HTTPS port 443 DNS 53 - Answers-HTTPS port 443 DNS 53 HTTP port 80 About the Outgoing Policy The default Outgoing policy is a packet filter policy that is automatically added to your Firebox configuration when you run the Quick Setup Wizard to set up your device and create a basic device configuration file. The Outgoing policy allows all TCP and UDP connections from any trusted or optional source on your network to any external network. Because it is a packet filter policy, not a proxy policy, the Outgoing policy does not filter content when it examines the traffic through your Firebox.