Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
WATCH GUARD NETWORK SECURITY ESSENTIALS QUESTIONS AND
ANSWERS LATEST UPDATE (ALREADY GRADED A+)
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet l
message. What does this log massage mean? (Select one.)
A. The packet is denied because the site is on the Blocked Sites List.
B. The packet is denied because it matched a policy.
C. The packet is denied because it matched an IPS signature.
D. The packet is denied because it does not match any firewall policies.
The packet is denied because it does not match any firewall policies
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
A. Enable the AUTO-block sites that attempt to connect option in a deny policy.
B. Add the site to the Blocked Sites Exceptions list.
C. On the Firebox System Manager >Blocked Sites tab, select Add.
D. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
1. Enable the AUTO-block sites that attempt to connect option in a deny policy.
2. On the Firebox System Manager >Blocked Sites tab, select Add.
3. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
***Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
A. Access to inappropriate websites
B. Denial of service attacks
C. Flood attacks
D. Malware in downloaded files
E. Port scans
F. Viruses in email messages
G. IP spoofing
Denial of service attacks
Flood attacks
Port scans
IP spoofing
***If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites?
(Select three.)
A. HTTP port 80
B. NAT policy
C. FTP port 21
D. HTTPS port 443
E. DNS port 53
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
HTTP port 80
HTTPS port 443
DNS port 53
The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
***Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be th
problem with this policy configuration? (Select one.)
A. The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
B. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C. The HTTP-proxy policy is configured for the wrong port.
D. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
How is a proxy policy different from a packet filter policy? (Select two.)
A. Only a proxy policy examines information in the IP header.
B. Only a proxy policy uses the IP source, destination, and port to control network traffic.
C. Only a proxy policy can prevent specific threats without blocking the entire connection.
D. Only a proxy works at the application, network, and transport layers to examine all connection data.
Only a proxy policy can prevent specific threats without blocking the entire connection.
Only a proxy works at the application, network, and transport layers to examine all connection data.
Which authentication servers can you use with your Firebox? (Select four.)
A. Active Directory
B. RADIUS
C. LDAP
D. Linux Authentication
E. Kerberos
F. TACACS+
G. Firebox databases
Active Directory
RADIUS
LDAP
Firebox databases
***When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their
browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning
message in their browsers? (Select one.)
A. Import a custom self-signed certificate or a third-party certificate to your Firebox and import the same certificate to all client
computers or web browsers.
B. Replace the Firebox certificate with the trusted certificate from your web server.
C. Add the user accounts for your users who use the Authentication Portal to a list of trusted users on your Firebox.
D. Instruct them to disable security warning message in their preferred browsers.
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
Import a custom self-signed certificate or a third-party certificate to your Firebox and import the same certificate to all client compute
or web browsers.
You can configure your Firebox to automatically redirect users to the Authentication Portal page.
A. True
B. False
True
Allow Incoming connections to the example.com domain only
.From the SMTP proxy action settings in this image, which of these options is configured for incoming SMTP traffic? (Select one.)
Allow Incoming connections to the example.com domain only
Allow Outgoing connection from example.com
Deny Incoming connections to the example.com domain only
Deny outgoing connections from example.com
Any-optional
Optional-1
Any
***In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)
A. Any-optional
B. Any-External
C. Optional-1
D. Any
E. Any-Trusted
***When your device is in a default state, to which interface do you connect your management computer so you can use the Quick
Setup Wizard or Web SetupWizard to configure the device? (Select one.)
A. Interface 0
B. Console interface
C. Any interface
D. Interface 1
Interface 1
***In the default Firebox configuration file, which policies control management access to the device? (Select two.)
A. WatchGuard
B. FTP
C. Ping
D. WatchGuard Web UI
E. Outgoing
WatchGuard
WatchGuard Web UI
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP addr
on which subnet? (Select one.)
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
A. 10.0.10.0/24
B. 10.0.1.0/24
C. 172.16.10.0/24
D. 192.168.1.0/24
10.0.1.0/24
***What is the best method to downgrade the version of Fireware OS on your Firebox without losing all device configuration
settings? (Select one.)
A. Restore a saved backup image that was created for the device before the last Fireware OS upgrade.
B. Use the Upgrade OS feature in Fireware Web UI to install the sysa_dl file for an order version of Fireware OS.
C. Change the OS compatibility setting in Policy Manager to downgrade the device. Then use Policy Manager to save the configurat
to the device.
D. Use the downgrade feature on Policy Manager to select a previous of Fireware OS.
Restore a saved backup image that was created for the device before the last Fireware OS upgrade.
***You configured four Device Administrator user accounts for your Firebox. To see a report of which Device Management users h
made changes to the device configuration, what must you do? (Select two.)
A. Start Firebox System Manager for the device and review the activity for the Management Users on the Authentication List tab.
B. Connect to Report Manager or Dimension and view the Audit Trail report for your device.
C. Open WatchGuard Server Center and review the configuration history for managed devices.
D. Configure your device to send audit trail log messages to your WatchGuard Log Server or Dimension Log Server.
Connect to Report Manager or Dimension and view the Audit Trail report for your device.
Open WatchGuard Server Center and review the configuration history for managed devices.
***Which items are included in a Firebox backup image file? (Select four.)
A. Support snapshot
B. Fireware OS
C. Configuration file
D. Log file
E. Feature keys
F. Certificates
G. Passwords
This question was on the exam but it had different answers.
One of the answer options was policies. I don't believe feature keys was on there. Also users and roles were on there.
Configuration file
Certificates
Passwords
Feature key
***Only 50 clients on the trusted network of your Firebox can connect to the Internet at the same time. What could cause this?
(Select one.)
