WatchGuard Essentials Exam Practice Questions (P. 3)
- Full Access (75 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #11
Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets?
(Select three.)
(Select three.)
- A192.168.50.1/24
- B10.50.1.1/16
- C198.51.100.1/24
- D172.16.0.1/16
- E192.0.2.1/24
Correct Answer:
ABD
ABD
send
light_mode
delete
Question #12
The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.
send
light_mode
delete
Question #13
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)
- AThe packet is denied because the site is on the Blocked Sites List.
- BThe packet is denied because it matched a policy.
- CThe packet is denied because it matched an IPS signature.
- DThe packet is denied because it does not match any firewall policies.
Correct Answer:
D
D
send
light_mode
delete
Question #14
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
- AEnable the AUTO-block sites that attempt to connect option in a deny policy.
- BAdd the site to the Blocked Sites Exceptions list.
- COn the Firebox System Manager >Blocked Sites tab, select Add.
- DIn Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
Correct Answer:
ACD
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy.
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
Reference:
https://www.watchguard.com/training/fireware/80/defense8.htm
C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference:
http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites.
2. Click Add.
The Add Site dialog box appears.
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/intrusionprevention/blocked_sites_permanent_c.html
ACD
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy.
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
Reference:
https://www.watchguard.com/training/fireware/80/defense8.htm
C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference:
http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites.
2. Click Add.
The Add Site dialog box appears.
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/intrusionprevention/blocked_sites_permanent_c.html
send
light_mode
delete
Question #15
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
- AAccess to inappropriate websites
- BDenial of service attacksMost Voted
- CFlood attacksMost Voted
- DMalware in downloaded files
- EPort scansMost Voted
- FViruses in email messages
- GIP spoofingMost Voted
Correct Answer:
BCEG
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath
%3DDefault%2520Threat%2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
BCEG
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath
%3DDefault%2520Threat%2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
send
light_mode
delete
All Pages