[2023年11月21日] 最新でリアルなEssentials試験問題集解答 [Q19-Q40]

[2023年11月21日] 最新でリアルなEssentials試験問題集解答

あなたを簡単に合格させるEssentials試験問と正確なFireware Essentials ExamのPDF問題

試験の準備をするために、候補者は、オンラインコース、インストラクター主導のトレーニング、練習試験を含むWatchGuardのトレーニングリソースを活用できます。これらのリソースは、候補者が試験に合格し、認定されるために必要な概念とスキルを習得できるように設計されています。

WatchGuard Essentials（FireWare Essentials）認定試験は、世界中のどこからでも取得できるオンライン試験です。試験はタイミングであり、複数選択とシナリオベースの質問で構成されています。この試験は、挑戦的で包括的であるように設計されており、試験に合格した人がWatchGuard Fireboxデバイスを深く理解していることを保証します。

質問 # 19
After you enable spamBlocker, your users experience no reduction in the amount of spam they receive. What could explain this? (Select three.)

A. A spamBlocker exception is configured to allow traffic fromsender *.
B. The Maximum File Size to Scan option is set too high.
C. spamBlocker Virus Outbreak Detection is notenabled.
D. Connections cannot be resolved to the spamBlocker servers because DNS is not configured onthe Firebox.
E. The spamBlocker action for Confirmed Spam is set to Allow.

正解：A、D、E

解説：
A: Spamblocker requires DNS to be configured on your XTM device
B: If you use spamBlocker with the POP3 proxy, you have only two actions to choose from: Add Subject Tag and Allow. Allow lets spam email messages go through theFirebox without a tag.
D: The Firebox might sometimes identify a message as spam when it is not spam. If you know the address of the sender, you can configure the Firebox with an exception that tells it not to examine messages from that source address or domain.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 138

質問 # 20
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)

A. The default Outgoingpolicy has been removed and there is no policy to allow DNS traffic.
B. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
D. The HTTP-proxy policy is configured for the wrong port.

正解：A

解説：
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/policies/policy_outgoing_about_c.html
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/proxies/http/http_proxy_about_chtml

質問 # 21
Which items are included in a Firebox backup image? (Select four.)

A. Fireware OS
B. Log file
C. Configuration file
D. Support snapshot
E. Certificates
F. Feature keys

正解：A、C、E、F

解説：
Explanation/Reference:
A Firebox backup image is a saved copy of the working image from the Firebox flash disk. The backup image includes the Firebox appliance software, configuration file, licenses, and certificates.
When you purchase an option for your Firebox, you add a new feature key to your configuration file.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 14, 57

質問 # 22
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? (Select one.)

A. 1-to-1 NAT
B. Dynamic NAT
C. Static NAT

正解：C

質問 # 23
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)

A. 172.16.10.0/24
B. 192.168.1.0/24
C. 10.0.1.0/24
D. 10.0.10.0/24

正解：C

質問 # 24
From the Fireware Web UI, you can generate a report that shows your device configuration settings.

A. True
B. False

正解：A

質問 # 25
From the Fireware Web UI, you can generate a report that shows your device configuration settings.

A. True
B. False

正解：A

質問 # 26
From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.

A. True
B. False

正解：A

質問 # 27
An email newsletter about sales from an external company is sometimes blocked by spamBlocker. What option could you choose to make sure the newsletter is delivered to your users? (Select one.)

A. Add a spamBlocker subject tag for bulk email messages.
B. Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.
C. Add a spamBlocker exception based on the From field of the newsletter email.
D. Set the spamBlocker action to quarantine the email for later retrieval.

正解：A

質問 # 28
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)

A. Enable the AUTO-block sites that attempt to connect option in a deny policy.
B. Add the site to the Blocked Sites Exceptions list.
C. On the Firebox System Manager >Blocked Sites tab, select Add.
D. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.

正解：A、C、D

解説：
Explanation/Reference:
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy.
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
Reference: https://www.watchguard.com/training/fireware/80/defense8.htm C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference: http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites.
2. Click Add.
The Add Site dialog box appears.
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/ intrusionprevention/blocked_sites_permanent_c.html

質問 # 29
You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? (Select one.)

A. Two
B. One
C. As many as you have configured on your network.

正解：C

質問 # 30
How is a proxy policy different from a packet filter policy? (Select two.)

A. Only a proxy policy examines information in the IP header.
B. Only a proxy policy uses the IP source, destination, and port to control network traffic.
C. Only a proxy policy can prevent specific threats without blocking the entire connection.
D. Only a proxy works ta the application, network, and transport layers to examine all connection data.

正解：B、D

質問 # 31
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)

A. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
B. The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
C. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
D. The HTTP-proxy policy is configured for the wrong port.

正解：B

質問 # 32
Which of these options are private IPv4 addresses you can assign to a trusted interface, as described in RFC 1918, Address Allocation for Private Internets? (Select three.)

