








Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A set of verified questions and answers for the watchguard exam 2025, focusing on identity security essentials. It covers key concepts related to radius, ldap, mfa, and authpoint gateway, offering insights into authentication methods, security configurations, and troubleshooting techniques. Valuable for individuals preparing for the watchguard exam 2025, particularly those seeking to understand and apply best practices for identity security.
Typology: Exams
1 / 14
This page cannot be seen from the preview
Don't miss anything!
Which of these must a RADIUS client have in order to connect to a RADIUS server? (Select two.)
a. The correct IP address known to the RADIUS server
b. The public key of the RADIUS server
c. The shared secret configured on the RADIUS server
d. The certificate of the RADIUS server
e. The administrator account credentials on the RADIUS server
a. The correct IP address known to the RADIUS server
c. The shared secret configured on the RADIUS server
How do you specify the domain example.local in an LDAP query? (Select one.)
a. ou=example,dc=local
b. dc=example,ou=local
c. dc=example,dc=local
d. ou=example,ou=local
e. ou="example.local"
c. dc=example,dc=local
Which of these authentication factors is the least secure for MFA? (Select one.)
a. Hardware token
b. Software token
c. QR code
d. Push notification
e. One-time password
e. One-time password
You can install the Logon app on which of the following operating systems? (Select two.)
a. Windows 10/
b. macOS
c. Linux
d. iOS
e. Android
f. Windows 7
a. Windows 10/
b. macOS
d. a RADIUS server
a. an LDAP client
d. a RADIUS server
Where in the AuthPoint management UI do you configure the query AuthPoint uses to synchronize users from
an LDAP server? (Select one.)
a. Management > Resources
b. Management > External Identities
c. Management > Gateway
d. General > Download
e. General > Settings
b. Management > External Identities
*AuthPoint only imports LDAP users that have an email address.
a. True
b. False
a. True
Where do you specify the allowed authentication methods for a resource? (Select one.)
a. In the resource configuration
b. In the authentication policy configuration
c. In the user configuration
d. In the policy object configuration
e. In the IdP portal resource
b. In the authentication policy configuration
What is the AuthPoint metadata used for? (Select one.)
a. To configure SAML authentication with a third-party service provider
b. To configure the Logon app for user authentication on a Windows computer
c. To configure token security for the AuthPoint Mobile App
d. To configure a VPN client to use AuthPoint for MFA
a. To configure SAML authentication with a third-party service provider
One of your users does not want to use their personal phone for work, and has asked if they can use their
tablet instead. This is not possible.
a. True
b. False
During the AuthPoint Gateway installation, you get a permission error. You resolve the permissions problem,
but when you try again the Gateway installation still fails. What could be the problem? (Select one.)
a. The LDAP System Account has the wrong credentials in AuthPoint.
b. You are trying to install the 32-bit version of the AuthPoint Gateway on a 64-bit computer.
c. The NPS role is not installed on the AD server.
d. The Gateway Registration Key is invalid because it has already been used.
d. The Gateway Registration Key is invalid because it has already been used.
Which resource type does not support the use of the QR code MFA option? (Select one.)
a. RADIUS
b. SAML
c. Logon App
d. IdP Portal
e. ADFS
a. RADIUS
If you uninstall and then reinstall the AuthPoint Gateway, you can re-use the same registration key when you
try to install again.
a. True
b. False
b. False
To import a third-party hardware token in your AuthPoint account, you must have: (Select two.)
a. A key file
b. A seed file
c. A token serial number
d. A mobile phone
e. An activation code
a. A key file
b. A seed file
In AuthPoint, SAML resources are the applications and services that can use SAML authentication. Which of
the following is a SAML resource? (Select two.)
a. Salesforce
b. Logon app
*You can send RADIUS requests to a secondary AuthPoint Gateway when the primary AuthPoint Gateway is
online.
a. True
b. False
a. True
What steps are required before you install the AuthPoint Gateway? (Select three.)
a. Make sure the computer you will install the Gateway on has Internet access.
b. Make sure the computer you will install the Gateway on can communicate with your RADIUS clients
and Active Directory or LDAP database.
c. Install the Gateway software on all computers in your network with AD Group Policy.
d. Make sure the Gateway configuration file is in the same directory as the Gateway installer software.
e. Make sure you have the Gateway Registration Key for your Gateway.
a. Make sure the computer you will install the Gateway on has Internet access.
b. Make sure the computer you will install the Gateway on can communicate with your RADIUS clients
and Active Directory or LDAP database.
e. Make sure you have the Gateway Registration Key for your Gateway.
Each LDAP external identity can only be added to a single primary AuthPoint Gateway.
a. True
b. False
a. True
You configured a RADIUS client resource for your company's VPN, but your AuthPoint users cannot
authenticate. Where can you look to start troubleshooting the RADIUS authentication failure? (Select two.)
a. The security event logs on the VPN client computer
b. The Gateway LDAP log file
c. The VPN client log file
d. The Gateway RADIUS log file
e. The firewall authentication log file
f. The WatchGuard Cloud audit log messages for AuthPoint
d. The Gateway RADIUS log file
f. The WatchGuard Cloud audit log messages for AuthPoint
When a user authenticates with the Logon app for Windows or Mac, the user's password is sent to AuthPoint.
a. True
b. False
b. False
Which of these distinguished names are correctly formatted? (Select two.)
a. cn=trainer1,ou=training accounts,dc=traininglab,dc=local
b. cn=Trainer1,ou=Training Accounts,dc=TrainingLab,dc=Local
c. dc=Trainer1, ou=Training Accounts, cn=TrainingLab, cn=Local
d. cn=trainer1.ou=training accounts.dc=traininglab.dc=local
e. cn=trainer1, ou=training accounts, dc=traininglab.local
a. cn=trainer1,ou=training accounts,dc=traininglab,dc=local
b. cn=Trainer1,ou=Training Accounts,dc=TrainingLab,dc=Local
Which MFA options can you use to authenticate users using RADIUS with MS- CHAPv2? (Select one.)
a. Push, OTP, and QR code
b. OTP and QR code
c. OTP only
d. Push and OTP
e. Push only
e. Push only
You added an external identity and synced a group of LDAP users. Some users were not synced. What could
be the cause? (Select one.)
a. Those users did not have an email attribute.
b. The AuthPoint Gateway could not reach the external identity.
c. Those users do not have an AuthPoint token.
d. Those users have expired passwords.
e. The external identity is not configured correctly.
a. Those users did not have an email attribute.