NEW QUESTION 1

Firewall in addition to supporting built-inPortalIn addition to authentication, it also supports customizationPortalauthentication, when using customPortalDuring authentication, there is no need to deploy externalPortalserver.

• A. True
• B. False

Answer: B

NEW QUESTION 2

Man-in-the-middle attacks are data security threats.

• A. True
• B. False

Answer: A

NEW QUESTION 3

When configuring a security policy, a security policy can refer to an address set or configure multiple purposesIPaddress.

• A. True
• B. False

Answer: A

NEW QUESTION 4

IPSec VPNs use pre-shared keys, ( ) and digital envelopes to authenticate peers. (fill in the blank) digital

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 5

Which of the following statements about firewalls is correct?

• A. The firewall cannot transparently access the network.
• B. Adding a firewall to the network will inevitably change the topology of the network.
• C. To avoid a single point of failure, the firewall only supports bypass deployment
• D. Depending on the usage scenario, the firewall can be deployed in a transparent mode or a three-bedroom type.

Answer: D

NEW QUESTION 6

Which of the following options are malicious programs? (multiple choice)

• A. Trojan horse
• B. Vulnerability
• C. worm
• D. Virus

Answer: ACD

NEW QUESTION 7

The administrator wishes to clear the current session table. Which of the following commands is correct? (
)[Multiple choice]*

• A. display session table
• B. display firewall session table
• C. reset firewall session table
• D. clear firewall session table

Answer: C

NEW QUESTION 8

Please match the following information security risks to information security incidents one by one.[fill in the blank]*
physical security riskEnterprise server permissions are loosely set Information Security Management RiskInfected Panda Burning Incense Information Access RiskFire destroyed equipment in computer room application riskTalk to people about leaking company secrets

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 9

aboutIKE SA, which of the following descriptions is false?

• A. IKE SAis bidirectional
• B. IKEis based onUDPapplication layer protocol
• C. IKE SAit's forIPSec SAServices
• D. The encryption algorithm used by user data packets isIKE SADecide

Answer: D

NEW QUESTION 10

aboutNATAddress translation, which of the following statements is europium false??

• A. sourceNATconfiguration in technologyNATaddress pool, you can configure only one address poolIPaddress
• B. Address translation can be provided in the local area network according to the needs of usersFTP,WWW,Telnetand other services
• C. Some application layer protocols carry in the dataIPaddress information, make themNATWhen modifying the data in the upper layerIPAddress information
• D. for some non-TCP,UDPprotocol (such asICMP,PPTP), cannot doNATconvert

Answer: D

NEW QUESTION 11

In USG6000E, the initial priority of VGMP is ( ) (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12

User authentication is the authentication of the client identity by the SSL virtual gateway, including: ________, server authentication, certificate anonymous authentication and certificate challenge authentication.[fill in the blank]

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

Configure authentication options If you use web push page authentication, you also need to configure a corresponding security policy to allow the data flow with the default port number ( ) to reach the firewall itself. (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 14

When an access user uses Client-InitiatedVPN to establish a tunnel with the LNS, how many PPP connections can a tunnel carry?

• A. 3
• B. 1
• C. 2
• D. 4

Answer: B

NEW QUESTION 15

Gratuitous ARP can be used to detect whether the ______ address conflicts, and it can also refresh the switch MAC address table.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 16

in configurationNATDuring the process, in which of the following situations, the device will generateServer-maptable entry? (multiple choice)

• A. configuration sourceNATautomatically generated whenserver-mapentry
• B. configureNATserverAfter success, the device will automatically generateServer-mapentry
• C. configureeasy-ipwill be generated whenserver-mapentry
• D. configureNAT No-PATAfter that, the device will establish a data stream for the configured multi-channel protocolserver-mapsurface

Answer: BD

NEW QUESTION 17

• A. this firewallVGMPgroup status isActive
• B. this firewallG1/0/0andG1/0/1interfaceVRRPgroup status isstandby
• C. this firewallHRPThe heartbeat line interface isG1/0/0andG1/0/1
• D. This firewall must be in preemptive state

Answer: B

NEW QUESTION 18

Equipment sabotage attacks are generally not easy to cause information leakage, but usually cause interruption of network communication services.

• A. True
• B. False

Answer: A

NEW QUESTION 19

Please order the following project implementation steps from project initiation.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 20
......