To use the Web Setup Wizard or Quick Setup Wizard to configure your Firebox or XTM device, your computer must have an IP address on which subnet? (Select one.)

A. 10.0.10.0/24

B. 10.0.1.0/24

C. 172.16.10.0/24

D. 192.168.1.0/24

Which items are included in a Firebox backup image? (Select four.)

A. Support snapshot

B. Fireware OS

C. Configuration file

D. Log file

E. Feature keys

F. Certificates

You have a privately addressed email server behind your Firebox. If you want to make sure that all traffic from this server to the Internet appears to come from the public IP address 203.0.113.25, regardless of policies, which from of NAT would you use? (Select one.)

A. In the SMTP policy that handles traffic from the email server, select the option to apply dynamic NAT to all traffic in the policy and set the source IP address 203.0.113.25.

B. Create a global dynamic NAT rule for traffic from the email server and set the source IP address to

203.0.113.25.

C. Create a static NAT action for traffic to the email server, and set the source IP address to 203.0.113.25.

From the SMTP proxy action settings in this image, which of these options is configured for outgoing SMTP traffic? (Select one.)

A. Rewrite the Mail From header for the example.comdomain.

B. Deny incoming mail from the example.comdomain.

C. Prevent mail relay for the example.comdomain.

D. Deny outgoing mail from the example.comdomain.

Your company denies downloads of executable files from all websites. What can you do to allow users on the network to download executable files from the company's remote website? (Select one.)

A. Add an HTTP proxy exception for the company's remote website.

B. Create a WebBlocker exception to allow access to the company's remote website.

C. Create an IPS exception.

D. Create a Blocked Sites exception.

E. Configure HTTP Request > URL Paths to allow the company's remote website.

Match the monitoring tool to the correct task.

Which is not a Fireware monitoring tool? (Select one)

A. FireBox System Manager – Blocked Sites list

B. Log Server

C. FireWatch

D. Firebox System Manager – Subscription services

E. Firebox System Manager – Authentication list

F. Traffic Monitor

A. DNS lookup

B. MAC address lookup

C. Traceroute

D. Reputation lookup

E. Ping

F. TCP dump

In this diagram, which branch office VPN tunnel route must you add on the Site A Firebox to allow traffic between devices on the trusted network at Site A and the trusted network at site B? (Select one.)

A. Local: 192.168.1.0/24 <--> Remote: 10.0.10.0/24

B. Local: 203.0.113.10/24 <--> Remote: 198.151.100.2/24

C. Local: 10.0.10.1/24 <--> Remote: 192.168.1.1/24

D. Local: 10.0.10.0/24 <--> Remote: 192.168.1.0/24

While troubleshooting a branch office VPN tunnel, you see this log message:

2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase oneencryption 3DES, expecting AES

What settings could you modify in the local device configuration to resolve this issue? (Select one.)

A. BOVPN Gateway settings

B. BOVPN-Allow policies

C. BOVPN Tunnel settings

D. BOVPN Tunnel Route settings

You can use Firebox-DB authentication with any type of Mobile VPN.

A. True

B. False