WATCHGUARD ACTUAL TESTS
ESSENTIALS QUESTONS WITH
LATEST CHOICES
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal
hosts based on the destination port, which type of NAT should you
use? (Select one.)
A. Static NAT
B. 1-to-1 NAT
C. Dynamic NAT ANSW✅✅A
(Page 126 - Fireware Essentials Student Guide)
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com).
The update site has multiple subdomains and dynamic IP addresses on a content delivery network.
Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select
one.)
A. Configure a host name for update.example.com.
B. Configure an FQDN for *.example.com.
C. Add IP addresses that correspond to each software update server in the domain.
D. Create an alias for all subdomains and known IP addresses for example.com. ANSW✅✅B
FQDN in a Policy:
In this exercise, you learn how to use FQDN in a policy to make an exception for destination domains
that can comprise many different subdomains and resolved IP addresses because the destinations
may be hosted on content delivery networks (CDN).
From the SMTP proxy action settings in this image, which of these options is configured for outgoing
SMTP traffic? (Select one.)
A. Rewrite the Mail From header for the example.com domain.
B. Deny incoming mail from the example.com domain.
C. Prevent mail relay for the example.com domain.
D. Deny outgoing mail from the example.com domain. ANSW✅✅B
Good example on Page 207 - Fireware Essentials Student Guide
,You can configure the SMTP-proxy policy to restrict email messages and email content based on
which of these message characteristics? (Select four.)
A. Sender Mail From address
B. Check URLs in message with WebBlocker
C. Email message size
D. Attachment file name and content type
E. Maximum email recipients ANSW✅✅A,C,D,E
Verified by configuring SMTP-Proxy and a Proxy Action Configuration. Worth noting that this
question was a little tough to review.
To prevent certificate error warnings in your browser when you use deep content inspection with
the HTTPS proxy, you can export the proxy authority certificate
from the Firebox and import that certificate to all client devices.
A. True
B. False ANSW✅✅A. True
Default Proxy Authority Certificate
You can use the default self-signed Proxy Authority CA certificate on the Firebox or XTM device for
use with the HTTPS Proxy content inspection features. Your device re-encrypts the content it has
inspected with this Proxy Authority self-signed certificate. When you use this default certificate, end
users without a copy of this certificate see a warning in their web browser when they connect to a
secure web site with HTTPS. To avoid these warnings, you can export the Proxy Authority certificate
from the XTM device and import the certificate on your client devices.
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-
US/certificates/cert_https_proxy_resign_c.html
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers
in HTTP traffic that is encrypted with SSL? (Select one.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
D. Deep inspection of HTTPS content
E. Data Loss Prevention ANSW✅✅D
, Uses full-system emulation analysis to identify characteristics and behavior of zero-day malware
ANSW✅✅APT Blocker
Manages use of applications on your network ANSW✅✅Application Control
A repository where email messages can be sent based on analysis by spamBlocker, Gateway
Antivirus or Data Loss Prevention ANSW✅✅Quarantine Server
Cloud based service that controls access to websites based on a sites previous behavior
ANSW✅✅Reputation Enabled Defense (RED)
Scans files to detect malicious software infections ANSW✅✅Gateway Antivirus
Prevents accidental or unauthorized transmission of confidential information outside your network
ANSW✅✅Data Loss Prevention (DLP)
Uses signatures to provide real-time protection against network attacks ANSW✅✅Intrusion
Prevention Service (IPS)
Uses rules, pattern matching and sender reputation to block unwanted email messages
ANSW✅✅Spam Blocker
Controls access to website based on content categories ANSW✅✅WebBlocker
When you configure the Global Application Control action, it is automatically applied to all policies.
A. True
B. False ANSW✅✅B. False
Essentially, it doesn't modify existing policies, its the default application control for all policies unless
otherwise specified.
The Global Application Control action is a predefined action. You configure the Global action to block
applications you do not want to allow for all or most users. In
this example, we want to block instant messaging applications for all users.
