WATCHGUARD ESSENTIALS FOR
LOCALLY MANAGED FIREBOXE EXAM
QUESTIONS AND ANSWERS
Which takes precedence: WebBlocker category match or a WebBlocker exception?
A. WebBlocker exception
B. WebBlocker category match - ANSWER-A. WebBlocker exception
Users on the trusted network cannot browse Internet websites. Based on the
configuration shown in this image, what could be the problem with this policy
configuration? (Select one.)
A. The default Outgoing policy has been removed and there is no policy to allow DNS
traffic.
B. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C. The HTTP-proxy policy is configured for the wrong port.
D. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External. - ANSWER-
A. The default Outgoing policy has been removed and there is no policy to allow DNS
traffic.
To prevent certificate error warnings in your browser when you use deep content
inspection with the HTTPS proxy, you can export the proxy authority certificate from the
Firebox and import that certificate to all client devices.
A. True
B. False - ANSWER-A. True
Which of these options must you configure in an HTTPS-proxy policy to detect credit
card numbers in HTTP traffic that is encrypted with SSL? (Select two.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
D. Deep inspection of HTTPS content
E. Data Loss Prevention - ANSWER-D. Deep inspection of HTTPS content
E. Data Loss Prevention
Match each WatchGuard Subscription Service with its function.Uses full-system
emulation analysis to identify characteristics and behavior of zero-day malware.
(Choose one).
A. Reputation Enable Defense RED
B. Gateway / Antivirus
C. Data Loss Prevention DLP
D. Spam Blocker
, E. WebBlocker
F. Intrusion Prevention Server IPS
G. Application Control
H. Quarantine Server
I. Advanced Persistent Thread Blocker (APT Blocker) - ANSWER-I. Advanced
Persistent Thread Blocker (APT Blocker)
When your device is in a default state, to which interface do you connect your
management computer so you can use the Quick Setup Wizard or Web SetupWizard to
configure the device? (Select one.)
A. Interface 0
B. Console interface
C. Any interface
D. Interface 1 - ANSWER-D. Interface 1
In the default Firebox configuration file, which policies control management access to
the device? (Select two.)
A. WatchGuard
B. FTP
C. Ping
D. WatchGuard Web UI
E. Outgoing - ANSWER-A. WatchGuard
D. WatchGuard Web UI
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM
device, your computer must have an IP address on which subnet? (Select one.)
A. 10.0.10.0/24
B. 10.0.1.0/24
C. 172.16.10.0/24
D. 192.168.1.0/24 - ANSWER-B. 10.0.1.0/24
What is the best method to downgrade the version of Fireware OS on your Firebox
without losing all device configuration settings? (Select one.)
A. Restore a saved backup image that was created for the device before the last
Fireware OS upgrade.
B. Use the Upgrade OS feature in Fireware Web UI to install the sysa_dl file for an
order version of Fireware OS.
C. Change the OS compatibility setting in Policy Manager to downgrade the device.
Then use Policy Manager to save the configuration to the device.
D. Use the downgrade feature on Policy Manager to select a previous of Fireware OS. -
ANSWER-A. Restore a saved backup image that was created for the device before the
last Fireware OS upgrade.
??You configured four Device Administrator user accounts for your Firebox. To see a
report of witch Device Management users have made changes to the device
configuration, what must you do? (Select two.)
LOCALLY MANAGED FIREBOXE EXAM
QUESTIONS AND ANSWERS
Which takes precedence: WebBlocker category match or a WebBlocker exception?
A. WebBlocker exception
B. WebBlocker category match - ANSWER-A. WebBlocker exception
Users on the trusted network cannot browse Internet websites. Based on the
configuration shown in this image, what could be the problem with this policy
configuration? (Select one.)
A. The default Outgoing policy has been removed and there is no policy to allow DNS
traffic.
B. The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C. The HTTP-proxy policy is configured for the wrong port.
D. The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External. - ANSWER-
A. The default Outgoing policy has been removed and there is no policy to allow DNS
traffic.
To prevent certificate error warnings in your browser when you use deep content
inspection with the HTTPS proxy, you can export the proxy authority certificate from the
Firebox and import that certificate to all client devices.
A. True
B. False - ANSWER-A. True
Which of these options must you configure in an HTTPS-proxy policy to detect credit
card numbers in HTTP traffic that is encrypted with SSL? (Select two.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
D. Deep inspection of HTTPS content
E. Data Loss Prevention - ANSWER-D. Deep inspection of HTTPS content
E. Data Loss Prevention
Match each WatchGuard Subscription Service with its function.Uses full-system
emulation analysis to identify characteristics and behavior of zero-day malware.
(Choose one).
A. Reputation Enable Defense RED
B. Gateway / Antivirus
C. Data Loss Prevention DLP
D. Spam Blocker
, E. WebBlocker
F. Intrusion Prevention Server IPS
G. Application Control
H. Quarantine Server
I. Advanced Persistent Thread Blocker (APT Blocker) - ANSWER-I. Advanced
Persistent Thread Blocker (APT Blocker)
When your device is in a default state, to which interface do you connect your
management computer so you can use the Quick Setup Wizard or Web SetupWizard to
configure the device? (Select one.)
A. Interface 0
B. Console interface
C. Any interface
D. Interface 1 - ANSWER-D. Interface 1
In the default Firebox configuration file, which policies control management access to
the device? (Select two.)
A. WatchGuard
B. FTP
C. Ping
D. WatchGuard Web UI
E. Outgoing - ANSWER-A. WatchGuard
D. WatchGuard Web UI
To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM
device, your computer must have an IP address on which subnet? (Select one.)
A. 10.0.10.0/24
B. 10.0.1.0/24
C. 172.16.10.0/24
D. 192.168.1.0/24 - ANSWER-B. 10.0.1.0/24
What is the best method to downgrade the version of Fireware OS on your Firebox
without losing all device configuration settings? (Select one.)
A. Restore a saved backup image that was created for the device before the last
Fireware OS upgrade.
B. Use the Upgrade OS feature in Fireware Web UI to install the sysa_dl file for an
order version of Fireware OS.
C. Change the OS compatibility setting in Policy Manager to downgrade the device.
Then use Policy Manager to save the configuration to the device.
D. Use the downgrade feature on Policy Manager to select a previous of Fireware OS. -
ANSWER-A. Restore a saved backup image that was created for the device before the
last Fireware OS upgrade.
??You configured four Device Administrator user accounts for your Firebox. To see a
report of witch Device Management users have made changes to the device
configuration, what must you do? (Select two.)
