When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean?
Answer(s): D
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)
Answer(s): A,C,D
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese1. From Policy Manager, double-click the PCAnywhere policy.2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
https://www.watchguard.com/training/fireware/80/defense8.htmC: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.http://www.watchguard.com/training/fireware/82/monitoa6.htmD: You can use Policy Manager to permanently add sites to the Blocked Sites list.1. select Setup > Default Threat Protection > Blocked Sites.2. Click Add.The Add Site dialog box appears.http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/intrusionprevention/blocked_sites_permanent_c.html
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
Answer(s): B,C,E,G
B: The default configuration of the XTM device is to block DDoS attacks.C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration?
Answer(s): A
Post your Comments and Discuss WatchGuard Essentials exam with other Community members:
Peter commented on April 09, 2023 Well worth the money. Real Questions and Answers CYPRUS upvote
Masseh commented on July 22, 2021 The support team from this website is very good. They reply right away unlike other sites where as soon as they take your money they stop replying. GERNAMY upvote
Robert commented on April 22, 2016 Hello, the Exam have some bugs. But i passed with over 80 %. Nice Work Robert UNITED STATES upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the Essentials content, but please register or login to continue.