Essentials v1.0 (Essentials)

Page:    1 / 5   
Total 75 questions

Which diagnostic tasks can you run from the Traffic Monitor tab of Firebox System Manager? (Select four.)

  • A. DNS lookup
  • B. MAC address lookup
  • C. Traceroute
  • D. Reputation lookup
  • E. Ping
  • F. TCP dump


Answer : ACEF

From Firebox System Manager, you can run diagnostic tasks to review information in all the log messages from your Firebox or XTM device. This can help you debug problems on your network.
1. On the Traffic Monitor tab, right-click a message and select Diagnostic Tasks.
Or, select Tools > Diagnostic Tasks.
2. From the Task drop-down list, select the task to run.

Ping IPv4 -

Ping IPv6 -
traceroute

DNS Lookup -

TCP Dump -
Reference:
http://watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/fsm/log_message_learn_more_wsm.html

How can you include log messages from more than one Firebox in a single report generated by Dimension? (Select two.)

  • A. You cannot see report data in Dimension for more than one device.
  • B. Create a device group and view the reports for that group.
  • C. Create a report schedule that includes all the devices you want to include in the report.
  • D. Export report data as a single PDF file for all the devices you want to include in the report.


Answer : BC

To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)

  • A. You can only send log messages to Dimension from a computer that is on the network behind your gateway Firebox.
  • B. You must change the connection settings in Dimension, not on the gateway Firebox.
  • C. You must add a policy to the remote device configuration file to allow traffic to a Dimension.
  • D. You must make sure that either the WG-Logging packet filter policy, or another policy that allows external connections to Dimension over port 4115, is included in the configuration file.


Answer : C

Which WatchGuard tools can you use to review the log messages generated by your Firebox? (Select three).

  • A. Firebox System Manager > Traffic Monitor
  • B. Fireware XTM Web UI > Traffic Monitor
  • C. Firebox System Manager > Status Report
  • D. Dimension > Log manager
  • E. WatchGuard System Manager > Policy Manager


Answer : ABD

A: You can use Firebox System Manager (FSM) to see log messages from your XTM device as they occur.
1. Start Firebox System Manager.
2. Select the Traffic Monitor tab.
Reference:
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/fsm/log_msgs_traffic_mon_wsm.html
D: You can use Firebox System Manager to see log messages in real-time on the Traffic Monitor tab. You can also examine log messages with Log Manager or
WatchGuard Dimension.
B: After you connect to WatchGuard WebCenter, you can review the log messages sent from your XTM devices to your WatchGuard Log Server. Log Manager enables you to see log messages from your device for any period of time you specify, if log messages were generated in the selected time frame. To see log messages for an XTM device as they are generated, in real-time, you can use Firebox System Manager Traffic Monitor.
Reference:
http://www.watchguard.com/help/docs/wsm/XTM_11/en-US/index.html#en-US/logging/log_mgr_view_device_wsm.html
Incorrect:
Not C: The Status Report tab shows statistics about Firebox or XTM device traffic and performance. It does not display log messages.
To see the Status Report:
1. Start Firebox System Manager.
2. Select the Status Report tab.


You can configure your Firebox to send log messages to how many WatchGuard Log Servers at the same time? (Select one.)

  • A. One
  • B. Two
  • C. As many as you have configured on your network.


Answer : B

How can you prevent connections to the Fireware Web UI from computers on optional interface Eth2? (Select one.)

  • A. Remove Eth2 from the Any-Optional alias.
  • B. Remove Any-Optional from the To list of the WatchGuard Web UI policy.
  • C. Remove Any-Optional from the From list of the WatchGuard policy.
  • D. Remove Any-Optional from the To list of the WatchGuard policy
  • E. Remove Any-Optional from the From list of the WatchGuard Web UI policy


Answer : E

What is one reason that users could see a certificate warning in their web browsers when they connect to Fireware XTM Web UI? (Select one.)

  • A. The Firebox or XTM device uses the default self-signed certificate.
  • B. The authentication server does not respond after three minutes.
  • C. The user has been previously added to the Blocked Sites list.
  • D. The user or group is not present in the Firebox User database.


Answer : A

From the Fireware Web UI, you can generate a report that shows your device configuration settings.

  • A. True
  • B. False


Answer : A

In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)


  • A. Local: 192.168.1.0/24 <--> Remote: 10.0.10.0/24
  • B. Local: 203.0.113.10/24 <--> Remote: 198.151.100.2/24
  • C. Local: 10.0.10.1/24 <--> Remote: 192.168.1.1/24
  • D. Local: 10.0.10.0/24 <--> Remote: 192.168.1.0/24


Answer : C

The local, Site A, network is 10.0.10.1/24 while the remote, Site B, network is 192.168.1.1/24.

With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.


  • A. True
  • B. False


Answer : B

A local branch office VPN tunnel route is configured as shown in this image. On the remote peer device, what must be configured as the remote network address for this tunnel route? (Select one.)


  • A. 10.0.1.0/24
  • B. 10.0.10.0/24
  • C. 10.0.20.0/24


Answer : B

While troubleshooting a branch office VPN tunnel, you see this log message:
2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES
What settings could you modify in the local device configuration to resolve this issue? (Select one.)

  • A. BOVPN Gateway settings
  • B. BOVPN-Allow policies
  • C. BOVPN Tunnel settings
  • D. BOVPN Tunnel Route settings


Answer : A

The WatchGuard BOVPN settings error in this example states phase one encryption. Only the BOVPN Gateway settings can specify phase one settings. BOVPN
Tunnel settings specify phase 2 settings.

If you use an external authentication server for mobile VPN, which option must you complete before remote users can authenticate? (Select one.)

  • A. Create aliases for each remote user"™s virtual IP address.
  • B. Reboot the authentication server.
  • C. Add the Mobile VPN user group and remote users to your authentication server.
  • D. Add the remote users to a Mobile VPN user group on your Firebox.


Answer : C

In a Mobile VPN configuration, why would you choose default route VPN over split tunnel VPN? (Select one.)

  • A. Default route VPN allows your Firebox to examine all remote user traffic
  • B. Default route VPN uses less bandwidth
  • C. Default route VPN uses less processing power
  • D. Default route VPN automatically allows dynamic NAT


Answer : D

You can use Firebox-DB authentication with any type of Mobile VPN.

  • A. True
  • B. False


Answer : A

Page:    1 / 5   
Total 75 questions