NEW QUESTION 1
Which ofthe following descriptions is correct about port mirroring? (Multiple Choice)

• A. The mirrored port copies the packet to the observing port.
• B. The observing port sends the "eceived packet to the monitoring device.
• C. The mirrored port sends the received packet to the monitoring device.
• D. The observing port copies the packet to the mirrored port.

Answer: AB

NEW QUESTION 2
Terminal detection is an important part of the future development of informationsecurity. Which of the following methods belong to the category of terminal detection? (Multiple Choice)

• A. Install host antivirus software
• B. Monitor and remember the external device
• C. Prevent users from accessing public network search engines
• D. Monitorthe host registry modification record

Answer: AD

NEW QUESTION 3
If the company structure has undergone a practical change, it is necessary to retest whether the business continuity plan is feasible

• A. True
• B. False

Answer: A

NEW QUESTION 4
Which of the following are remote authentication methods? (Multiple choice)

• A. RADIUS
• B. Local
• C. HWTACACS
• D. LLDP

Answer: AC

NEW QUESTION 5
When the IPSec VPN tunnel mode is deployed, the AH protocol is used for packet encapsulation. In the new IP packet header field, which of the following parameters does not require data integrity check?

• A. Source IP address
• B. Destination IP address
• C. TTL
• D. Idetification

Answer: C

NEW QUESTION 6
Which of the following is wrong about the management of Internet users?

• A. Each user group can include multiple users and user groups
• B. Each user group canbelong to multiple user groups
• C. The system has a default user group by default, which is also the system default authentication domain.
• D. Each user belongs to at least one user group, also can belong to multiple user groups

Answer: B

NEW QUESTION 7
According to the protection object, the firewall is divided. Windows Firewall belongs to

• A. Software firewall
• B. Hardware firewall
• C. Stand-alone firewall
• D. Network firewall

Answer: C

NEW QUESTION 8
Which of the following is the default backup method for double hot standby?

• A. Automatic backup
• B. Manual batch backup
• C. Session fast backup
• D. Configuration of the active and standby FWs after the device is restarted

Answer: A

NEW QUESTION 9
Which of the following statements about Client-Initiated VPN is correct? (Multiple choice)

• A. A tunnel is established between each access user and the LNS.
• B. Only one L2TP session and PPP connection are carried in each tunnel.
• C. Each tunnel carries multiple L2TP sessions and PPP connections.
• D. Each tunnel carries multiple L2TP sessions and one PPP connection.

Answer: AB

NEW QUESTION 10
Which of the following is the encryption technology used by digital envelopes?

• A. Symmetric encryption algorithm
• B. Asymmetric encryption algorithm

Answer: B

NEW QUESTION 11
Which of the following types of attacks does the DDoS attack belong to?

• A. Snooping scanning attack
• B. Malformed packet attack
• C. Special message attack
• D. Traffic attack

Answer: D

NEW QUESTION 12
Which of the following descriptions about the action and security profile of the security policy are correct? (Multiple choice)

• A. If the action of the security policy is "prohibited”, the device willdiscard this traffic, and then no content security check will be performed.
• B. The security profile may know: be applied to the security policy tfat the action is allowed and take effect.
• C. The security profile must be applied to the security policy thats allowed to take effect.
• D. If the security policy action is "Allow", the traffic will not match the security profile.

Answer: AC

NEW QUESTION 13
Which of the following options belong to theencapsulation mode supported by IPSec VPN? (Multiple Choice)

• A. AH mode
• B. Tunnel mode
• C. Transmission mode
• D. ESP mode

Answer: BC

NEW QUESTION 14
Device destruction attacks are generally not easy to cause information leakage, but usually cause network communication services to be interrupted.

• A. True
• B. False

Answer: A

NEW QUESTION 15
Which of the following traffic matches the authentication policy triggers authentication?

• A. Access device or device initiated traffic
• B. DHCP, BG
• C. OSPF and LDP packets
• D. Traffic of visitors accessing HTTP services
• E. The first DNS packet corresponding to the HTTP service data flow

Answer: C

NEW QUESTION 16
Which of the following is true about firewall security policies?

• A. By default, the security policy can control unicast packets andbroadcast packets.
• B. By default, the security policy can control multicast.
• C. By default, the security policy only controls unicast packets.
• D. By default, the security policy can control unicast packets, broadcast packets, and multicast packets.

Answer: C

NEW QUESTION 17
Which of the following operations are necessary during theadministrator upgrade of the USG firewall software version? (Multiple Choice)

• A. Upload the firewall version software
• B. Restart the device
• C. Device factory reset
• D. Specify the next time you start loading the software version.

Answer: ABD

NEW QUESTION 18
Which of the following statement about :he NAT is wrong?

• A. NAT technology can effectively hide the hosts of the LA
• B. it is an effective network security protection technology
• C. Address Translation can follow the needs of users, providing FT
• D. WWW, Telnet and other services outside the LAN
• E. Some application layer protocols earn/ IP address information in the data, but also modify the P address information in the data of the upper layer when they are as NAT
• F. For some non-TC
• G. UDP protocols (such as ICM
• H. PPTP), unable to do the NAT translation

Answer: D

NEW QUESTION 19
Which of the following attacks is not a malformed message attack?

• A. Teardrop attack
• B. Smurf attack
• C. TCP fragment attack
• D. ICMP unreachable packet attack

Answer: D

NEW QUESTION 20
The configuration commands for the NAT address pool are as follows: nat address-group 1 section 0 202.202.168.10 202.202.168.20 mode no-pat Of which, the meaning of no-pat parameters is:

• A. Do not do address translation
• B. Perform port multiplexing
• C. Do not convert the source port
• D. Do not convert the destination port

Answer: C

NEW QUESTION 21
Which of the following is the port number used by L2TP packets?

• A. 17
• B. 500
• C. 1701
• D. 4500

Answer: C

NEW QUESTION 22
ASPF (Application Specific Packet Filter) is apacket filtering technology based on the application layer, and implements a special security mechanism through the server-map table. Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)

• A. ASPF monitors messages during communication
• B. ASPF can dynamically create a server-map
• C. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.
• D. The quintuple server-map entry implements a similar function to the session table.

Answer: ABC

NEW QUESTION 23
The host firewall is mainly used to protect the host from attacks and intrusions from the network

• A. True
• B. False

Answer: A

NEW QUESTION 24
Which of the following iscorrect about firewall IPSec policy?

• A. By default, IPSec policy can control unicast packets and broadcast packets.
• B. By default, IPSec policy can control multicast.
• C. By defaul
• D. IPSec policy only controls unicast packets.
• E. By default, IPSec policy can control unicast packets, broadcast packets, and multicast packets °

Answer: C

NEW QUESTION 25
Which of the following descriptions about windows logs is wrong?

• A. The system log is used to record the events generated by the operating system components, including the crash of the driver, system components and application software, and data
• B. Windows server 2008 system logs stored in the Application.evtx
• C. The application log contains events logged by the application or system program, mainly recording events in the running of the program.
• D. Windows seiver 2008 security lug is sluied in security.evtx

Answer: B

NEW QUESTION 26
......