• ホーム
  • ブログ
  • WatchGuard Essentialsテストエンジン問題集トレーニングには75問あります [Q31-Q56]

WatchGuard Essentialsテストエンジン問題集トレーニングには75問あります [Q31-Q56]

Share

WatchGuard Essentialsテストエンジン問題集トレーニングには75問あります

Essentials問題一発合格させる問題集はFireware Essentials認定

質問 31
Match the monitoring tool to the correct task.
Which is not a Fireware monitoring tool? (Select one)

  • A. Traffic Monitor
  • B. FireBox System Manager - Blocked Sites list
  • C. FireWatch
  • D. Firebox System Manager - Subscription services
  • E. Firebox System Manager - Authentication list
  • F. Log Server

正解: F

解説:
The Fireware monitor and configuration tools are: Edge Web Manager, Firebox System Manager, HostWatch, and Ping.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59,

 

質問 32
A local branch office VPN tunnel route is configured as shown in this image. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.)

  • A. 10.0.10.0/24
  • B. 10.0.1.0/24
  • C. 10.0.20.0/24

正解: A

 

質問 33
How is a proxy policy different from a packet filter policy? (Select two.)

  • A. Only a proxy policy can prevent specific threats without blocking the entire connection.
  • B. Only a proxy works at the application, network, and transport layers to examine all connection data.
  • C. Only a proxy policy uses the IP source, destination, and port to control network traffic.
  • D. Only a proxy policy examines information in the IP header.

正解: A,B

解説:
Explanation/Reference:
C: Proxies can prevent potential threats from reaching your network without blocking the entire connection.
D: A proxy operates at the application layer, as well as the network and transport layers of a TCP/IP packet, while a packet filter operates only at the network and transport protocol layers.
Incorrect:
Not A: A packet filter examines each packet's IP header to control the network traffic into and out of your network.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, page 95

 

質問 34
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)

  • A. Add the site to the Blocked Sites Exceptions list.
  • B. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
  • C. On the Firebox System Manager >Blocked Sites tab, select Add.
  • D. Enable the AUTO-block sites that attempt to connect option in a deny policy.

正解: B,C,D

解説:
Explanation/Reference:
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy.
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
Reference: https://www.watchguard.com/training/fireware/80/defense8.htm C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager. From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference: http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites.
2. Click Add.
The Add Site dialog box appears.
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/ intrusionprevention/blocked_sites_permanent_c.html

 

質問 35
Which tool is used to see a treemap visualization of the traffic through your Firebox? (Select one)

  • A. Traffic Monitor
  • B. FireWatch
  • C. Firebox System Manager - Subscription services
  • D. FireBox SystemManager - Blocked Sites list
  • E. Firebox System Manager - Authentication list
  • F. Log Server

正解: B

解説:
The FireWatch page is separated into tabs of data that is presented in aTreemap Visualization. The treemap is a widget that proportionally sizes blocks in the display to represent the data for that tab. The largest blocks on the tab represent the largest data users. The data is sorted by the tab you select and the type you select from the drop-down list at the top right of the page.
Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181

 

質問 36
Which WatchGuard Subscription Service must be enabled in a proxy policy before you can use APT Blocker? (Select one.)

  • A. IPS
  • B. Gateway Antivirus
  • C. WebBlocker
  • D. RED
  • E. Application Control

正解: B

 

質問 37
When your device is in a default state, to which interface do you connect your management computer so you can use the Quick Setup Wizard or Web Setup Wizard to configure the device? (Select one.)

  • A. Interface 1
  • B. Console interface
  • C. Interface 0
  • D. Any interface

正解: A

解説:
To start the Web Setup Wizard, connect your computer to interface number 1 of your XTMdevice with an Ethernet cable. This is the trusted interface.
Reference:http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/installation/qsw_web_about_c.html

 

質問 38
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in HTTP traffic that is encrypted with SSL? (Select two.)

  • A. Gateway AntiVirus
  • B. WebBlocker
  • C. Deep inspection of HTTPS content
  • D. Application Control
  • E. Data Loss Prevention

正解: C

 

質問 39
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)

  • A. IP spoofing
  • B. Flood attacks
  • C. Malware in downloaded files
  • D. Denial of service attacks
  • E. Port scans
  • F. Access to inappropriate websites
  • G. Viruses in email messages

正解: A,B,D,E

解説:
Explanation/Reference:
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/ intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%
2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0

 

質問 40
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)

  • A. The packet is denied because it matched a policy.
  • B. The packet is denied because the site is on the Blocked Sites List.
  • C. The packet is denied because it does not match anyfirewall policies.
  • D. The packet is denied because it matched an IPS signature.

正解: C

解説:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/intrusionprevention/unhandled_pkts_about_c.html

 

質問 41
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)

  • A. 10.0.1.0/24
  • B. 10.0.10.0/24
  • C. 172.16.10.0/24
  • D. 192.168.1.0/24

正解: A

 

質問 42
Which authentication servers can you use with your Firebox? (Select four.)

