[2024年01月18日] 心強いEssentialsのPDF問題集はEssentials問題
正真正銘のEssentials問題集で無料PDF問題で合格させる
WatchGuard Essentials(Fireware Essentials)試験は、WatchGuardファイアウォールを扱うITプロフェッショナルのスキルと知識を評価するために設計された認定試験です。この試験は、グローバルに認められている業界標準の認定であり、WatchGuard Technologiesによって実施されています。この試験は、候補者のWatchGuard Fireboxデバイスの設定、管理、およびトラブルシューティングの能力、およびVPN、認証、侵入防止などのネットワークセキュリティコンセプトに関する知識をテストします。
質問 # 31
Which takes precedence: WebBlocker category match or a WebBlocker exception?
- A. WebBlocker category match
- B. WebBlocker exception
正解:B
質問 # 32
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.)
- A. Data Loss Prevention
- B. Application Control
- C. WebBlocker
- D. Gateway AntiVirus
- E. Deep inspection of HTTPS content
正解:A、E
質問 # 33
To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)
- A. You can only send log messages to Dimension from a computer that is on the network behind your gateway Firebox.
- B. You must change the connection settings in Dimension, not on the gateway Firebox.
- C. You must add a policy to the remote device configuration file to allow traffic to a Dimension.
- D. You must make sure that either the WG-Logging packet filter policy, or another policy that allows external connections to Dimension over port 4115, is included in the configuration file.
正解:C
質問 # 34
What is one reason that users could see a certificate warning in their web browsers when they connect to Fireware XTM Web UI? (Select one.)
- A. The Firebox or XTM device uses the default self-signed certificate.
- B. The user or group is not present in the Firebox User database.
- C. The authentication server does not respond after three minutes.
- D. The user has been previously added to the Blocked Sites list.
正解:A
質問 # 35
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)
- A. 10.0.1.0/24
- B. 192.168.1.0/24
- C. 10.0.10.0/24
- D. 172.16.10.0/24
正解:A
質問 # 36
While troubleshooting a branch office VPN tunnel, you see this log message:
2 014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES
What settings could you modify in the local device configuration to resolve this issue? (Select one.)
- A. BOVPN Tunnel Route settings
- B. BOVPN Tunnel settings
- C. BOVPN Gateway settings
- D. BOVPN-Allow policies
正解:C
解説:
Explanation/Reference:
The WatchGuard BOVPN settings error in this example states phase one encryption. Only the BOVPN Gateway settings can specify phase one settings. BOVPN Tunnel settings specify phase 2 settings.
質問 # 37
From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.
- A. True
- B. False
正解:A
質問 # 38
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)
- A. The default Outgoingpolicy has been removed and there is no policy to allow DNS traffic.
- B. The HTTP-proxy policy is configured for the wrong port.
- C. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
- D. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
正解:A
解説:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/policies/policy_outgoing_about_c.html
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/proxies/http/http_proxy_about_chtml
質問 # 39
In the default Firebox configuration file, which policies control management access to the device? (Select two.)
- A. WatchGuard Web UI
- B. Ping
- C. WatchGuard
- D. FTP
- E. Outgoing
正解:A、C
解説:
Ping is generated by default as the explanation states but Ping does not manage the device. The policies that manage the device are WatchGuard & WatchGuard Web UI
質問 # 40
Match the monitoring tool to the correct task.
Which tool can view a list of users connected to the Firebox? (Select one)
- A. Firebox System Manager - Subscription services
- B. FireWatch
- C. Traffic Monitor
- D. Log Server
- E. FireBox System Manager - Blocked Sites list
- F. Firebox System Manager - Authentication list
正解:F
解説:
Explanation/Reference:
You can view a list of users connected to the Firebox through HostWatch, and you can also use Authentication List, which identifies the IP addresses and user names of all the users that are authenticated to the Firebox.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181
質問 # 41
The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.
