NEW QUESTION 1
Which of the following is true about the description of the TCP/IP protocol stack packet encapsulation? (Multiple choice)

• A. The data packet is firsttransmitted to the data link laye
• B. After parsing, the data link layer information is stripped, and the network layer information is known according to the parsing information, such as IP.
• C. After the transport layer (TCP) receives the data packet, the transport layer information is stripped after parsing, and the upper layer processing protocol, such as UDP, is known according to the parsing information
• D. After receiving the data packet, the network layer is stripped after parsing, and the upper layer processing protocol is known according to the parsing information, such as HTTP
• E. After the application layer receives the data packet, the application layer information is stripped after parsing, and the user data displayed at the end is exactly the same as the data sent by the sender host.

Answer: AD

NEW QUESTION 2
Which cf the following is correct about the description of SSL VPN?

• A. Can be used without a client
• B. may IPencrypt layer
• C. There is a NAT traversal problem
• D. No authentication required

Answer: A

NEW QUESTION 3
Which of the following descriptions are correct about the buffer overflow attack? (Multiple Choice)

• A. Buffer overflow attack is the use of software system for memory operation defects, running attack code with high operation authority
• B. Buffer overflow attacks are not related to operating system vulnerabilities and architectures
• C. Buffer overflow attacks are the most common method of attacking software systems
• D. Buffer overflow attack belongs to application layer attack behavior

Answer: ACD

NEW QUESTION 4
Which of the following descriptions of the firewall fragment cache function are correct? (Multiple choice)

• A. By default, the firewall caches fragmented packets.
• B. After the fragmented packet is directly forwarded, the firewall forwards the fragment according to the interzone security policy if it is not the fragmented packet of the first packet.
• C. For fragmented packets, NAT ALG does not support the processing of SIP fragmen:ed packets.
• D. By default, the number of largefragment caches of an IPV4 packet is 32, and the number of large fragmentation buffers of an IPV6 packet is 255

Answer: ACD

NEW QUESTION 5
Which of the following statement is wrong about NAT?

• A. Configure a NAT address poolin the source NAT technolog
• B. You can configure only one IP address in the address pool.
• C. Address Translation can follow the needs of users, providing FT
• D. WWW, Telnet and other servicesoutside the LAN
• E. Some application layer protocols carry IP address information in the data, but also to modify the data in the upper layer of the IP address information when they make NAT
• F. For some non-TC
• G. UDP protocols (such as ICM
• H. PPTP), unable to do NAT.

Answer: D

NEW QUESTION 6
Which of the following is not the scope of business of the National Internet Emergency Center?

• A. Emergency handling of security incidents
• B. Early warning rotification of security incidents
• C. Providing security evaluation services for government departments, enterprises and institutions
• D. Cooperate with other agencies to provide training services

Answer: D

NEW QUESTION 7
Which of the following is correct for the command to view the number of security pclicy matches?

• A. display firewall sesstiontable
• B. display security-policy all
• C. display security-policy count
• D. count security-policy hit

Answer: B

NEW QUESTION 8
Which of the following options are correct about the control actions permit and deny of the firewall interzone forwarding security policy? (Multiple Choice)

• A. The action of the firewall default security policy is deny.
• B. The packet is matched immediately after the inter-domain security policy deny action, and the other interzone security policy will not be executed.
• C. Even if the packet matches the permit action of the security policy, it will not necessarily be forwarded by the firewall.
• D. Whether the message matches the permit action of the security policy or the deny action, the message will be processed by the UTM module.

Answer: ABC

NEW QUESTION 9
Which of the following description about the group management for VGMP is wrong?

• A. Master/slave status change of VRRP backup group needs to notify its VGMP management group
• B. Theinterface type and number of two firewalls heartbeat port may be different, as long as they can communicate with each other
• C. Periodically sends Hello packets between VGMP of master/slave firewall
• D. master/slave devices exchange packets to understand each other through the heartbeat line, and backup the related commands and status information

Answer: B

NEW QUESTION 10
Which ofthe following are core elements ofthe IATF (InformationAssurance Technology Framework) model? (Multiple choice)

• A. Environment
• B. person
• C. Technology
• D. Operation

Answer: BCD

NEW QUESTION 11
Which of the following is the correct descriptionof the investigation and evidence collection?

• A. Evidence is not necessarily required during the investigation
• B. Evidence obtained by eavesdropping is also valid
• C. In the process of all investigation and evidence collection, there are law enforcement agencies involved.
• D. Document evidence is required in computer crime

Answer: C

NEW QUESTION 12
The Huawei Redundancy Protocol (HRP) is used to synchronize the main firewall configuration and connection status and other data on the backup firewall to synchronize . Whichof the following options is not in the scope of synchronization?

