WATCHGUARD NETWORK SECURITY
ESSENTIALS PRACTICE QUIZ WITH
COMPLETE SOLUTIONS
What is the URL of the Firebox Authentication web page? (Select one.)
A. https://auth.watchguard.com:4100/
B. https://<trusted or optional device interface IP address>:4100/
C. http://ip address of device interface:411/
D. https://gateway IP address of Firebox:4000/ - ANSWER-What is the URL of the
Firebox Authentication web page?
B. https://<trusted or optional device interface IP address>:4100/
What are the four types of network interfaces you can configure on your firewall?
A. External, Trusted, Optional, Custom
B. External, Optional, Trusted, Optional
C. Trusted, Primary, Optional, DHCP
D. Optional, Trusted, Custom, Internet - ANSWER-What are the four types of network
interfaces you can configure on your firewall?
B. External, Trusted, Optional, Custom
True or False: In order to enable NAT Loopback on your firewall, you have to configure
this under the Dynamic NAT settings.
False
True - ANSWER-False. NAT Loopback does not require anything to be enabled. You
simple have to write a policy to allow it.
Choose the actions that SpamBlocker can take when configuring SpamBlocker with an
SMTP proxy. (Select five.)
1. Deny Stops the message without a reply
2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
4. Ignore Sends the message to SpamBlocker for processing
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient -
ANSWER-1. Deny Stops the message without a reply
,2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient
True False? The Firebox can only send log messages to one WatchGuard Log Server
at a time.
True
False - ANSWER-False
True or false? If you want to report on the use of applications that are not blocked, you
must enable logging of allowed packages in each policy that has Application Control
enabled.
True
False - ANSWER-True
What is the default port of the Web UI? (Select one.)
8100
8080
8000
8088 - ANSWER-8080
When setting up Traffic Management on your firewall, what is the order of actions that it
will be applied?
Policy > Application Category > Application
Application Category > Application > policy
Application > Application Category > Policy
Policy > Application > Application Category - ANSWER-Application > Application
Category > Policy
When going through the initial Dimension installation, what must you make sure to do?
Pick all that apply.
Set a static IP for the Dimension server
Set an encryption password
Set up account for all users that will be accessing Dimension
Enter the IP of all firewalls that will be logged - ANSWER-Set a static IP for the
Dimension server
Set an encryption password
How often should you backup your firebox?
Every time there is a major change to the configuration
Monthly
Weekly
Daily
, Never - ANSWER-Every time there is a major change to the configuration
Through Firebox System Manager, you can run the TCP Dump command?
False
True - ANSWER-True. This option is available under Diagnostic Tasks tool
True or False: When setting up a static route, a lower metric means a lower
precedence.
True
False - ANSWER-False. A lower metric indicates a higher precedence in the routing
table.
True or false? Dynamic NAT rewrites the IP source addresses of the packets to use the
IP addresses of the outgoing interface.
True
False - ANSWER-True
True or False: Policy precedence is most often determined by the alphabetical order of
policy names.
False
True - ANSWER-False. Policy precedence is determined by how specific the policy is in
regards to what traffic is allowed.
When setting up an IPSec Mobile VPN, what must you make sure to configure?(2)
IPSec Tunnel
Allowed Resources
IPSec Gateway
Virtual IP Address Pool - ANSWER-IPSec Tunnel
Virtual IP Address Pool
When setting up a Firecluster, what requirements must you follow? Select all that apply.
Each device must have a special FireCluster subscription.
Each device must be running the same firmware.
Each device must be the same model.
Each device must be activated on the WatchGuard website. - ANSWER-Each device
must be running the same firmware.
Each device must be the same model.
Each device must be activated on the WatchGuard website.
Which Multi-WAN method allows you to set weights on the interfaces?
Round-Robin
Interface Overflow
Failover
Routing Table - ANSWER-Round-Robin
Which of these log message settings are available in the policy manager? (Select two)
ESSENTIALS PRACTICE QUIZ WITH
COMPLETE SOLUTIONS
What is the URL of the Firebox Authentication web page? (Select one.)
