Black Friday Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black

Whitelist and other configuration files.

A True

B. False

Full Access
Question # 5

Which of the following options is not a defense against HTTP Flood attacks?

A.

HTTP Flood source authentication

B.

HTTP source statistics

C.

URI source fingerprint learning function

D.

Baseline learning

Full Access
Question # 6

Huawei's USG000 product can identify the true type of common files and over-check the content. Even if the file is hidden in a compressed file, or change the extension

The name of the exhibition can't escape the fiery eyes of the firewall.

A.

True

B.

False

Full Access
Question # 7

Place refers to the terminal environment when end-user use strategy management center access to

controlled network office, which options are correct about place? (Choose 2 answers)

A.

strategy management center only support the default place

B.

The default place only support by way of cable access network scenario

C.

can be customized places

D.

when allocation strategy template for the end user, need to select the corresponding places

Full Access
Question # 8

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Full Access
Question # 9

An enterprise administrator configures a Web reputation website in the form of a domain name, and configures the domain name as www. abc; example. com. .

Which of the following is the entry that the firewall will match when looking up the website URL?

A.

example

B.

www. abc. example. com

C.

www.abc. example

D.

example. com

Full Access
Question # 10

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

A.

Planting malware

B.

Vulnerability attack"

C.

We6 Application Click

D.

Brute force

Full Access
Question # 11

Regarding the description of intrusion detection technology, which of the following statements is correct?

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

Full Access
Question # 12

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Full Access
Question # 13

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

A.

3->1->4->2->5

B.

3->2->4->1->5

C.

3->2->1->4->5

D.

3->1->2->4->5

Full Access
Question # 14

The IPS function of Huawei USG6000 supports two response methods: blocking and alarming.

A.

True

B.

False

Full Access
Question # 15

​​SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

A.

③④①②

B.

③④②①

C.

④①②③

D.

④②①③

Full Access
Question # 16

With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.

Generally, APT attacks can be summarized into four stages:

1. Collecting Information & Intrusion

2. Long-term lurking & mining

3. Data breach

4. Remote control and penetration

Regarding the order of these four stages, which of the following options is correct?

A.

2-3-4-1

B.

1-2-4-3

C.

1-4-2-3

D.

2-1-4-3

Full Access
Question # 17

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

A.

SACG and IP address 2.1.1.1 server linkage is not successful

B.

SACG linkage success with controller.

C.

master controller IP address is 1.1.1.2.

D.

master controller IP address is 2.1.1.1.

Full Access
Question # 18

The process of a browser carrying a cookie to request resources from a server is shown in the following figure. Which of the following steps contains SessionID information in the message?

A.

③④

B.

①③④

C.

⑤⑥

D.

②④

Full Access
Question # 19

Which of the following threats cannot be detected by IPS?

A.

Virus

B.

Worms

C.

Spam

D.

DoS

Full Access
Question # 20

In the construction of information security, the intrusion detection system plays the role of a monitor. It monitors the flow of key nodes in the information system.

In-depth analysis to discover security incidents that are occurring. Which of the following are its characteristics?. c0O

A.

IDS can be linked with firewalls and switches to become a powerful "assistant" of firewalls, which can better and more accurately control access between domains.

B.

It is impossible to correctly analyze the malicious code doped in the allowed application data stream.

C.

Unable to detect malicious operations or misoperations from internal killings.

D.

Cannot do in-depth inspection

Full Access
Question # 21

Regarding the description of file reputation technology in anti-virus engines, which of the following options is correct?

A.

Local reputation MD5 cache only has static cache, which needs to be updated regularly

B.

File reputation database can only be upgraded by manual upgrade

C.

File reputation is to perform virus detection by calculating the full text MD5 of the file to be tested and matching it with the local reputation MD5 cache

D.

File reputation database update and upgrade can only be achieved through linkage with sandbox

Full Access
Question # 22

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Full Access
Question # 23

What content can be filtered by the content filtering technology of Huawei USG6000 products?

A.

File content filtering

B.

Voice content filtering

C.

Apply content filtering..

D.

The source of the video content

Full Access
Question # 24

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

A.

True

B.

False

Full Access
Question # 25

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

A.

Keywords contained in the content of the uploaded file

B.

Keywords contained in the downloaded file

C.

File type

D.

File upload direction 335

Full Access
Question # 26

The following is a hardware SACG increase firewall configuration, which statement below is true?

A.

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

B.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

C.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

D.

Main IP is the Policy Center reaches the next-hop firewall device interface address

Full Access
Question # 27

Which of the following options are common reasons for IPS detection failure? (multiple choices)

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Full Access
Question # 28

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

A.

True

B.

False

Full Access
Question # 29

Which of the following options is not a feature of big data technology?

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Full Access