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
for Student & Beginners
WATCH GUARD NETWORK SECURITY ESSENTIALS QUESTIONS AND
ANSWERS LATEST UPDATE (ALREADY GRADED A+)
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet l
message. What does this log massage mean? (Select one.)
A. The packet is denied because the site is on the Blocked Sites List.
B. The packet is denied because it matched a policy.
C. The packet is denied because it matched an IPS signature.
D. The packet is denied because it does not match any firewall policies.
The packet is denied because it does not match any firewall policies
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
A. Enable the AUTO-block sites that attempt to connect option in a deny policy.
B. Add the site to the Blocked Sites Exceptions list.
C. On the Firebox System Manager >Blocked Sites tab, select Add.
D. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
1. Enable the AUTO-block sites that attempt to connect option in a deny policy.
2. On the Firebox System Manager >Blocked Sites tab, select Add.
3. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
***Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
A. Access to inappropriate websites
B. Denial of service attacks
C. Flood attacks
D. Malware in downloaded files
E. Port scans
F. Viruses in email messages
G. IP spoofing
Denial of service attacks
Flood attacks
Port scans
IP spoofing
***If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites?
(Select three.)
A. HTTP port 80
B. NAT policy
C. FTP port 21
D. HTTPS port 443
E. DNS port 53
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
HTTP port 80
HTTPS port 443
DNS port 53
The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
***Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be th
problem with this policy configuration? (Select one.)
A. The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
B. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C. The HTTP-proxy policy is configured for the wrong port.
D. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
How is a proxy policy different from a packet filter policy? (Select two.)
A. Only a proxy policy examines information in the IP header.
B. Only a proxy policy uses the IP source, destination, and port to control network traffic.
C. Only a proxy policy can prevent specific threats without blocking the entire connection.
D. Only a proxy works at the application, network, and transport layers to examine all connection data.
Only a proxy policy can prevent specific threats without blocking the entire connection.
Only a proxy works at the application, network, and transport layers to examine all connection data.
Which authentication servers can you use with your Firebox? (Select four.)
A. Active Directory
B. RADIUS
C. LDAP
D. Linux Authentication
E. Kerberos
F. TACACS+
G. Firebox databases
Active Directory
RADIUS
LDAP
Firebox databases
***When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their
browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning
message in their browsers? (Select one.)
A. Import a custom self-signed certificate or a third-party certificate to your Firebox and import the same certificate to all client
computers or web browsers.
B. Replace the Firebox certificate with the trusted certificate from your web server.
C. Add the user accounts for your users who use the Authentication Portal to a list of trusted users on your Firebox.
D. Instruct them to disable security warning message in their preferred browsers.
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
Import a custom self-signed certificate or a third-party certificate to your Firebox and import the same certificate to all client compute
or web browsers.
You can configure your Firebox to automatically redirect users to the Authentication Portal page.
A. True
B. False
True
Allow Incoming connections to the example.com domain only
.From the SMTP proxy action settings in this image, which of these options is configured for incoming SMTP traffic? (Select one.)
Allow Incoming connections to the example.com domain only
Allow Outgoing connection from example.com
Deny Incoming connections to the example.com domain only
Deny outgoing connections from example.com
Any-optional
Optional-1
Any
***In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)
A. Any-optional
B. Any-External
C. Optional-1
D. Any
E. Any-Trusted
***When your device is in a default state, to which interface do you connect your management computer so you can use the Quick
Setup Wizard or Web SetupWizard to configure the device? (Select one.)
A. Interface 0
B. Console interface
C. Any interface
D. Interface 1
Interface 1
***In the default Firebox configuration file, which policies control management access to the device? (Select two.)
A. WatchGuard
B. FTP
C. Ping
D. WatchGuard Web UI
E. Outgoing
WatchGuard
WatchGuard Web UI
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP addr
on which subnet? (Select one.)
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
, Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
A. 10.0.10.0/24
B. 10.0.1.0/24
C. 172.16.10.0/24
D. 192.168.1.0/24
10.0.1.0/24
***What is the best method to downgrade the version of Fireware OS on your Firebox without losing all device configuration
settings? (Select one.)
A. Restore a saved backup image that was created for the device before the last Fireware OS upgrade.
B. Use the Upgrade OS feature in Fireware Web UI to install the sysa_dl file for an order version of Fireware OS.
C. Change the OS compatibility setting in Policy Manager to downgrade the device. Then use Policy Manager to save the configurat
to the device.
D. Use the downgrade feature on Policy Manager to select a previous of Fireware OS.
Restore a saved backup image that was created for the device before the last Fireware OS upgrade.
***You configured four Device Administrator user accounts for your Firebox. To see a report of which Device Management users h
made changes to the device configuration, what must you do? (Select two.)
A. Start Firebox System Manager for the device and review the activity for the Management Users on the Authentication List tab.
B. Connect to Report Manager or Dimension and view the Audit Trail report for your device.
C. Open WatchGuard Server Center and review the configuration history for managed devices.
D. Configure your device to send audit trail log messages to your WatchGuard Log Server or Dimension Log Server.
Connect to Report Manager or Dimension and view the Audit Trail report for your device.
Open WatchGuard Server Center and review the configuration history for managed devices.
***Which items are included in a Firebox backup image file? (Select four.)
A. Support snapshot
B. Fireware OS
C. Configuration file
D. Log file
E. Feature keys
F. Certificates
G. Passwords
This question was on the exam but it had different answers.
One of the answer options was policies. I don't believe feature keys was on there. Also users and roles were on there.
Configuration file
Certificates
Passwords
Feature key
***Only 50 clients on the trusted network of your Firebox can connect to the Internet at the same time. What could cause this?
(Select one.)
https://itexamanswers.net/it-essentials-ite-v6-0-v7-0-chapter-13-exam-answers-100.html