A. https://auth.watchguard.com:4100/
B. https://<trusted or optional device interface IP address>:4100/
C. http://ip address of device interface:411/
D. https://gateway IP address of Firebox:4000/ - ANSWER-What is the URL of the
Firebox Authentication web page?
B. https://<trusted or optional device interface IP address>:4100/
What are the four types of network interfaces you can configure on your firewall?
A. External, Trusted, Optional, Custom
B. External, Optional, Trusted, Optional
C. Trusted, Primary, Optional, DHCP
D. Optional, Trusted, Custom, Internet - ANSWER-What are the four types of network
interfaces you can configure on your firewall?
B. External, Trusted, Optional, Custom
True or False: In order to enable NAT Loopback on your firewall, you have to configure
this under the Dynamic NAT settings.
False
True - ANSWER-False. NAT Loopback does not require anything to be enabled. You
simple have to write a policy to allow it.
Choose the actions that SpamBlocker can take when configuring SpamBlocker with an
SMTP proxy. (Select five.)
1. Deny Stops the message without a reply
2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
4. Ignore Sends the message to SpamBlocker for processing
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient -
ANSWER-1. Deny Stops the message without a reply
,2. Quarantine option: Isolates the message on a Quarantine Server
3. Allow Option: allow messages to reach the Firebox without tags
5. Drop Option: It drops the connection immediately and does not send error messages
to the sender.
6. Tag Add a "spam" tag to the email title and allow messages to reach the recipient
True False? The Firebox can only send log messages to one WatchGuard Log Server
at a time.
True
False - ANSWER-False
True or false? If you want to report on the use of applications that are not blocked, you
must enable logging of allowed packages in each policy that has Application Control
enabled.
True
False - ANSWER-True
What is the default port of the Web UI? (Select one.)
8100
8080
8000
8088 - ANSWER-8080
When setting up Traffic Management on your firewall, what is the order of actions that it
will be applied?
Policy > Application Category > Application
Application Category > Application > policy
Application > Application Category > Policy
Policy > Application > Application Category - ANSWER-Application > Application
Category > Policy
When going through the initial Dimension installation, what must you make sure to do?
Pick all that apply.
Set a static IP for the Dimension server
Set an encryption password
Set up account for all users that will be accessing Dimension
Enter the IP of all firewalls that will be logged - ANSWER-Set a static IP for the
Dimension server
Set an encryption password
How often should you backup your firebox?
Every time there is a major change to the configuration
Monthly
Weekly
Daily
, Never - ANSWER-Every time there is a major change to the configuration
Through Firebox System Manager, you can run the TCP Dump command?
False
True - ANSWER-True. This option is available under Diagnostic Tasks tool
True or False: When setting up a static route, a lower metric means a lower
precedence.
True
False - ANSWER-False. A lower metric indicates a higher precedence in the routing
table.
True or false? Dynamic NAT rewrites the IP source addresses of the packets to use the
IP addresses of the outgoing interface.
True
False - ANSWER-True
True or False: Policy precedence is most often determined by the alphabetical order of
policy names.
False
True - ANSWER-False. Policy precedence is determined by how specific the policy is in
regards to what traffic is allowed.
When setting up an IPSec Mobile VPN, what must you make sure to configure?(2)
IPSec Tunnel
Allowed Resources
IPSec Gateway
Virtual IP Address Pool - ANSWER-IPSec Tunnel
Virtual IP Address Pool
When setting up a Firecluster, what requirements must you follow? Select all that apply.
Each device must have a special FireCluster subscription.
Each device must be running the same firmware.
Each device must be the same model.
Each device must be activated on the WatchGuard website. - ANSWER-Each device
must be running the same firmware.
Each device must be the same model.
Each device must be activated on the WatchGuard website.
Which Multi-WAN method allows you to set weights on the interfaces?
Round-Robin
Interface Overflow
Failover
Routing Table - ANSWER-Round-Robin
Which of these log message settings are available in the policy manager? (Select two)
