What settings must you device configuration file include for Gateway AntiVirus to protect users on your network? (Select two.)
Correct Answer: B,E
When you configure the Global Application Control action, it is automatically applied to all policies.
Correct Answer: A
Match each WatchGuard Subscription Service with its function. Uses full-system emulation analysis to identify characteristics and behavior of zero-day malware. (Choose one).
Correct Answer: I
APT Blocker is intended to stop malware and zero-day threats that are trying to invade anorganization's network. APT Blocker uses a next-gen sandbox to get detailed views into the execution of a malware program. After first running through other security services, files are fingerprinted and checked against an existing database - first on theappliance and then in the cloud. If the file has never been seen before, it is analyzed using the system emulator, which monitors the execution of all instructions. It can spot the evasion techniques that other sandboxes miss. Reference:http://www.watchguard.com/wgrd-products/security-modules/apt-blocker
Which tool can add an IP address for the Firebox to permanently block? (Select one)
Correct Answer: E
Block a site permanently The Successful Company networkadministrator has been driven to distraction recently by a script kiddy using addresses in the 126.96.36.199/24 network to run probes of the Successful network. In this exercise, we permanently block all connections from that network. 1.From PolicyManager, select Setup > Default Threat Protection > Blocked Sites. The Blocked Sites Configuration dialog box opens. 2.On the Blocked Sites tab, click Add. 3.The Add Site dialog box opens. 3. Use the Choose Type drop-down list to select Network IP. In the Value text box, type 188.8.131.52/ 24. 4. Click OK. The entry appears in the Blocked Sites list. With this configuration, the Firebox blocks all packets to and from the 184.108.40.206/24 network range. Reference: Fireware Basics, Courseware: WatchGuard System Manager 10, pages 15, 34, 59, 181
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com). The update site has multiple subdomains and dynamic IP addresses on a content delivery network. Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select one.)