(Page 295 - Fireware Essentials Student Guide)
ESSENTIALS QUESTONS WITH
LATEST CHOICES
If your Firebox has a single public IP address, and you want to forward inbound traffic to internal
hosts based on the destination port, which type of NAT should you
use? (Select one.)
A. Static NAT
B. 1-to-1 NAT
C. Dynamic NAT ANSW✅✅A
(Page 126 - Fireware Essentials Student Guide)
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com).
The update site has multiple subdomains and dynamic IP addresses on a content delivery network.
Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select
one.)
A. Configure a host name for update.example.com.
B. Configure an FQDN for *.example.com.
C. Add IP addresses that correspond to each software update server in the domain.
D. Create an alias for all subdomains and known IP addresses for example.com. ANSW✅✅B
FQDN in a Policy:
In this exercise, you learn how to use FQDN in a policy to make an exception for destination domains
that can comprise many different subdomains and resolved IP addresses because the destinations
may be hosted on content delivery networks (CDN).
From the SMTP proxy action settings in this image, which of these options is configured for outgoing
SMTP traffic? (Select one.)
A. Rewrite the Mail From header for the example.com domain.
B. Deny incoming mail from the example.com domain.
C. Prevent mail relay for the example.com domain.
D. Deny outgoing mail from the example.com domain. ANSW✅✅B
Good example on Page 207 - Fireware Essentials Student Guide
,You can configure the SMTP-proxy policy to restrict email messages and email content based on
which of these message characteristics? (Select four.)
A. Sender Mail From address
B. Check URLs in message with WebBlocker
C. Email message size
D. Attachment file name and content type
E. Maximum email recipients ANSW✅✅A,C,D,E
Verified by configuring SMTP-Proxy and a Proxy Action Configuration. Worth noting that this
question was a little tough to review.
To prevent certificate error warnings in your browser when you use deep content inspection with
the HTTPS proxy, you can export the proxy authority certificate
from the Firebox and import that certificate to all client devices.
A. True
B. False ANSW✅✅A. True
Default Proxy Authority Certificate
You can use the default self-signed Proxy Authority CA certificate on the Firebox or XTM device for
use with the HTTPS Proxy content inspection features. Your device re-encrypts the content it has
inspected with this Proxy Authority self-signed certificate. When you use this default certificate, end
users without a copy of this certificate see a warning in their web browser when they connect to a
secure web site with HTTPS. To avoid these warnings, you can export the Proxy Authority certificate
from the XTM device and import the certificate on your client devices.
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-
US/certificates/cert_https_proxy_resign_c.html
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers
in HTTP traffic that is encrypted with SSL? (Select one.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
D. Deep inspection of HTTPS content
E. Data Loss Prevention ANSW✅✅D
, Uses full-system emulation analysis to identify characteristics and behavior of zero-day malware
ANSW✅✅APT Blocker
Manages use of applications on your network ANSW✅✅Application Control
A repository where email messages can be sent based on analysis by spamBlocker, Gateway
Antivirus or Data Loss Prevention ANSW✅✅Quarantine Server
Cloud based service that controls access to websites based on a sites previous behavior
ANSW✅✅Reputation Enabled Defense (RED)
Scans files to detect malicious software infections ANSW✅✅Gateway Antivirus
Prevents accidental or unauthorized transmission of confidential information outside your network
ANSW✅✅Data Loss Prevention (DLP)
Uses signatures to provide real-time protection against network attacks ANSW✅✅Intrusion
Prevention Service (IPS)
Uses rules, pattern matching and sender reputation to block unwanted email messages
ANSW✅✅Spam Blocker
Controls access to website based on content categories ANSW✅✅WebBlocker
When you configure the Global Application Control action, it is automatically applied to all policies.
A. True
B. False ANSW✅✅B. False
Essentially, it doesn't modify existing policies, its the default application control for all policies unless
otherwise specified.
The Global Application Control action is a predefined action. You configure the Global action to block
applications you do not want to allow for all or most users. In
this example, we want to block instant messaging applications for all users.
(Page 295 - Fireware Essentials Student Guide)
