Valid Essentials Dumps shared by ExamDiscuss.com for Helping Passing Essentials Exam! ExamDiscuss.com now offer the newest Essentials exam dumps, the ExamDiscuss.com Essentials exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Essentials dumps with Test Engine here:
Access Essentials Dumps Premium Version
(75 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 68/75
Which of these threats can the Firebox prevent with the default packet handling settings? (Select four.)
Correct Answer: B,C,E,G
Explanation/Reference:
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/ intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%
2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
B: The default configuration of the XTM device is to block DDoS attacks.
C: In a flood attack, attackers send a very high volume of traffic to a system so it cannot examine and allow permitted network traffic. For example, an ICMP flood attack occurs when a system receives too many ICMP ping commands and must use all of its resources to send reply commands. The XTM device can protect against these types of flood attacks: IPSec, IKE, ICMP. SYN, and UDP.
E: When the Block Port Space Probes (port scans) and Block Address Space Probes check boxes are selected, all incoming traffic on all interfaces is examined by the XTM device.
CG: Default packet handling can reject a packet that could be a security risk, including packets that could be part of a spoofing attack or SYN flood attack
Reference: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/ intrusionprevention/default_pkt_handling_opt_about_c.html%3FTocPath%3DDefault%2520Threat%
2520Protection%7CAbout%2520Default%2520Packet%2520Handling%2520Options%7C_____0
- Question List (75q)
- Question 1: When you examine the log messages In Traffic Monitor, you se...
- Question 2: The policies in a default Firebox configuration do not allow...
- Question 3: In the network configuration in this image, which aliases is...
- Question 4: To use the Web Setup Wizard or Quick Setup Wizard to configu...
- Question 5: Match the monitoring tool to the correct task. Which tool ca...
- Question 6: For which of these third party authentication methods must y...
- 1 commentQuestion 7: An email newsletter about sales from an external company is ...
- Question 8: Match the monitoring tool to the correct task. Which is not ...
- Question 9: You can configure the SMTP-proxy policy to restrict email me...
- Question 10: When your users connect to the Authentication Portal page to...
- Question 11: From the Fireware Web UI, you can generate a report that sho...
- Question 12: Match each WatchGuard Subscription Service with its function...
- Question 13: You can use Firebox System Manager to download a PCAP file t...
- Question 14: Match each WatchGuard Subscription Service with its function...
- Question 15: Match each WatchGuard Subscription Service with its function...
- Question 16: Match each WatchGuard Subscription Service with its function...
- Question 17: You configured four Device Administrator user accounts for y...
- Question 18: Match each WatchGuard Subscription Service with its function...
- Question 19: How is a proxy policy different from a packet filter policy?...
- Question 20: Only 50 clients on the trusted network of your Firebox can c...
- Question 21: A user receives a deny message that the installation file (i...
- Question 22: Match each WatchGuard Subscription Service with its function...
- Question 23: After you enable spamBlocker, your users experience no reduc...
- Question 24: A local branch office VPN tunnel route is configured as show...
- Question 25: When your device is in a default state, to which interface d...
- Question 26: Match each type of NAT with the correct description: Conserv...
- Question 27: After you enable Gateway AntiVirus, IPS, or Application cont...
- Question 28: Which of these services would you use to allow the use of P2...
- 3 commentQuestion 29: In this diagram, which branch office VPN tunnel route must y...
- Question 30: You have a privately addressed email server behind your Fire...
- Question 31: Which of these actions adds a host to the temporary or perma...
- Question 32: Which WatchGuard Subscription Service must be enabled in a p...
- Question 33: Which tool is used to see a treemap visualization of the tra...
- Question 34: What is one reason that users could see a certificate warnin...
- Question 35: Match the monitoring tool to the correct task. Which tool ca...
- Question 36: What is the best method to downgrade the version of Fireware...
- Question 37: Match each type of NAT with the correct description: Changes...
- Question 38: From the Firebox System Manager >Authentication List tab,...
- 2 commentQuestion 39: With the policies configured as shown in this image, HTTP tr...
- Question 40: Users on the trusted network cannot browse Internet websites...
- Question 41: When you configure the Global Application Control action, it...
- Question 42: If you disable the Outgoing policy, which policies must you ...
- Question 43: Which WatchGuard tools can you use to review the log message...
- Question 44: Match each type of NAT with the correct description: Allows ...
- Question 45: To prevent certificate error warnings in your browser when y...
- Question 46: Which policies can use the Intrusion Prevention Service to b...
- 2 commentQuestion 47: To enable remote devices to send log messages to Dimension t...
- Question 48: What settings must you device configuration file include for...
- Question 49: You need to create an HTTP-proxy policy to a specific domain...
- Question 50: Which of these options must you configure in an HTTPS-proxy ...
- Question 51: Which takes precedence: WebBlocker category match or a WebBl...
- Question 52: Clients on the trusted network need to connect to a server b...
- Question 53: You can use Firebox-DB authentication with any type of Mobil...
- Question 54: Match each WatchGuard Subscription Service with its function...
- Question 55: Which items are included in a Firebox backup image? (Select ...
- Question 56: While troubleshooting a branch office VPN tunnel, you see th...
- Question 57: In the default Firebox configuration file, which policies co...
- Question 58: The IP address for the trusted interface on your Firebox is ...
- Question 59: Match each WatchGuard Subscription Service with its function...
- Question 60: Match the monitoring tool to the correct task. Which tool ca...
- Question 61: You can configure your Firebox to automatically redirect use...
- Question 62: Which authentication servers can you use with your Firebox? ...
- Question 63: You can configure your Firebox to send log messages to how m...
- Question 64: Which diagnostic tasks can you run from the Traffic Monitor ...
- 1 commentQuestion 65: How can you prevent connections to the Fireware Web UI from ...
- Question 66: Which of these options are private IPv4 addresses you can as...
- Question 67: If you use an external authentication server for mobile VPN,...
- Question 68: Which of these threats can the Firebox prevent with the defa...
- 1 commentQuestion 69: Your company denies downloads of executable files from all w...
- 2 commentQuestion 70: In a Mobile VPN configuration, why would you choose default ...
- 2 commentQuestion 71: If your Firebox has a single public IP address, and you want...
- Question 72: How can you include log messages from more than one Firebox ...
- 1 commentQuestion 73: From the SMTP proxy action settings in this image, which of ...
- Question 74: Which tool can add an IP address for the Firebox to permanen...
- Question 75: Match each WatchGuard Subscription Service with its function...
[×]
Download PDF File
Enter your email address to download WatchGuard.Essentials.v2018-04-06.q75.pdf