NEW QUESTION 1

Which of the following configurations can achieveNAT ALGFeatures?

• A. nat alg protocol
• B. alg protocol
• C. nat protocol
• D. detect protocol

Answer: D

NEW QUESTION 2

According to the level protection requirements, which of the following behaviors belong to the scope of information security operation and maintenance management? ( )*

• A. Participate in information security training
• B. Backup or restore data
• C. Develop an emergency response plan
• D. Security hardening of the host

Answer: ABCD

NEW QUESTION 3

Which of the following DDoS attack types is an attack?

• A. snooping scan attack
• B. Malformed Packet Attack
• C. special packet attack
• D. traffic attack

Answer: D

NEW QUESTION 4

aboutSSL VPNTechnology, which of the following statements is false?

• A. SSL VPNtechnology can be perfectly adapted toNATthrough the scene
• B. SSL VPNThe encryption of the technology only takes effect at the application layer
• C. SSL VPNRequires a dial-up client
• D. SSL VPNTechnology expands the reach of the enterprise's network

Answer: C

NEW QUESTION 5

aboutTCP/IPDescription of protocol stack packet decapsulation, which of the following is correct? (multiple choice)

• A. The data packet is first transmitted to the data link laye
• B. After parsing, the data link layer information is stripped, and the network layer information is known according to the parsing information, such as:IP
• C. transport layer (TCP) after receiving the data packet, the transport layer information is stripped after parsing, and the upper layer processing protocol is known according to the parsing information, such asUDP
• D. After the network layer receives the data packet, the network layer information is stripped after parsing, and the upper layer processing protocol is known according to the parsing information, such asHTTP
• E. After the application layer receives the data packet, the application layer information is stripped after parsing, and the final displayed user data is exactly the same as the data sent by the sender host

Answer: AD

NEW QUESTION 6

The process of electronic forensics includes: protecting the scene, obtaining evidence, preserving evidence, identifying evidence, analyzing evidence, tracking and presenting evidence.

• A. True
• B. False

Answer: A

NEW QUESTION 7

Which of the following protocols is not a protocol type that ASPF can detect? ( )[Multiple choice]*

• A. PPTP
• B. FTP
• C. MSTP
• D. DNS

Answer: C

NEW QUESTION 8

If the administrator uses the defaultdefaultThe authentication domain verifies the user, and the user only needs to enter the user name when logging in; if the administrator uses the newly created authentication domain to authenticate the user, the user needs to enter the user name when logging in."username@Certified domain name"

• A. True
• B. False

Answer: A

NEW QUESTION 9

A digital envelope refers to the data obtained by the sender using the receiver's ______ to encrypt the symmetric key[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10

Which of the following options is correct regarding the actions of the security policy and the description of the security profile? (multiple choice)

• A. If the action of the security policy is"prohibit", the device will discard this traffic, and will not perform content security checks in the future.
• B. The security profile can take effect even if the action is allowed under the security policy
• C. The security profile must be applied under the security policy whose action is allowed to take effect
• D. If the security policy action is"allow", the traffic will not match the security profile

Answer: AC

NEW QUESTION 11

When an information security incident occurs, give priority to using _____ emergency response to provide technical support to customers [fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12

The method of collecting information by port scanning using scanning tools belongs to the means of ( ) analysis. (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

In tunnel encapsulation mode.IPSecThere is no need to have a route to the destination private network segment during configuration, because the data will be re-encapsulated to use the newIPThe header looks up the routing table.

• A. True
• B. False

Answer: B

NEW QUESTION 14

DDosWhich of the following attack types is an attack?

• A. snooping scan attack
• B. Malformed Packet Attack
• C. special packet attack
• D. traffic attack

Answer: D

NEW QUESTION 15

Which of the following statements are true about single sign-on? (multiple choice)

• A. The device can identify the user who has passed the authentication of the identity authentication system
• B. AD There is only one deployment mode for domain single sign-on
• C. Although there is no need to enter the user password, the authentication server needs to interact with the user password and the device to ensure that the authentication is passed.
• D. AD Domain single sign-on can be synchronized to the firewall by mirroring the login data stream

Answer: AD

NEW QUESTION 16

After a network intrusion event occurs, the identity of the intrusion, the source of the attack and other information are obtained according to the plan, and the intrusion behavior is blocked. The above actions belong to PDRR. What are the links in the network security model? (multiple choice)

• A. Protection link
• B. Detection link
• C. response link
• D. recovery link

Answer: BC

NEW QUESTION 17

In the architecture of PKI, ______ is the window for CA to face users, and is an extension of CA’s certificate issuance and management functions. He is responsible for accepting user’s certificate registration and revocation applications, reviewing employee identity information, and deciding Whether to submit an application to the CA to issue or revoke a digital certificate.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 18

Which of the following statements is true about Huawei's routers and switchers??(multiple choice)

• A. Routers can implement some security functions, and some routers can implement more security functions by adding security boards
• B. The main function of the router is to forward dat
• C. When the enterprise has security requirements, sometimes a firewall may be a more suitable choice
• D. Switches have some security functions, and some switches can realize more security functions by adding security boards
• E. The switch does not have security features

Answer: ABC

NEW QUESTION 19
......