WATCHGUARD EXAM LABS QUESTIONS & ANSWERS
A user receives a deny message that the installation file (install.exe) is blocked by the
HTTP-proxy policy and cannot be downloaded. Which HTTP proxy action rule must you
modify to allow download of the installation file? (Select one.)
A. HTTP Request > Request Methods
B. HTTP Response > Body Content Types
C. HTTP Response > Header Fields
D. WebBlocker
E. HTTP Request > Authorization - Answers-HTTP Response > Body Content Types
How is a proxy policy different from a packet filter policy? (Select two.)
A. Only a proxy policy examines information in the IP header.
B. Only a proxy policy uses the IP source, destination, and port to control network traffic.
C. Only a proxy policy can prevent specific threats without blocking the entire
connection.
D. Only a proxy works ta the application, network, and transport layers to examine all
connection data. - Answers-C. Only a proxy policy can prevent specific threats without
blocking the entire connection.
D. Only a proxy works ta the application, network, and transport layers to examine all
connection data.
To enable remote devices to send log messages to Dimension through the gateway
Firebox, what must you verify is included in your gateway Firebox configuration? (Select
one.)
A. You can only send log messages to Dimension from a computer that is on the
network behind your gateway Firebox.
B. You must change the connection settings in Dimension, not on the gateway Firebox.
C. You must add a policy to the remote device configuration file to allow traffic to a
Dimension.
D. You must make sure that either the WG-Logging packet filter policy, or another policy
that allows external connections to Dimension over port 4115, is included in the
configuration file. - Answers-D. You must make sure that either the WG-Logging packet
filter policy, or another policy that allows external connections to Dimension over port
4115, is included in the configuration file.
You have a privately addressed email server behind your Firebox. If you want to make
sure
that all traffic from this server to the Internet appears to come from the public IP address
203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
A. In the SMTP policy that handles traffic from the email server, select the option to
apply dynamic NAT to all traffic in the policy and set the source IP address
203.0.113.25.
B. Create a global dynamic NAT rule for traffic from the email server and set the source
IP address to 203.0.113.25.
, C. Create a static NAT action for traffic to the email server, and set the source IP
address to 203.0.113.25. - Answers-in the SMTP policy that handles traffic from the
email server, select the option to apply dynamic NAT to all traffic in the policy and set
the source IP address 203.0.113.25.
The IP address for the trusted interface on your Firebox is 10.0.40.1/24, but you want to
change the IP address for this interface. How can you avoid a network outage for clients
on
the trusted network when you change the interface IP address to 10.0.50.1/24? (Select
one.)
A. Create a 1-to-1 NAT rule for traffic from the 10.0.40.0/24 subnet to addresses on the
10.0.50.0/24 subnet.
B. Add 10.0.40.1/24 as a secondary IP address for the interface.
C. Add IP addresses on the 10.0.40.0/24 subnet to the DHCP Server IP address pool
for this interface.
D. Add a route to 10.0.40.0/24 with the gateway 10.0.50.1. - Answers-Add 10.0.40.1/24
as a secondary IP address for the interface.
When your users connect to the Authentication Portal page to authenticate, they see a
security warning message in their browses, which they must accept before they can
authenticate. How can you make sure they do not see this security warning message in
their browsers? (Select one.)
A. Import a custom self-signed certificate or a third-party certificate to your Firebox and
import the same certificate to all client computers or web browsers.
B. Replace the Firebox certificate with the trusted certificate from your web server.
C. Add the user accounts for your users who use the Authentication Portal to a list of
trusted users on your Firebox.
D. Instruct them to disable security warning message in their preferred browsers. -
Answers-Import a custom self-signed certificate or a third-party certificate to your
Firebox and import the same certificate to all client computers or web browsers.
For which of these third party authentication methods must you specify a search base?
(Select two.)
A. RADIUS
B. Active Directory
C. SecurID
D. LDAP - Answers-B. Active Directory
D. LDAP
You can configure your Firebox to send log messages to how many WatchGuard Log
Servers at the same time? (Select one.)
A. One
B. Two
C. As many as you have configured on your network. - Answers-B. Two
An email newsletter about sales from an external company is sometimes blocked by
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller GEEKA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £10.17. You're not tied to anything after your purchase.