Watchguard Network Security Practice Test

What can be done to allow users to download PDF files from a company's remote website while denying other downloads?

• A. Create a Blocked Sites exception
• B. Add an HTTP proxy exception for the company's remote website
• C. Create a WebBlocker exception for that website
• D. Configure HTTP Response to allow .pdf extensions

The correct answer is: Configure HTTP Response to allow .pdf extensions

The ideal approach to allow users to download PDF files from a company's remote website while denying other downloads is to configure the HTTP Response to allow .pdf extensions. This method specifically targets the file type that you want to permit, enabling a focused policy that allows PDF downloads while maintaining restrictions on other file types. By adjusting the HTTP Response settings, you can create a filter that recognizes PDF files and allows those to be downloaded, ensuring that users have access to the necessary documents without opening the door to other potentially undesirable downloads. Configuring restrictions on file types through HTTP Response is particularly effective in a corporate environment where managing bandwidth and security is crucial. It allows for a granular level of control that broader strategies, like creating exceptions for specific sites or using general blockers, do not provide. Options such as creating a Blocked Sites exception typically serve to restrict access on a broader scale and would not facilitate the desired downloading of PDFs. Adding an HTTP proxy exception could allow overall access, negating the security goal. A WebBlocker exception does not specifically manage file types, which would mean it could inadvertently block the PDF downloads as well. Hence, configuring the HTTP Response to permit .pdf extensions directly addresses the question's requirements efficiently and effectively.