• A. Security policy
• B. NAT policy
• C. Blacklist
• D. IPS signature set

Answer: D

NEW QUESTION 13
Execute the command on the firewall and display the following information, which of the following description is correct? (Multiple Choice)
HRP_A [USG_A] display vrrp interfaceGigabitEthernet 0/0/1 GigabitEthernet9/0/1 | Virtual Router 1VRRP Group: Active state: Active Virtual IP: 202.38.10.1 Virtual MAC: 0000-5e00-0101 Primary IP: 202 38.10.2 PriorityRun: 100 PriorityConfig: 100 MasterPriority: 100 Preempt: YES Delay Time: 10

• A. The status of this firewall VGMP group is Active.
• B. This firewall G1 / 0/1 virtual interface IP address 202.30.10.2
• C. This firewall VRID is 1 the VRRP priority to backup g'oup 100
• D. Will not switch when the primary device fails

Answer: AC

NEW QUESTION 14
Which of the following are the basic functions of anti-virus software? (Multiple Choice)

• A. Defend virus
• B. Find virus
• C. Clear virus
• D. Copy virus

Answer: ABC

NEW QUESTION 15
Based on the GRE encapsulation and de-encapsulation, which description is error?

• A. Encapsulation Process: The original data packetstransmit the data packets through looking up routing to the Tunnel interface to trigger GRE encapsulation.
• B. Encapsulation Process: After GRE module packaging, the data packet will enter the IP module for further processing
• C. De-encapsulation Process: After the destination receives GRE packets, transmitting the data packets through looking up the routing to the Tunnel interfaces to trigger GRE encapsulation.
• D. De-encapsulation Process: After GRE module de-encapsulation, the data packets will enter the IPmodule for further processing.

Answer: C

NEW QUESTION 16
Security policy conditions can be divided into multiple fields, such as source address, destination address, source port, destination port, etc. These fields are "and " , that is, only information in the message and all fields If you match, you can hit this strategy

• A. True
• B. False

Answer: B

NEW QUESTION 17
When configuring security policy, a security policy can reference an address set or configure multiple destination IP addresses.

• A. True
• B. False

Answer: A

NEW QUESTION 18
Typical remote authentication modes are: (Multiple Choice)

• A. RADIUS
• B. Local
• C. HWTACACS
• D. LDP

Answer: AC

NEW QUESTION 19
IPSec VPN uses an asymmetric encryption algorithm to encrypt the transmitted data

• A. True
• B. False

Answer: B

NEW QUESTION 20
NAT technology can securely transmit data by encrypting data.

• A. True
• B. False

Answer: B

NEW QUESTION 21
In the IPSec VPN transmission mode, which part ofthe data packe: is encrypted?

• A. Network layer and upper layer data packet
• B. Original IP packet header
• C. New IP packet header
• D. Transport layer and upper layer data packet

Answer: D

NEW QUESTION 22
When Firewall does dual-system hot backup networking, in order to achieve the overall status of the backup group switching, which of the following protocol technology need to be used?

• A. VRRP
• B. VGMP
• C. HRP
• D. OSPF

Answer: B

NEW QUESTION 23
Which of the following description is wrong about the operating system?

• A. The operating system is the interface between the user and the computer
• B. The operating system is responsible for managing the execution of all hardware resources and control software of the computer system.
• C. The interface between the operating system and the user is a graphical interface.
• D. The operating system itself is also a software

Answer: C

NEW QUESTION 24
Firewall update signature database and Virus database online throjgh security servicecenter, requires the firewall can connect to the Internet first, and then need to configure the correct DNS addresses.

• A. TRUE
• B. FALSE

Answer: A

NEW QUESTION 25
Regarding the comparison between windows and Linux, which of the following statements is wrong?

• A. Getting started with Linux is more difficult and requires some learning and guidance.
• B. Windows can be compatible with most software playing most games
• C. Linux is open source code, you can do what you want.
• D. windows is open source, you can do what you want.

Answer: D

NEW QUESTION 26
Whenconfiguring a GRE tunnel interface, the destination address generally refers to which of the following parameters?

• A. Local tunnel interface IP address
• B. Local end network export IP address
• C. Peer external network export IP address
• D. IP address of the peertunnel interface

Answer: C

NEW QUESTION 27
Regarding the AH and ESP security protocols, which ofthe following options is correct? (Multiple Choice)

• A. AH can provide encryption and verification functions
• B. ESP can provide encryption and verification functions
• C. The agreement number of AH is 51.
• D. The agreement number of ESP is51.

Answer: BC

NEW QUESTION 28
......