Essentials v1.0

Page:    1 / 5   
Exam contains 75 questions

Your company denies downloads of executable files from all websites. What can you do to allow users on the network to download executable files from the company"™s remote website? (Select one.)

  • A. Add an HTTP proxy exception for the company"™s remote website.
  • B. Create a WebBlocker exception to allow access to the company"™s remote website.
  • C. Create an IPS exception.
  • D. Create a Blocked Sites exception.
  • E. Configure HTTP Request > URL Paths to allow the company"™s remote website.


Answer : A

A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download of the installation file? (Select one.)

  • A. HTTP Request > Request Methods
  • B. HTTP Response > Body Content Types
  • C. HTTP Response > Header Fields
  • D. WebBlocker
  • E. HTTP Request > Authorization


Answer : B

Which takes precedence: WebBlocker category match or a WebBlocker exception?

  • A. WebBlocker exception
  • B. WebBlocker category match


Answer : A

To prevent certificate error warnings in your browser when you use deep content inspection with the HTTPS proxy, you can export the proxy authority certificate from the Firebox and import that certificate to all client devices.

  • A. True
  • B. False


Answer : A

Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.)

  • A. WebBlocker
  • B. Gateway AntiVirus
  • C. Application Control
  • D. Deep inspection of HTTPS content
  • E. Data Loss Prevention


Answer : DE

Match each WatchGuard Subscription Service with its function.
Uses full-system emulation analysis to identify characteristics and behavior of zero-day malware. (Choose one).

  • A. Reputation Enable Defense RED
  • B. Gateway / Antivirus
  • C. Data Loss Prevention DLP
  • D. Spam Blocker
  • E. WebBlocker
  • F. Intrusion Prevention Server IPS
  • G. Application Control
  • H. Quarantine Server
  • I. APT Blocker


Answer : I

APT Blocker is intended to stop malware and zero-day threats that are trying to invade an organization's network.
APT Blocker uses a next-gen sandbox to get detailed views into the execution of a malware program. After first running through other security services, files are fingerprinted and checked against an existing database "" first on the appliance and then in the cloud. If the file has never been seen before, it is analyzed using the system emulator, which monitors the execution of all instructions. It can spot the evasion techniques that other sandboxes miss.
Reference:
http://www.watchguard.com/wgrd-products/security-modules/apt-blocker

When you configure the Global Application Control action, it is automatically applied to all policies.

  • A. True
  • B. False


Answer : B

Which WatchGuard Subscription Service must be enabled in a proxy policy before you can use APT Blocker? (Select one.)

  • A. RED
  • B. Application Control
  • C. Gateway Antivirus
  • D. WebBlocker
  • E. IPS


Answer : C

What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? (Select two.)

  • A. Configure a policy to use a proxy action that has AntiVirus settings configured.
  • B. Install the Gateway AntiVirus server on your network.
  • C. Configure Gateway AntiVirus settings for a proxy action.
  • D. Disable automatic signature updates.
  • E. Decrease the scan limits


Answer : AC

When you enable Gateway AntiVirus, you must set the actions to be taken if a virus or error is found in an email message (SMTP or POP3 proxies), web page download or upload post (HTTP proxy), or uploaded or downloaded file (FTP proxy). When Gateway AntiVirus is enabled, it scans each file up to a specified kilobyte count. Any additional bytes in the file are not scanned. This allows the proxy to partially scan very large files without a large effect on performance.
Reference:
http://watchguard.com/help/docs/webui/xtm_11/en-us/content/en-us/services/gateway_av/av_actions_config_c.html

After you enable Gateway AntiVirus, IPS, or Application control, how can you make sure the services protect your network from the latest known threats? (Select one.)

  • A. Enable default packet handling.
  • B. Configure reputation Enabled Defense.
  • C. Enable automatic signature updates.
  • D. Enable HTTPS deep inspection.


Answer : C

Which policies can use the Intrusion Prevention Service to block network attacks? (Select one?)

  • A. Only HTTP and HTTPS Proxy policies
  • B. Only proxy policies
  • C. All policies
  • D. Only packet filter policies
  • E. Only inbound policies


Answer : C

Which of these services would you use to allow the use of P2P programs for a specific department in your organization? (Select one.)

  • A. Reputation Enabled Defense
  • B. Application Control
  • C. Data Loss Prevention
  • D. IPS


Answer : B

You can use Firebox System Manager to download a PCAP file that includes packet information about the protocols that manage traffic on your network.

  • A. True
  • B. False


Answer : A

From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.

  • A. True
  • B. False


Answer : A

Match the monitoring tool to the correct task.
Which is not a Fireware monitoring tool? (Select one)

  • A. FireBox System Manager "" Blocked Sites list
  • B. Log Server
  • C. FireWatch
  • D. Firebox System Manager "" Subscription services
  • E. Firebox System Manager "" Authentication list
  • F. Traffic Monitor


Answer : B

The Fireware monitor and configuration tools are: Edge Web Manager, Firebox System Manager, HostWatch, and Ping.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181

Page:    1 / 5   
Exam contains 75 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.