WatchGuard Essentials Exam Practice Questions (P. 5)
- Full Access (75 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #21
You can configure your Firebox to automatically redirect users to the Authentication Portal page.
send
light_mode
delete
Question #22
For which of these third party authentication methods must you specify a search base? (Select two.)
- ARADIUS
- BActive Directory
- CSecurID
- DLDAP
Correct Answer:
BD
B: Configuring the Firebox to use Active Directory authentication is similar to the process for LDAP authentication. You must set a search base to put limits on the directories on the authentication server the Firebox searches in for an authentication match.
D: When you configure the Firebox to use LDAP authentication, you must set a search base to put limits on the directories on the authentication server the Firebox searches in for an authentication match
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 83-84
BD
B: Configuring the Firebox to use Active Directory authentication is similar to the process for LDAP authentication. You must set a search base to put limits on the directories on the authentication server the Firebox searches in for an authentication match.
D: When you configure the Firebox to use LDAP authentication, you must set a search base to put limits on the directories on the authentication server the Firebox searches in for an authentication match
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 83-84
send
light_mode
delete
Question #23
You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
- AIn the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113.25.
- BCreate a global dynamic NAT rule for traffic from the email server and set the source IP address to 203.0.113.25.
- CCreate a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25.
Correct Answer:
B
B
send
light_mode
delete
Question #24
Match each type of NAT with the correct description:
Conserves IP addresses and hides the internal topology of your network. (Choose one)
Conserves IP addresses and hides the internal topology of your network. (Choose one)
- A1-to1 NAT
- BDynamic NAT
- CNAT Loopback
Correct Answer:
B
Dynamic NAT is also known as IP masquerading. With dynamic NAT many computers can connect to the Internet from one public IP address. Dynamic NAT gives more security for internal hosts that use the Internet, because it hides the IP addresses of hosts on your network.
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/nat/nat_dynamic_use_c.html%3FTocPath%3DNetwork%2520Address%
2520Translation%2520(NAT)%7CAbout%2520Dynamic%2520NAT%7C_____0
B
Dynamic NAT is also known as IP masquerading. With dynamic NAT many computers can connect to the Internet from one public IP address. Dynamic NAT gives more security for internal hosts that use the Internet, because it hides the IP addresses of hosts on your network.
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/nat/nat_dynamic_use_c.html%3FTocPath%3DNetwork%2520Address%
2520Translation%2520(NAT)%7CAbout%2520Dynamic%2520NAT%7C_____0
send
light_mode
delete
Question #25
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? (Select one.)
send
light_mode
delete
All Pages