Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
116 Cards in this Set
- Front
- Back
|
You must have a WatchGuard management server to use drag-and-drop for VPN creation. |
True |
|
|
When you connect to a firebox from WSM, you should decrease the timeout setting in the Connect to firebox dialog box of you have a slow network or Internet connection. |
False |
|
|
You must install all WSM servers on the same management computer. |
False |
|
|
You do not have to install a WSM server to use WatchGuard Server Center. |
False |
|
|
Which of the following do you need before you use the Quick Setup Wizard in WSM to setup your Firebox with a basic working configuration? |
A feature key, IP address of the gateway router, and IP address to give to the external and trusted interfaces of the firebox. |
|
|
To save a changed device configuration file to the firebox, which pass-phrase do you use? |
Admin pass-phrase |
|
|
How frequently should you make a backup image of your firewall? |
Each time you make a substantial change to the configuration. |
|
|
Which information does Watchguard System manager use to identify a Firebox? |
External IP, Device name and Model Number. |
|
|
Which account can you use to login to the WebUI to change the configuration? |
admin |
|
|
What is the default port you use to login to the Web UI? |
8080 |
|
|
You must install WSM software to use the Web UI. |
False |
|
|
How many users can simultaneously login to the Web UI with the admin account, if the option to allow more than one Device Administrator to login to the Firebox at the same time has been enabled? |
Unlimited |
|
|
How many users can login to the Web UI with the status account? |
Unlimited |
|
|
When you use a static IP address for the external interface, what information must you get from your ISP? |
IP address, Subnet Mask, & Default Gateway |
|
|
You can configure the firebox as a DHCP server? |
True |
|
|
If you use DHCP on the external interface of the firebox, you can configure a secondary network for the external interface. |
True |
|
|
You can add secondary networks only when the device is configured in Bridge mode. |
False |
|
|
Which two interfaces are necessary to create a basic network configuration in mixed routing mode? |
External and Trusted |
|
|
Which of these items is NOT a method used to assign an IP to an external interface on a firebox? |
PPPoA |
|
|
Only the trusted interface is able to assign IP addresses as a DHCP server. |
False |
|
|
Which type of NAT conserves IP addresses and hides the internal topology of your network? |
Dynamic NAT |
|
|
Which type of NAT is often used for policies that require more than one port, or port numbers that change dynamically, such as for many messaging and video conferencing applications? |
1-to-1 NAT |
|
|
Which of these entries are in the dynamic NAT configuration by default? |
192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 |
|
|
Static NAT for a policy is also known as: |
Port forwarding |
|
|
Dynamic NAT rewrites the source IP address of packets to use the IP address of the interface from which traffic leaves. |
True |
|
|
Performance Console displays graphs that show various Firebox functions based on performance counters. |
True |
|
|
You can add a site to the Blocked Sites list from HostWatch. |
True |
|
|
From the Service Watch tab, you can update your Gateway AV, Application Control and IPS Signatures. |
False |
|
|
What is a task that can be performed from traffic monitor? |
Ping the source of a denied packet. |
|
|
Firewatch allows you to see a treemap visualiztion of the traffic through your Firebox. |
True |
|
|
Which of these are part of the Watchguard reporting architecture? |
Report Server, Log Server, Firebox and Report Manager |
|
|
Which tool do you use to set the frequency that reports are generated? |
Report Server |
|
|
A report server can create reports based on log messages from more than one log server. |
True |
|
|
To connect to WatchGuard WebCenter, you use the IP address of your firebox. |
False |
|
|
In WSM log manager, you can search the log files of more than one firebox at the same time. |
False |
|
|
A packet filter policy examines the application layer content of a TCP/IP packet. |