- A. False
- B. True
正解:A
質問 # 42
Which tool can add an IP address for the Firebox to permanently block? (Select one)
- A. Firebox System Manager - Subscription services
- B. FireWatch
- C. Traffic Monitor
- D. Log Server
- E. FireBox System Manager - Blocked Sites list
- F. Firebox System Manager - Authentication list
正解:F
解説:
Block a site permanently
The Successful Company networkadministrator has been driven to distraction recently by a script kiddy using addresses in the 192.136.15.0/24 network to run probes of the Successful network. In this exercise, we permanently block all connections from that network.
1.From PolicyManager, select Setup > Default Threat Protection > Blocked Sites. The Blocked Sites Configuration dialog box opens.
2.On the Blocked Sites tab, click Add.
3.The Add Site dialog box opens. 3. Use the Choose Type drop-down list to select Network IP. In the Value text box, type 192.136.15.0/ 24.
4. Click OK.
The entry appears in the Blocked Sites list. With this configuration, the Firebox blocks all packets to and from the 192.136.15.0/24 network range.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181
質問 # 43
How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2? (Select one.)
- A. Remove Any-Optional from theTolist of the WatchGuard policy
- B. Remove Any-Optional from theTolist of the WatchGuard Web UI policy.
- C. Remove Any-Optional from theFromlist of the WatchGuard policy.
- D. Remove Eth2 from the Any-Optional alias.
- E. RemoveAny-Optional from theFromlist of the WatchGuard Web UI policy
正解:B
質問 # 44
In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)
- A. Default route VPN automatically allows dynamic NAT
- B. Default route VPN uses less bandwidth
- C. Default route VPN uses less processing power
- D. Default route VPN allows your Firebox to examine all remote user traffic
正解:A
質問 # 45
You can configure the SMTP-proxy policy to restrict email messages and email content based on
which of these message characteristics? (Select four.)
- A. Email message size
- B. Attachment file name and content type
- C. Maximum email recipients
- D. Sender Mail From address
- E. Check URLs in message with WebBlocker
正解:A、C、D、E
質問 # 46
After you enable Gateway AntiVirus, IPS, or Application control, how can you make sure the services protect your network from the latest known threats? (Select one.)
- A. Configure reputation Enabled Defense.
- B. Enable automatic signature updates.
- C. Enable default packet handling.
- D. Enable HTTPS deep inspection.
正解:B
質問 # 47
Match the monitoring tool to the correct task.
Which tool can ping the source of a denied packet? (Select one)
- A. FireWatch
- B. Traffic Monitor
- C. Firebox System Manager - Authentication list
- D. Log Server
- E. FireboxSystem Manager - Subscription services
- F. FireBox System Manager - Blocked Sites list
正解:B
解説:
For a quick look at the log messages generated by the Firebox, use Traffic Monitor. With Traffic Monitor, you can apply color to differenttypes of messages, and ping or traceroute to the IP addresses of computers included in the log messages.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181
質問 # 48
How is a proxy policy different from a packet filter policy? (Select two.)
- A. Only a proxy works ta the application, network, and transport layers to examine all connection data.
- B. Only a proxy policy can prevent specific threats without blocking the entire connection.
- C. Only a proxy policy uses the IP source, destination, and port to control network traffic.
- D. Only a proxy policy examines information in the IP header.
正解:A、C
質問 # 49
You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? (Select one.)
- A. Two
- B. As many as you have configured on your network.
- C. One
正解:B
質問 # 50
You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
- A. In the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113.25.
- B. Create a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25.
- C. Create a global dynamic NAT rule for traffic from the email server and set the source IP address to
203.0.113.25.
正解:C
質問 # 51
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select one.)
- A. Configure a host name forupdate.example.com.
- B. Create an alias for all subdomains and known IP addresses forexample.com.
- C. Add IP addresses that correspond to each software update server in the domain.
- D. Configure an FQDN for*.example.com.
正解:D
解説:
http://www.watchguard.com/help/docs/fireware/11/en-US/Content/en-US/policies/fqdn_about_c.html
質問 # 52
......
結果を保証するには最新2024年01月無料:https://www.jpntest.com/shiken/Essentials-mondaishu