The IPS function of Huawei USG6000 supports two response methods: blocking and alarming.

Business accompanying is-A special access control method, according to the user's access location, access time, access method and terminal use to grant designated investment limits, among which the physical connection can be divided into 3 Class, excluding which of the following access methods?

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

Regarding the policy for checking account security, which of the following descriptions are correct? (Multiple choice)

Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

Which of the following options is wrong for the description of the cleaning center?

The core technology of content security lies in anomaly detection, and the concept of defense lies in continuous monitoring and analysis.

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Regarding uninstalling the Agile Controller-Campus in Windows and Linux systems, which of the following descriptions is correct?

Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

Regarding the file source set in the software management, which of the following descriptions is correct?

Visitor management can authorize visitors based on their account number, time, location, terminal type, access method, etc., and can also push personalized pages to visitors based on time, location, and terminal type.

Web Standards that come with the client and operating system 8021 The instrument client only has the function of identity authentication: It does not support the execution of inspection strategies and monitoring strategies. Any Office The client supports all inspection strategies and monitoring strategies.

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

Regarding the sequence of the mail transmission process, which of the following is correct?

1. The sender PC sends the mail to the designated SMTP Server.

2. The sender SMTP Server encapsulates the mail information in an SMTP message and sends it to the receiver SMTP Server according to the destination address of the mail

3. The sender SMTP Server encapsulates the mail information in an SMTP message according to the destination address of the mail and sends it to the receiver POP3/MAP Senver

4. The recipient sends an email.

In order to increase AP The security can be AC Going online AP Perform authentication. Currently Huawei AC What are the supported authentication methods? (Multiple choice)

Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?

1. The Netflow analysis device samples the current network flow;

2. Send a drainage command to the cleaning center;

3. Discover the DDoS attack stream;

4.Netior: analysis equipment sends alarms to ATIC management center

5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;

6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage

7. The cleaning log is sent to the management center to generate a report;

8. The cleaned traffic is sent to the original destination server.

Which of the following law items is the most blessed for safety? This should be true?

BY00 The products and textiles provided by the history solution program cover the entire terminal network\Application and management and other fields/include: Serialization BC Equipment, paperless network system network access support, VPN Gateway, terminal security customer ladder software, authentication system, mobile device management(MDN),move eSpace UC.

Regarding Huawei's anti-virus technology, which of the following statements is wrong?

Import the user information of the AD server on the Agile Controller-Campus to realize the user's access authentication. If the user is in the Agile.

The user information is not found on the Controller-Campus. Which of the following actions will be performed in the next step?

In Portal authentication, which of the following parameters must be configured on the switch? (Multiple choice)

Which of the following methods can be used to protect enterprise terminal security?

There is a three-layer forwarding device between the authentication client and the admission control device:If at this time Portal The certified three-layer authentication device can also obtain the authentication client's MAC address,So you can use IP Address and MC The address serves as the information to identify the user.

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

​​SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

Malicious code usually uses RootKit technology in order to hide itself. RootKit modifies the kernel of the system by loading a special driver.

To hide itself and the role of designated files.

If the regular expression is "abc. de", which of the following will not match the regular expression?

Which of the following options is not included in the mobile terminal life cycle?

When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

SACG Inquire right-manager The information is as follows, which options are correct? (Multiple choice)

User access authentication technology does not include which of the following options?

Agile Controller-Campus All components are supported Windows System and Linux system.

Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system

If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)

Which of the following options is about SACG The description of the online process is wrong?

Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

When a virus is detected in an email, which of the following is not the corresponding action for detection?

Which of the following threats cannot be detected by IPS?

Regarding the strategy for checking the screensaver settings, which of the following descriptions are correct? (Multiple choice)

The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

Agile Controller-Campus The product architecture includes three levels. Which of the following options does not belong to the product architecture level?

In order to protect the security of data transmission, more and more websites or companies choose to use SSL to encrypt transmissions in the stream. About using Huawei NIP6000

The product performs threat detection on (SSL stream boy, which of the following statements is correct?

Agile Controller-Campus The department includes four parts of the management center(MC)Business manager(SM)And business controller(SC)And client network access equipment (NAD)As a component of the solution, it is linked with the service controller to realize user access control and free mobility.

Which of the following features does Huawei NIP intrusion prevention equipment support? (multiple choice)

Which of the following is the default port number of Portal authentication service?

Which of the following technology, administrators can according to business requirements, to scale to achieve load sharing of business flow?

The status code in the HTTP response message indicates the type of the response message, and there are many possible values. Which of the following status codes represents the client request

The resource does not exist?

Which of the following options is not a cyber security threat caused by weak personal security awareness?

If you are deploying BYOD When the system is installed, use a stand-alone installation SM, Dual-machine installation SC, Stand-alone hardware deployment AE,Which of the following descriptions are correct? (Multiple choice)

In centralized networking, database,SM server,SC server\ AE Servers are centrally installed in the corporate headquarters. This networking method is suitable for companies with a wide geographical distribution of users and a large number of users.