False |
|
|
You can use the same operating schedule for multiple policies. |
True |
|
|
Which of the following protocols can be used in a custom policy. |
TCP, UDP and ICMP |
|
|
Policies are ordered primarily by name. |
False |
|
|
Policy event notification messages can be sent to which of the following destinations? |
Email messages, an SNMP trap,and pop-up message on your log server. |
|
|
To protect your DNS server from attack, you configure a DNS proxy policy with a DNS incoming proxy action. |
True |
|
|
What is the function of a DNS server? |
Translate readable internet addresses into IP addresses. |
|
|
An ALG is the same as a packet filter policy. |
False |
|
|
What is the best pattern match to block FTP uploads of Adobe PDF documents? |
|
|
|
You can assign the same proxy action to more than one proxy policy. |
True |
|
|
Which of these VOIP protocols do fireware ALG's support? |
H.323 & SIP |
|
|
Fireware OS supports authentication to a Novell server. |
False |
|
|
You can configure a policy to a allow a single user. |
True |
|
|
Which of these authentication servers are compatible with Fireware OS? |
Firebox-DB, SecurID, RADIUS, LDAP & Active Directory |
|
|
What is the URL for the authentication server? |
https://{trusted or optional IP}:4100 |
|
|
Which HTTP proxy action category controls content by MIME type? |
HTTP Response > Content Types |
|
|
Which security service cannot be used with the HTTP proxy? |
SpamBlocker |
|
|
A user does not have to be authenticated to the firebox to apply bandwidth and time quotas to web traffic. |
False |
|
|
How do you prevent traffic to a specific website from contributing to a user's quota? |
Add the site to the quota exceptions list. |
|
|
WebBlocker adds URL filtering to the SMTP proxy. |
False |
|
|
Which WebBlocker server option offers more categories? |
Websense cloud with Websense categories. |
|
|
You can create new WebBlocker categories. |
False |
|
|
You can create a WebBlocker exception that blocks a specific port in a URL. |
True |
|
|
You can allow a user to bypass the WebBlocker restrictions. |
True |
|
|
A WebBlocker exception can allow a site that is normally blocked to be allowed, or a site that is normally allowed to be blocked. |
True |
|
|
you must install a RED defense server to use the RED defense service. |
False |
|
|
When RED is enabled, local Gateway AV scans are done only for URLs that have an inconclusive reputation score (not good or bad). |
True |
|
|
Which SMTP proxy action can reduce the number of very large files your users receive by email. |
SMTP-Incoming |
|
|
Which SMTP proxy action can reduce the amount of spam received by your users? |
SMTP-Incoming |
|
|
Which rule in the SMTP-Outgoing proxy action can prevent your network from being used as a spam relay? |
Mail From |
|
|
Which SMTP-proxy action can block pornographic images from being received by your users? |
SMTP-Incoming |
|
|
Which SMTP-proxy actions can keep your users from sending MP3 files to their friends? |
SMTP-Outgoing |
|
|
You can use the POP3-Client proxy action to deny messages received from a POP3 server. |
False |
|
|
What actions can spamblocker take when configured to work with SMTP? |
Deny, tag, allow, drop and quarantine |
|
|
the confirmed spam category includes email messages that come from known spammers. |
True |
|
|
Which of these policies work with spamblocker? |
SMTP, POP3 |
|
|
When you use spamblocker with the POP3-proxy, the firebox can deny, drop, allow or add a subject to any suspected spam message. |
True |
|
|
To use spamblocker, you must configure a Quarantine server. |
False |
|
|
A firewall-based IPS maintains a database of character strings that match known viruses and worms. |
False |
|
|
Which of these features are firewall-based intrusion prevention measures? |
Blocked sites, Default packet handling, blocked ports |
|
|
An unhandled packet is a packet that does not match any policy created in Policy Manager. |
True |
|
|
To block all traffic to and from a network, you add the address to the blocked __________ list. |
Sites |
|
|
When you enable IPS, IPS is automatically enabled for all policies. |
True |
|
|
Which IPS action adds the source IP address to the Blocked Sites list? |