  • A. Firebox databases
  • B. Kerberos
  • C. LDAP
  • D. RADIUS
  • E. TACACS+
  • F. Active Directory
  • G. Linux Authentication

正解: A,C,D,F

解説:

 

質問 43
From the Firebox System Manager >Authentication List tab, you can view all of the authenticated users connected to your Firebox and disconnect any of them.

  • A. True
  • B. False

正解: B

 

質問 44
Users on the trusted network cannot browse Internet websites. Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)

  • A. The default Outgoingpolicy has been removed and there is no policy to allow DNS traffic.
  • B. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.
  • C. The HTTP-proxy policy is configured for the wrong port.
  • D. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.

正解: C

 

質問 45
The policies in a default Firebox configuration do not allow outgoing traffic from optional interfaces.

  • A. True
  • B. False

正解: B

 

質問 46
Which takes precedence: WebBlocker category match or a WebBlocker exception?

  • A. WebBlocker category match
  • B. WebBlocker exception

正解: A

 

質問 47
In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)

  • A. Local: 203.0.113.10/24 <--> Remote: 198.151.100.2/24
  • B. Local: 192.168.1.0/24 <--> Remote: 10.0.10.0/24
  • C. Local: 10.0.10.0/24 <--> Remote: 192.168.1.0/24
  • D. Local: 10.0.10.1/24 <--> Remote: 192.168.1.1/24

正解: D

 

質問 48
In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)

  • A. Default route VPN allows your Firebox to examine all remote user traffic
  • B. Default route VPN automatically allows dynamic NAT
  • C. Default route VPN uses less bandwidth
  • D. Default route VPN uses less processing power

正解: B

 

質問 49
After you enable Gateway AntiVirus, IPS, or Application control, how can you make sure the services protect your network from the latest known threats? (Select one.)

  • A. Enable automatic signature updates.
  • B. Enable default packet handling.
  • C. Enable HTTPS deep inspection.
  • D. Configure reputation Enabled Defense.

正解: A

 

質問 50
When you examine the log messages In Traffic Monitor, you see that some network packets are denied with an unhandled packet log message. What does this log massage mean? (Select one.)

  • A. The packet is denied because it matched a policy.
  • B. The packet is denied because it does not match any firewall policies.
  • C. The packet is denied because the site is on the Blocked Sites List.
  • D. The packet is denied because it matched an IPS signature.

正解: B

 

質問 51
From the SMTP proxy action settings in this image, which of these options is configured for outgoing SMTP traffic? (Select one.)

  • A. Prevent mail relay for theexample.comdomain.
  • B. Rewrite theMail Fromheader for theexample.comdomain.
  • C. Deny outgoing mail from theexample.comdomain.
  • D. Deny incoming mail from theexample.comdomain.

正解: C

 

質問 52
Which of these actions adds a host to the temporary or permanent blocked sites list? (Select three.)

  • A. Add the site to the Blocked Sites Exceptions list.
  • B. In Policy Manager, select Setup> Default Threat Protection > Blocked Sites and click Add.
  • C. On the Firebox System Manager >Blocked Sites tab, select Add.
  • D. Enable the AUTO-block sites that attempt to connect option in a deny policy.

正解: B,C,D

解説:
Explanation/Reference:
A: You can configure a deny policy to automatically block sites that originate traffic that does not comply with the policy rulese
1. From Policy Manager, double-click the PCAnywhere policy.
2. Click the Properties tab. Select the Auto-block sites that attempt to connect checkbox.
Reference: https://www.watchguard.com/training/fireware/80/defense8.htm C: The blocked sites list shows all the sites currently blocked as a result of the rules defined in Policy Manager.
From this tab, you can add sites to the temporary blocked sites list, or remove temporary blocked sites.
Reference: http://www.watchguard.com/training/fireware/82/monitoa6.htm
D: You can use Policy Manager to permanently add sites to the Blocked Sites list.
1. select Setup > Default Threat Protection > Blocked Sites.
2. Click Add.
The Add Site dialog box appears.
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/ intrusionprevention/blocked_sites_permanent_c.html

 

質問 53
For which of these third party authentication methods must you specify a search base? (Select two.)

  • A. LDAP
  • B. Active Directory
  • C. RADIUS
  • D. SecurID

正解: A,B

 

質問 54
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal hosts based on the destination port, which type of NAT should you use? (Select one.)

  • A. Static NAT
  • B. Dynamic NAT
  • C. 1-to-1 NAT

正解: C

 

質問 55
If you disable the Outgoing policy, which policies must you add to allow trusted users to connect to commonly used websites? (Select three.)

  • A. HTTP port 80
  • B. DNS port 53
  • C. NAT policy
  • D. HTTPS port 443
  • E. FTP port 21

正解: A,D,E

 

質問 56
......


WatchGuard Essentials 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Device monitoring| logging| and reporting
トピック 2
  • Policy and proxy configuration
トピック 3
  • Subscription services configuration

 

Essentials練習テストPDF試験材料:https://www.passtest.jp/WatchGuard/Essentials-shiken.html

Essentials解答の無料サンプルには全てリアル試験に基づいています:https://drive.google.com/open?id=1DUQLMoa_TPFTOCDRb2upYNSlIbG62hiy

関するブログ

もっと
Essentials 無料問題集