Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. WatchGuard
  5. Essentials

Free Essentials Exam Braindumps (page: 6)

Page 5 of 19
PDF with 75 Questions

If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)

  1. HTTP port 80
  2. NAT policy
  3. FTP port 21
  4. HTTPS port 443
  5. DNS port 53

Answer(s): A,D,E

Explanation:

TCP-UDP packet filter
If you decide to remove the Outgoing policy, you must add a policy for any type of traffic you want to allow through the Firebox. If you remove the Outgoing policy and then decide you want to allow all TCP and UDP connections through the Firebox again, you must add the TCP-UDP packet filter to provide the same function.
This is because the Outgoing policy does not appear in the list of standard policies available from Policy Manager.


Reference:

Fireware Basics, Courseware: WatchGuard System Manager 10, page 97



How is a proxy policy different from a packet filter policy? (Select two.)

  1. Only a proxy policy examines information in the IP header.
  2. Only a proxy policy uses the IP source, destination, and port to control network traffic.
  3. Only a proxy policy can prevent specific threats without blocking the entire connection.
  4. Only a proxy works at the application, network, and transport layers to examine all connection data.

Answer(s): C,D

Explanation:

C: Proxies can prevent potential threats from reaching your network without blocking the entire connection.
D: A proxy operates at the application layer, as well as the network and transport layers of a TCP/IP packet, while a packet filter operates only at the network and transport protocol layers.
Incorrect:
Not A: A packet filter examines each packets IP header to control the network traffic into and out of your network.


Reference:

Fireware Basics, Courseware: WatchGuard System Manager 10, page 95



Which authentication servers can you use with your Firebox? (Select four.)

  1. Active Directory
  2. RADIUS
  3. LDAP
  4. Linux Authentication
  5. Kerberos
  6. TACACS+
  7. Firebox databases

Answer(s): A,B,C,G

Explanation:



When your users connect to the Authentication Portal page to authenticate, they see a security warning message in their browses, which they must accept before they can authenticate. How can you make sure they do not see this security warning message in their browsers?

  1. Import a custom self-signed certificate or a third-party certificate to your Firebox and import the same certificate to all client computers or web browsers.
  2. Replace the Firebox certificate with the trusted certificate from your web server.
  3. Add the user accounts for your users who use the Authentication Portal to a list of trusted users on your Firebox.
  4. Instruct them to disable security warning message in their preferred browsers.

Answer(s): A






Post your Comments and Discuss WatchGuard Essentials exam with other Community members:

Exam Discussions & Posts