Block |
|
|
What threat levels does IPS block by default? |
Critical, High, Medium and Low |
|
|
Can you disable IPS for a specific policy? |
Yes |
|
|
In the SMTP proxy, which proxy action deletes the attachment, sends nothing to the sender or recipient and adds the sender to the Blocked sites list? |
Block |
|
|
Which proxy action removes the attachment and allows the message through to the recipient? |
Remove |
|
|
Gateway AV can detect viruses in password-protected ZIP files. |
False |
|
|
If you use the POP3 proxy, you can send email messages with a virus or possible virus to the Quarantine server. |
False |
|
|
Which proxies does gateway AV operate with? |
SMTP, HTTP, FTP, POP3, and TCP-UDP |
|
|
Which proxies can use the Remove action when Gateway AV identified a virus? |
SMTP and POP3 |
|
|
APT blocker requires that you also have Gateway AV enabled for the specified proxy. |
True |
|
|
APT blocker must have the latest signatures to detect zero-day advanced malware. |
False |
|
|
Which of these APT threat levels indicate the presence of advanced malware. |
High, Medium and Low |
|
|
The global application control action applies automatically to all policies in your configuration. |
False |
|
|
If you want to monitor application use on your network, you must enable application control in your policies and enable logging of allowed packets in those policies. |
True |
|
|
Which actions can the firebox take for traffic that matches an application control action? |
Allow and Drop |
|
|
Is it possible to enable application control without blocking and applications? |
Yes |
|
|
Where can you find out more information about an application that application control can block? |
On the WatchGuard Application Control Security Portal |
|
|
DLP scans both incoming and outgoing traffic |
False |
|
|
Which of these DLP sensors or rules would you use to scan for phrases specific to your organization in outbound email traffic? |
Custom Rule |
|
|
DLP cannot scan content in password protected files. |
True |
|
|
Before you can enable a DLP sensor for a HTTPS proxy policy, you must first enable deep inspection in the HTTPS-proxy action. |
True |
|
|
Which BOVPN method can you use between a WatchGuard device and a third party device? |
Manual BOVPN |
|
|
If you want to use policy based routing to send traffic through a VPN tunnel, which type of VPN must you use? |
BOVPN Virtual Interface |
|
|
Which VPN type do you configure on a WatchGuard management server? |
Managed VPN tunnel |
|
|
The main purpose of Phase 2 is to setup a secure encrypted channel through which the two devices can negotiate Phase 1. |
False |
|
|
In Phase 2 negotiations, the two peers agree on a set of communication parameters. When you configure the BOVPN tunnel, you specify the Phase 2 parameters. |
True |
|
|
Which step is not a part of Phase 1 negotiation? |
Assign name and pass-phrase to tunnel |
|
|
When you configure a BOVPN, three "Any" policies are automatically created to allow traffic to and from the tunnels. |
False |
|
|
Which of these VPN connection types can you configure in the native VPN client in Windows? |
PPTP and L2TP |
|
|
Split-tunneling is more secure than default route VPN. |
False |
|
|
A firebox can manage only one type of mobile VPN at a time. |
False |
|
|
Which mobile VPN clients can users download by authenticating to a web page on a Firebox? |
Mobile VPN with SSL |
|
|
When does the user need to know the Mobile VPN with IPSec tunnel pass-phrase? |
To import the client profile to the Mobile VPN with IP Sec client. |
|
|
What is the purpose of the "WatchGuard" policy? |
Allows management connections to the firebox from WSM |
|
|
You can use LDAP authentication for the PPTP or L2TP Mobile VPNs. |
False |
|
|
When your firebox has an application control license, which policies have application control enabled by default? |
None |
|
|
While troubleshooting a branch office VPN tunnel, you see the log message below. What settings could you modify inthe local device configuration to resolve the configuration issue? |
BOVPN Tunnel settings |
|
|
You can use the TCP-UDP proxy to control Web, FTP, and SIP traffic on ports other than 80, 21, and 5060 |
True |
