Download Fireware Essentials Exam.Essentials.PracticeTest.2018-04-16.49q.vcex

Vendor: WatchGuard
Exam Code: Essentials
Exam Name: Fireware Essentials Exam
Date: Apr 16, 2018
File Size: 767 KB
Downloads: 1

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
Clients on the trusted network need to connect to a server behind a router on the optional network. Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.) 
 
  1. Route to 10.0.20.0/24, Gateway 10.0.2.1
  2. Route to 10.0.20.0/24, Gateway 10.0.2.254
  3. Route to 10.0.20.0, Gateway 10.0.2.254
  4. Route to 10.0.10.0/24, Gateway 10.0.10.1
Correct answer: B
Explanation:
We must add a trusted static route to the 10.0.20.0/24 network through the 10.0.2.254 gateway.
We must add a trusted static route to the 10.0.20.0/24 network through the 10.0.2.254 gateway.
Question 2
Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets? (Select three.)
  1. 192.168.50.1/24
  2. 10.50.1.1/16
  3. 198.51.100.1/24
  4. 172.16.0.1/16
  5. 192.0.2.1/24
Correct answer: ABD
Question 3
The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.
  1. True
  2. False
Correct answer: B
Question 4
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)
  1. The packet is denied because the site is on the Blocked Sites List.
  2. The packet is denied because it matched a policy.
  3. The packet is denied because it matched an IPS signature.
  4. The packet is denied because it does not match any firewall policies.
Correct answer: D
Question 5
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
  1. Enable the AUTO-block sites that attempt to connect option in a deny policy.
  2. Add the site to the Blocked Sites Exceptions list.
  3. On the Firebox System Manager >Blocked Sites tab, select Add.
  4. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
Correct answer: ACD
Explanation:
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese1. From Policy Manager, double-click the PCAnywhere policy. 2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox. Reference: https://www.watchguard.com/training/fireware/80/defense8.htmC: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.Reference: http://www.watchguard.com/training/fireware/82/monitoa6.htmD: You can use Policy Manager to permanently add sites to the Blocked Sites list.1. select Setup > Default Threat Protection > Blocked Sites. 2. Click Add.  The Add Site dialog box appears. Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/intrusionprevention/blocked_sites_permanent_c.html
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy. 
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox. 
Reference: https://www.watchguard.com/training/fireware/80/defense8.htm
C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference: http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites. 
2. Click Add.  
The Add Site dialog box appears. 
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/intrusionprevention/blocked_sites_permanent_c.html
Question 6
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
  1. Access to inappropriate websites
  2. Denial of service attacks
  3. Flood attacks
  4. Malware in downloaded files
  5. Port scans
  6. Viruses in email messages
  7. IP spoofing
Correct answer: BCEG
Explanation:
B: The default configuration of the XTM device is to block DDoS attacks.C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attackReference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
Question 7
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.) 
 
  1. The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
  2. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
  3. The HTTP-proxy policy is configured for the wrong port.
  4. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
Correct answer: A
Question 8
If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)
  1. HTTP port 80
  2. NAT policy
  3. FTP port 21
  4. HTTPS port 443
  5. DNS port 53
Correct answer: ADE
Explanation:
TCP-UDP packet filter If you decide to remove the Outgoing policy, you must add a policy for any type of traffic you want to allow through the Firebox. If you remove the Outgoing policy and then decide you want to allow all TCP and UDP connections through the Firebox again, you must add the TCP-UDP packet filter to provide the same function. This is because the Outgoing policy does not appear in the list of standard policies available from Policy Manager. Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 97
TCP-UDP packet filter 
If you decide to remove the Outgoing policy, you must add a policy for any type of traffic you want to allow through the Firebox. If you remove the Outgoing policy and then decide you want to allow all TCP and UDP connections through the Firebox again, you must add the TCP-UDP packet filter to provide the same function. This is because the Outgoing policy does not appear in the list of standard policies available from Policy Manager. 
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 97
Question 9
How is a proxy policy different from a packet filter policy? (Select two.)
  1. Only a proxy policy examines information in the IP header.
  2. Only a proxy policy uses the IP source, destination, and port to control network traffic.
  3. Only a proxy policy can prevent specific threats without blocking the entire connection.
  4. Only a proxy works at the application, network, and transport layers to examine all connection data.
Correct answer: CD
Explanation:
C: Proxies can prevent potential threats from reaching your network without blocking the entire connection.D: A proxy operates at the application layer, as well as the network and transport layers of a TCP/IP packet, while a packet filter operates only at the network and transport protocol layers.Incorrect:Not A: A packet filter examines each packet’s IP header to control the network traffic into and out of your network.Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 95
C: Proxies can prevent potential threats from reaching your network without blocking the entire connection.
D: A proxy operates at the application layer, as well as the network and transport layers of a TCP/IP packet, while a packet filter operates only at the network and transport protocol layers.
Incorrect:
Not A: A packet filter examines each packet’s IP header to control the network traffic into and out of your network.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 95
Question 10
Which authentication servers can you use with your Firebox? (Select four.)
  1. Active Directory
  2. RADIUS
  3. LDAP
  4. Linux Authentication
  5. Kerberos
  6. TACACS+
  7. Firebox databases
Correct answer: ABCG
Explanation:
 
 
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!