NEW QUESTION 1

About disconnectTCPIn the description of the connection four-way handshake, which of the following is false?

• A. The active closing party sends the firstFINperform an active shutdown while the other party receives thisFINexecution is closed
• B. When passive shutdown receives the firstFIN, it will send back aACK, and randomly generate the confirmation serial number.
• C. The passive closing party needs to pass an end-of-file to the application, the application closes its connection, and causes the sending of an end-of-fileFIN
• D. Sent on passive shutdown sideFINAfter that, the active closing party must send back an acknowledgment and set the acknowledgment sequence number to the received sequence number plus1

Answer: B

NEW QUESTION 2

Control actions of firewall inter-domain forwarding security policypermitanddeny, which of the following options are correct? (multiple choice)

• A. The actions of the firewall's default security policy are:deny
• B. The packet matches the interzone security policydenyThe packet is discarded immediately after the action, and other interzone security policies will not continue to be executed.
• C. Even if the packet matches the security policypermitaction, and may not necessarily be forwarded by the firewall
• D. Whether the packet matches the security policypermitaction, ordenyaction, will go toUTMmodule handling

Answer: ABC

NEW QUESTION 3

"Caesar Cipher"Data is mainly encrypted by using a specific specification of stick.

• A. True
• B. False

Answer: B

NEW QUESTION 4

Because NAT technology can realize one-to-many address translation. So with NAT technology, there is no need to worry about insufficient IPv4 addresses.

• A. True
• B. False

Answer: A

NEW QUESTION 5

Gratuitous ARP can be used to detect whether the ______ address conflicts, and it can also refresh the switch MAC address table.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6

aboutVGMPDescription of the managed preemption function, which of the following is false?

• A. By default,VGMPThe preemption function of the management group is enabled
• B. By default,VGMPThe preemption delay time of the management group is40s
• C. Preemption means that when the original faulty master device recovers, its priority will be restore
• D. At this time, it can preempt its own state as the master device again.
• E. whenVRRPBackup group added toVGMPAfter managing the group,VRRPThe original preemption function on the backup group fails

Answer: B

NEW QUESTION 7

ASPF(Application Specific Packet Filter) is a packet filtering technology based on the application layer and is passed throughserver-mapTables implement special security mechanisms.
aboutASPFandserver-mapWhich of the following statements is correct? (multiple choice)

• A. ASPFMonitor messages during communication
• B. ASPFcan be created dynamicallyserver-mapsurface
• C. ASPFpass throughserver-mapTable implementation dynamically allows multi-channel protocol data to pass through
• D. Quintupleserver-mapThe table entry implements a similar function to the session table

Answer: ABC

NEW QUESTION 8

Regarding the description of the GRE VPN tunnel configuration, which of the following options are correct?

• A. The tunnel interface numbers of the devices at both ends must be the same
• B. The tunnel address must ensure that the network layer is reachable
• C. The tunnel interface must be configured with an IP address
• D. The tunnel interface must be added to the security zone

Answer: ABCD

NEW QUESTION 9

Which of the following descriptions about the VGMP group is correct?

• A. The priority of VRRP in the VGMP group will change with the change of VGAMP
• B. VGMP is a protocol used to control the state of small VRRP groups
• C. The default priority of USG6000 is 65000
• D. The default priority of USG9000 is 45000

Answer: B

NEW QUESTION 10

Which of the following descriptions about dual-system hot backup is wrong? ( )[Multiple choice]*

• A. By default the preemption delay is 60s
• B. Whether it is a Layer 2 or Layer 3 interface, whether it is a service interface or a heartbeat interface, it needs to be added to a security zone
• C. By default, the active preemption function is enabled
• D. Dual-system hot backup function requires license support

Answer: D

NEW QUESTION 11

Equipment sabotage attacks are generally not easy to cause information leakage, but usually cause interruption of network communication services.

• A. True
• B. False

Answer: A

NEW QUESTION 12

Which of the following options is not included in the survey respondents in the security assessment method?

• A. network system administrator
• B. security administrator
• C. HR
• D. Technical director

Answer: C

NEW QUESTION 13

We should choose the encryption algorithm according to our own use characteristics. When we need to encrypt a large amount of data, it is recommended to use the () encryption algorithm to improve the encryption and decryption speed. (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 14

After a cyber-attack event occurs, set up an isolation area, summarize data, and estimate losses according to the plan. Which of the above actions belong to the work content of the cyber security emergency response?

• A. preparation stage
• B. detection stage
• C. Inhibition stage
• D. recovery phase

Answer: C

NEW QUESTION 15

In the security assessment method, the purpose of security scanning is to scan the target system with scanning analysis and assessment tools in order to find relevant vulnerabilities and prepare for attacks.

• A. True
• B. False

Answer: B

NEW QUESTION 16

Man-in-the-middle attacks are data security threats.

• A. True
• B. False

Answer: A

NEW QUESTION 17

• A. this firewallVGMPgroup status isActive
• B. this firewallG1/0/0andG1/0/1interfaceVRRPgroup status isstandby
• C. this firewallHRPThe heartbeat line interface isG1/0/0andG1/0/1
• D. This firewall must be in preemptive state

Answer: B

NEW QUESTION 18

Which of the following options is notIPSec SAlogo?

• A. SPI
• B. Destination address
• C. source address
• D. Security Protocol

Answer: C

NEW QUESTION 19
......