A. 192.0.2.1/24
B. 172.16.0.1/16
C. 198.51.100.1/24
D. 10.50.1.1/16
E. 192.168.50.1/24

正解：B、D、E

質問 # 33
After you enable spamBlocker, your users experience no reduction in the amount of spam they receive. What could explain this? (Select three.)

A. The Maximum File Size to Scan option is set too high.
B. A spamBlocker exception is configured to allow traffic from sender *.
C. The spamBlocker action for Confirmed Spam is set to Allow.
D. Connections cannot be resolved to the spamBlocker servers because DNS is not configured on the Firebox.
E. spamBlocker Virus Outbreak Detection is not enabled.

正解：B、C、D

解説：
Explanation/Reference:
A: Spamblocker requires DNS to be configured on your XTM device
B: If you use spamBlocker with the POP3 proxy, you have only two actions to choose from: Add Subject Tag and Allow. Allow lets spam email messages go through the Firebox without a tag.
D: The Firebox might sometimes identify a message as spam when it is not spam. If you know the address of the sender, you can configure the Firebox with an exception that tells it not to examine messages from that source address or domain.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 138

質問 # 34
You configured four Device Administrator user accounts for your Firebox. To see a report of witch Device Management users have made changes to the device configuration, what must you do? (Select two.)

A. Start Firebox System Manager for the device and review the activity for the Management Users on the Authentication List tab.
B. Connect to Report Manager or Dimension and view the Audit Trail report for your device.
C. Open WatchGuard Server Center and review the configuration history for managed devices.
D. Configure your device to send audit trail log messages to your WatchGuard Log Server or Dimension Log Server.

正解：B、C

質問 # 35
You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)

A. Create a static NAT action for traffic to the email server, and set the source IP address to
203.0.113.25.
B. In the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address203.0.113.25.
C. Create a global dynamic NAT rule for traffic from the email server and set the source IP address to
203.0.113.25.

正解：C

質問 # 36
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)

A. Port scans
B. Flood attacks
C. Denial of service attacks
D. Access to inappropriate websites
E. Viruses in email messages
F. IP spoofing
G. Malware in downloaded files

正解：A、B、C、F

解説：
Explanation/Reference:
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/ intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%
2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0

質問 # 37
You can configure the SMTP-proxy policy to restrict email messages and email content based on which of these message characteristics? (Select four.)

A. Maximum email recipients
B. Check URLs in message with WebBlocker
C. Sender Mail From address
D. Email message size
E. Attachment file name and content type

正解：A、C、D、E

解説：
Explanation/Reference:
A: Another way to protect your SMTP server is to restrict incoming traffic to only messages that use your company domain. In this example, we use the mywatchguard.com domain. You can use your own company domain.
1. From the SMTP-Incoming Categories list, select Address > Rcpt To.
2. In the Pattern text box, type *.mywatchguard.com. Click Add. This denies any email messages with a Rcpt To address that does not match the company domain.
3. Click OK to close the SMTP Proxy Action Configuration dialog box.
C: In this exercise we will reduce the maximum email size to 5 MB (5, 000 kilobytes).
1. From the SMTP Proxy Action dialog box under the Categories list, select General > General Settings.
2. Find the Limits section. In the Set the maximum email size value box, type 5000.
D: Example: He must configure the Firebox to allow Microsoft Access database files to go through the SMTP proxy. He must also configure the Firebox to deny Apple iTunes MP4 files because of a recent vulnerability announced by Apple.
1. From the SMTP-Incoming Categories list, select Attachments > Content Types.
2. In the Actions to take section, use the None Matched drop-down list to select Allow.
This allows all content types through Firebox to the SMTP server. After Successful Company is able to add in the specific content types they want to allow, they set this parameter to strip content type that does not match their list of allowed content types.
From the SMTP-Incoming Categories list, select Attachments > Filenames.
4. The filename extension for Microsoft Access databases is ".mdb". In the list of filenames, find and select
.mdb. Click Remove. Click Yes to confirm.
3. If no rules match, the Action to take option is set to allow the attachment. In this example, MS Access files are now allowed through the Firebox.
5. In the Pattern text box, type *.mp4. Click Add.
This rule configures the Firebox to deny all files with the Apple iTunes ".mp4" file extension bound for the SMTP server.
E: The Set the maximum email recipient checkbox is used to set the maximum number of email recipients to which a message can be sent in the adjacent text box that appears, type or select the number of recipients.
The XTM device counts and allows the specified number of addresses through, and then drops the other addresses. For example, if you set the value to 50 and there is a message for 52 addresses, the first 50 addresses get the email message. The last two addresses do not get a copy of the message.
Incorrect:
Not B: Webblocker is configured through a HTTP-policy, not through an SMTP policy.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 125, 126 Reference: http://watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/proxies/smtp/ proxy_smtp_gen_settings_c.html

質問 # 38
Which authentication servers can you use with your Firebox? (Select four.)

A. Kerberos
B. Firebox databases
C. LDAP
D. Linux Authentication
E. Active Directory
F. RADIUS
G. TACACS+

正解：B、C、E、F

質問 # 39
With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.