Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Which of the following is not a response action for abnormal file identification?

A.

Alert

B.

Block

C.

Allow

D.

Delete

Full Access
Question # 5

When Eth-Trunk is deployed for the heartbeat links between firewalls, the Eth-Trunk interface can be configured as a Layer 2 interface as long as the total bandwidth of active links on the Eth-Trunk is greater than 30% of the bandwidth required by service traffic.

A.

TRUE

B.

FALSE

Full Access
Question # 6

Predefined URL categories on Huawei firewalls reside in the URL category database delivered with the device and do not need to be manually loaded.

A.

TRUE

B.

FALSE

Full Access
Question # 7

Which of the following are components of Huawei's anti-DDoS solution?(Select All that Apply)

A.

Detecting center

B.

Management center

C.

Zone

D.

Cleaning center

Full Access
Question # 8

Which of the following actions can be performed when the firewall identifies file anomalies?(Select All that Apply)

A.

Alarm

B.

Allow

C.

Block

D.

Delete attachment

Full Access
Question # 9

Which of the following items are recorded in the IPS service module logs of a Huawei NGFW?(Select All that Apply)

A.

Signature ID

B.

Source IP address of the attacker

C.

Attack duration

D.

Signature name

Full Access
Question # 10

Which of the following statements is false about hot standby networking?(Select All that Apply)

A.

In load-sharing mode, both firewalls are active. Therefore, if both firewalls synchronize commands to each other, commands may be overwritten or conflict with each other.

B.

In load-sharing mode, both devices process traffic. Therefore, this mode supports more peak traffic than the active/standby or mirroring mode.

C.

In active/standby mode, configuration commands and status information are backed up from the active device to the standby device.

D.

In load-sharing mode, configuration commands can be backed up only from the configuration standby device to the configuration active device.

Full Access
Question # 11

The difference between DoS attacks and DDoS attacks is that DoS attacks are usually directly initiated by attackers, whereas DDoS attacks are usually initiated by attackers controlling multiple zombies.

A.

TRUE

B.

FALSE

Full Access
Question # 12

Authentication rules configured on iMaster NCE-Campus support multiple matching conditions, such as matching account information, SSID information, and terminal IP address ranges, so that different authentication rules can be executed for different users.

A.

TRUE

B.

FALSE

Full Access
Question # 13

In quota control policies, which of the following can be set for users?(Select All that Apply)

A.

Limiting the daily online duration

B.

Limiting the total monthly online traffic

C.

Limiting the total daily online traffic

D.

Limiting the total online duration per month

Full Access
Question # 14

The Common Vulnerability Scoring System (CVSS) is a widely used open standard for vulnerability scoring. It uses a modular scoring system. Which of the following is not included in the CVSS?

A.

Temporal

B.

Base

C.

Environmental

D.

Spatial

Full Access
Question # 15

The figure shows the PBR-based injection scenario. Which of the following statements are true about this scenario?(Select All that Apply)

A.

Router1 is a traffic-diversion router.

B.

After the injected traffic reaches Router1, Router1 forwards the traffic to Router2 or Router3 based on its forwarding mechanism. Finally, the traffic reaches different Zones.

C.

The cleaning device injects traffic from different Zones to different interfaces (10GE1/0/2 and 10GE1/0/3) of Router1 based on PBR.

D.

A traffic-diversion channel is established between 10GE1/0/1 of Router1 and 10GE2/0/1 of the cleaning device.

Full Access
Question # 16

Which of the following statements is false about virtual system resource allocation?

A.

Virtual systems can share and preempt resources of the entire device. Such resources can be manually allocated.

B.

To manually allocate resources to a virtual system, an administrator needs to configure a resource class, specify the guaranteed quota and maximum quota of each resource in the resource class, and bind the resource class to the virtual system.

C.

Improper resource allocation may prevent other virtual systems from obtaining resources and services from running properly.

D.

Quota-based resources are automatically allocated based on system specifications.

Full Access
Question # 17

In the figure, FW_A connects to FW_B through two links working in active/standby mode. When the active link of FW_A is faulty, the old IPsec tunnel 1 needs to be torn down, and IPsec tunnel 2 needs to be established with FW_B through the standby link to route traffic. In this case, configuring the IKE _____ detection mechanism on FW_A helps detect link faults and tear down the IPsec tunnel.(Enter lowercase letters.)

Full Access
Question # 18

In the figure, if 802.1X authentication is used for wired users on the network, the network admission device and terminals must be connected through a Layer 2 network.

Options:

A.

TRUE

B.

FALSE

Full Access