NEW QUESTION 1

Regarding the firewall security policy statement, which of the following options is false?

• A. If the security policypermit, the discarded packets will not be accumulated"Hits"
• B. When configuring a security policy name, the same name cannot be reused
• C. Adjust the order of security policies without saving configuration files and take effect immediately
• D. HuaweiUSGThe number of security policy entries for the series firewall cannot exceed128strip

Answer: A

NEW QUESTION 2

The steps of the security assessment method do not include which of the following?

• A. Manual audit
• B. Penetration testing
• C. Questionnaire
• D. data analysis

Answer: D

NEW QUESTION 3

In the construction of information security system, it is necessary to accurately describe the relationship between important aspects of security and system behavior through security models.

• A. True
• B. False

Answer: B

NEW QUESTION 4

IPv6 supports configuring router authorization function on the device, verifying peer identity through digital certificate, and selecting legal device. ( )[Multiple choice]*

• A. True
• B. False

Answer: A

NEW QUESTION 5

About disconnectTCPIn the description of the connection four-way handshake, which of the following is false?

• A. The active closing party sends the firstFINperform an active shutdown while the other party receives thisFINexecution is closed
• B. When passive shutdown receives the firstFIN, it will send back aACK, and randomly generate the confirmation serial number.
• C. The passive closing party needs to pass an end-of-file to the application, the application closes its connection, and causes the sending of an end-of-fileFIN
• D. Sent on passive shutdown sideFINAfter that, the active closing party must send back an acknowledgment and set the acknowledgment sequence number to the received sequence number plus1

Answer: B

NEW QUESTION 6

When an access user uses Client-InitiatedVPN to establish a tunnel with the LNS, how many PPP connections can a tunnel carry?

• A. 3
• B. 1
• C. 2
• D. 4

Answer: B

NEW QUESTION 7

Which of the following options belongs to Tier 2VPNTechnology?

• A. SSL VPN
• B. L2TP VPN
• C. GRE VPN
• D. IPSec VPN

Answer: B

NEW QUESTION 8

Drag the phases of the cybersecurity emergency response on the left into the box on the right, and arrange them from top to bottom in the order of execution.
* 1. Inhibition stage, 2. recovery phase, 3. Detection stage, 4. eradication phase[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 9

existUSGIn the system firewall, you can use————The function provides well-known application services for non-well-known ports.

• A. Port Mapping
• B. MACandIPaddress binding
• C. packet filtering
• D. Long connection

Answer: A

NEW QUESTION 10

Which of the following options arePKIComponents of the architecture? (multiple choice)

• A. end entity
• B. Certificate Authority
• C. Certificate Registration Authority
• D. certificate store

Answer: ABCD

NEW QUESTION 11

aboutNATAddress translation, which of the following statements is false?

• A. sourceNATconfiguration in technologyNATaddress pool, you can configure only one address poolIPaddress
• B. Address translation can be provided in the local area network according to the needs of usersFTP,WWW,Telnetand other services
• C. Some application layer protocols carry in the dataIPaddress information, make themNATWhen modifying the data in the upper layerIPAddress information
• D. for someTCP,UDPagreement (such asICMP,PPTP), cannot doNATconvert

Answer: D

NEW QUESTION 12

After the firewall detects a virus, which of the following will release the virus?

• A. Hit apply exception
• B. Not a protocol supported by the firewall
• C. The source IP hits the whitelist
• D. Hit virus exception

Answer: C

NEW QUESTION 13

Which of the following is not a key technology of antivirus software?

• A. Shelling technology
• B. self protection
• C. format the disk
• D. Update virus database in real time

Answer: C

NEW QUESTION 14

Which of the following attacks is not a special packet attack?

• A. ICMPredirected packet attack
• B. ICMPUnreachable Packet Attack
• C. IPaddress scanning attack
• D. oversizedICMPPacket attack

Answer: C

NEW QUESTION 15

Which of the following is an "information sabotage incident" in the classification of network security incidents?

• A. Software and hardware failure
• B. Information counterfeiting
• C. Internet Scanning for plagiarism
• D. Listen to Trojan attack

Answer: B

NEW QUESTION 16

aboutwindowslog, which of the following descriptions is false?

• A. System logs are used to record events generated by operating system components, mainly including crashes of drivers, system components and application software, and data
• B. windows server 2008The system logs are stored inApplication.evtxmiddle
• C. The application log contains events recorded by applications or system programs, mainly recording program operation events
• D. windows server 2008The security log is stored insecurity.evtxmiddle

Answer: B

NEW QUESTION 17

Which of the following is an encryption technique used in digital envelopes?

• A. Symmetric encryption algorithm
• B. Asymmetric encryption algorithm
• C. hash algorithm
• D. stream-add algorithm

Answer: B

NEW QUESTION 18
......