Essentials exam

Home ยป Essentials exam

To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)

Leave a comment

To enable remote devices to send log messages to Dimension through the gateway Firebox, what must you verify is included in your gateway Firebox configuration? (Select one.)
A . You can only send log messages to Dimension from a computer that is on the network behind your gateway Firebox.
B . You must change the connection settings in Dimension, not on the gateway Firebox.
C . You must add a policy to the remote device configuration file to allow traffic to a Dimension.
D . You must make sure that either the WG-Logging packet filter policy, or another policy that allows external connections to Dimension over port 4115, is included in the configuration file.

Answer: C

What settings could you modify in the local device configuration to resolve this issue?

Leave a comment

While troubleshooting a branch office VPN tunnel, you see this log message:

2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES

What settings could you modify in the local device configuration to resolve this issue? (Select one.)
A . BOVPN Gateway settings
B . BOVPN-Allow policies
C . BOVPN Tunnel settings
D . BOVPN Tunnel Route settings

Answer: A

Explanation:

The WatchGuard BOVPN settings error in this example states phase one encryption. Only the BOVPN Gateway settings can specify phase one settings. BOVPN Tunnel settings specify phase 2 settings.

If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use?

Leave a comment

You have a privately addressed email server behind your Firebox.

If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)
A . In the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113.25.
B . Create a global dynamic NAT rule for traffic from the email server and set the source IP address to 203.0.113.25.
C . Create a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25.

Answer: B

What option could you choose to make sure the newsletter is delivered to your users?

Leave a comment

An email newsletter about sales from an external company is sometimes blocked by spamBlocker.

What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
A . Add a spamBlocker exception based on the From field of the newsletter email.
B . Set the spamBlocker action to quarantine the email for later retrieval.
C . Add a spamBlocker subject tag for bulk email messages.
D . Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.

Answer: C

Based on the configuration shown in this image, what could be the problem with this policy configuration?

Leave a comment

Users on the trusted network cannot browse Internet websites.

Based on the configuration shown in this image, what could be the problem with this policy configuration? (Select one.)
A . The default Outgoing policy has been removed and there is no policy to allow DNS traffic.
B . The HTTP-proxy policy has higher precedence than the HTTPS-proxy policy.
C . The HTTP-proxy policy is configured for the wrong port.
D . The HTTP-proxy allows Any-Trusted and Any-Optional to Any-External.

Answer: C