問題集を購入するなら最新の2023年03月22日 Essentials試験問題と解答PDFで一年間無料更新
時間限定無料ダウンロード!最新のEssentials問題集で2023年最新のEssentials試験問題
質問 16
In the default Firebox configuration file, which policies control management access to the device? (Select two.)
- A. FTP
- B. WatchGuard
- C. WatchGuard Web UI
- D. Outgoing
- E. Ping
正解: B,C
質問 17
Match each WatchGuard Subscription Service with its function.
Controls access to website based on content categories. . (Choose one).
- A. Application Control
- B. Reputation Enable Defense RED
- C. WebBlocker
- D. Gateway / Antivirus
- E. Intrusion Prevention Server IPS
正解: C
解説:
Explanation/Reference:
WebBlocker controls access to the good and bad places that are reachable on the web, preventing users from gaining access to sites that have evil intentions.
If you configure WebBlocker to use the Websense cloud for WebBlocker lookups, WebBlocker uses the Websense content categories. A web site is added to a category when the content of the web site meets the criteria for the content category.
Reference: http://www.tomsitpro.com/articles/network-security-solutions-guide, 2-866-6.html
質問 18
Which policies can use the Intrusion Prevention Service to block network attacks? (Select one?)
- A. Only inbound policies
- B. Only packet filter policies
- C. Only HTTP and HTTPS Proxy policies
- D. All policies
- E. Only proxy policies
正解: B
質問 19
Match each WatchGuard Subscription Service with its function.
Cloud based service that controls access to website based on a site's previous behavior. (Choose one).
- A. Application Control
- B. Data Loss Prevention DLP
- C. Reputation Enable Defense RED
- D. Quarantine Server
- E. WebBlocker
- F. Intrusion Prevention Server IPS
正解: C
解説:
Explanation/Reference:
Reputation Enable Device (RED) is a cloud-based reputation service that controls user's ability to get main access to web malicious sites. Works in concert with the WebBlocker module.
Reference: http://www.tomsitpro.com/articles/network-security-solutions-guide, 2-866-6.html
質問 20
Clients on the trusted network need to connect to a server behind a router on the optional network.
Based on this image, what static route must be added to the Firebox for traffic from clients on the trusted network to reach a server at 10.0.20.100? (Select one.)
- A. Route to 10.0.20.0/24,Gateway 10.0.2.254
- B. Route to 10.0.20.0/24,Gateway 10.0.2.1
- C. Route to 10.0.10.0/24, Gateway 10.0.10.1
- D. Route to 10.0.20.0, Gateway 10.0.2.254
正解: D
質問 21
Which diagnostic tasks can you run from the Traffic Monitor tab of Firebox System Manager? (Select four.)
- A. MAC address lookup
- B. Traceroute
- C. DNS lookup
- D. Reputation lookup
- E. Ping
- F. TCP dump
正解: B,C,E,F
質問 22
In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)
- A. Default route VPN uses less bandwidth
- B. Default route VPN automatically allows dynamic NAT
- C. Default route VPN uses less processing power
- D. Default route VPN allows your Firebox to examine all remote user traffic
正解: D
解説:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/mvpn/pptp/mvpn_pptp_internet-access_c.html
The most secure option is to require that all remote user Internet traffic is routed through the VPN tunnel to the XTM device. Then, the traffic is sent back out to the Internet. With this configuration (known as default-route VPN), the XTM device is able to examine all traffic and provide increased security, although it uses more processing power and bandwidth.
質問 23
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)
- A. The packet is denied because it matched an IPS signature.
- B. The packet is denied because it does not match any firewall policies.
- C. The packet is denied because it matched a policy.
- D. The packet is denied because the site is on the Blocked Sites List.
正解: B
質問 24
Which of these services would you use to allow the use of P2P programs for a specific department in your organization? (Select one.)
- A. Application Control
- B. Data Loss Prevention
- C. Reputation Enabled Defense
- D. IPS
正解: A
質問 25
An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
- A. Add a spamBlocker subject tag for bulk email messages.
- B. Set the spamBlocker action to quarantine the email for later retrieval.
- C. Add a spamBlocker exception based on the From field of the newsletter email.
- D. Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.
正解: A
質問 26
Match each WatchGuard Subscription Service with its function.
Scans files to detect malicious software infections. (Choose one).
- A. Data Loss Prevention DLP
- B. Quarantine Server
- C. Spam Blocker
- D. Reputation Enable Defense RED
- E. Gateway / Antivirus
正解: E
解説:
Explanation/Reference:
Gateway Antivirus provides a virus scanner that uses both an extensive signature database (updated through subscription) and a heuristic analysis engine.
Reference: http://www.tomsitpro.com/articles/network-security-solutions-guide, 2-866-6.html
質問 27
In the default Firebox configuration file, which policies control management access to the device? (Select two.)
- A. WatchGuard Web UI
- B. FTP
- C. WatchGuard
- D. Outgoing
- E. Ping
正解: C,E
解説:
When you configure the Firebox with the Quick Setup Wizard, the wizard adds four basic policies: TCP/UDP outgoing, FTP packet filter, ping, and WatchGuard.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 15
質問 28
In the network configuration in this image, which aliases is Eth2 a member of? (Select three.)
- A. Any-optional
- B. Optional-1
- C. Any-Trusted
- D. Any
- E. Any-External
正解: A,B,D
質問 29
How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2? (Select one.)
- A. Remove Any-Optional from the To list of the WatchGuard policy
- B. Remove Any-Optional from the From list of the WatchGuard Web UI policy
- C. Remove Any-Optional from the To list of the WatchGuard Web UI policy.
- D. Remove Eth2 from the Any-Optional alias.
- E. Remove Any-Optional from the From list of the WatchGuard policy.
正解: B
質問 30
Which tool is used to see a treemap visualization of the traffic through your Firebox? (Select one)
- A. Firebox System Manager - Subscription services
- B. Log Server
- C. Firebox System Manager - Authentication list
- D. FireBox SystemManager - Blocked Sites list
- E. Traffic Monitor
- F. FireWatch
正解: F
解説:
The FireWatch page is separated into tabs of data that is presented in aTreemap Visualization. The treemap is a widget that proportionally sizes blocks in the display to represent the data for that tab. The largest blocks on the tab represent the largest data users. The data is sorted by the tab you select and the type you select from the drop-down list at the top right of the page.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181
質問 31
How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2?
(Select one.)
- A. Remove Any-Optional from the To list of the WatchGuard policy
- B. Remove Any-Optional from the From list of the WatchGuard Web UI policy
- C. Remove Any-Optional from the To list of the WatchGuard Web UI policy.
- D. Remove Eth2 from the Any-Optional alias.
- E. Remove Any-Optional from the From list of the WatchGuard policy.
正解: B
質問 32
A local branch office VPN tunnel route is configured as shown in this image. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.)
- A. 10.0.10.0/24
- B. 10.0.20.0/24
- C. 10.0.1.0/24
正解: A
質問 33
How can you include log messages from more than one Firebox in a single report generated by Dimension? (Select two.)
- A. Create a device group and view the reports for that group.
- B. You cannot see report data in Dimension for more than one device.
- C. Export report data as a single PDF file for all the devices you want to include in the report.
- D. Create a report schedule that includes all the devices you want to include in the report.
正解: A,D
質問 34
......
WatchGuard Essentials 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
検証済みのEssentials問題集と解答で一年間無料最速更新:https://www.jpntest.com/shiken/Essentials-mondaishu