QUESTION 21
In the figure, NAT traversal is enabled. The security policy configuration related to NAT traversal on Firewall B is as follows:
[FW]display current-configuration
#
ip service-set nat_traversal type object 512
service O protocol udp source-port 500 destination-port 500
service 1 protocol udp source-port 4500 destination-port 4500
#
security-Policy
rule name nat_traversal
source-zone local
source-zone untrust
destination-zone local
destination-zone untrust
service nat_traversal
action permit
If other configurations are correct, the IPsec VPN can be established between the communicating parties.
A. TRUE
B. FALSE
Correct Answer: B
QUESTION 22
Match the IPsec faults with possible causes.
Select and Place:

Correct Answer:

QUESTION 23
When IPsec uses certificates for authentication, the validity of the peer certificate needs to be verified. Which of the following is not a factor that needs to be considered when verifying certificate validity?
A. Whether the peer certificate is in the CRL database
B. Whether local and peer certificates are applied for in the same mode
C. Whether the peer certificate is in the validity period
D. Whether local and peer certificates are issued by the same CA
Correct Answer: D
QUESTION 24
Which of the following are host check policies in endpoint security?
A. Temporary file
B. Antivirus software
C. Antivirus software
D. Automatically saved password
Correct Answer: ABCD
QUESTION 25
Unlike IPsec that implements control at the network layer, all access control of SSL VPN is based on the application layer. To be specific, SSL VPN provides powerful access control functions, including URL- and file-based access control, greatly improving the security level of enterprise remote access.
A. TRUE
B. FALSE
Correct Answer: A
QUESTION 26
Which of the following is not a process for remote users to access intranet resources through SSL VPN?
A. User login
B. User authentication
C. Resource access
D. Access accounting
Correct Answer: D
QUESTION 27
Which of the following protocols work based on TCP?
A. HTTP
B. SMB
C. NFS
D. DHCP
Correct Answer: BCD
QUESTION 28
Which of the following statements are true about port scan?
A. Port scan attack defense collects the rate of the first IP packet, and detects a source IP address that is not whitelisted.
B. If the rate of packets with different destination ports and the same source IP address exceeds the threshold, the system considers that the source IP address is launching a port scan attack.
C. UDP packets can be detected.
D. TCP packets can be detected.
Correct Answer: ABCD
QUESTION 29
If the payload of a data packet is the same (for example, the payload is all 1s), the packet is discarded. This anti-DDoS mode is called       . (Enter lowercase letters.)
Correct Answer: fingerprinting
QUESTION 30
Which of the following is not a single-packet attack?
A. Dos attack
B. Scanning and snooping attack
C. Malformed packet attack
D. Special packet attack
Correct Answer: A
QUESTION 31
Which of the following types of packets are supported by the first-packet check mechanism of an anti-DDoS device?
A. ICMP
B. DNS
C. TCP
D. UDP
Correct Answer: AB
QUESTION 32
The figure shows the route cleaning and injection process. Match the descriptions with the corresponding steps.

Select and Place:

Correct Answer:

QUESTION 33
Which of the following is not the responsibility of the management center of the anti-DDoS system?
A. Security report analysis
B. Device management
C. Defense policy delivery
D. Traffic diversion
Correct Answer: D
QUESTION 34
Which of the following statements is false about HTTP flood attack defense?
A. If the free proxy used during the attack supports the redirection function, the defense in basic mode becomes invalid.
B. Source authentication is the most commonly used method to defend against HTTP flood attacks. This method is applicable when the client uses a browser to access the HTTP server.
C. Defense in enhanced mode allows users to enter verification codes to determine whether HTTP access is initiated by real users.
D. Defense in basic mode cannot effectively prevent access from non-browser clients.
Correct Answer: D
QUESTION 35
Which of the following email security protection functions are supported by Huawei firewalls?
A. Anti-spam
B. Mailbox address check
C. Anonymous mail check
D. Email attachment control
Correct Answer: ABCD
QUESTION 36
Which of the following statements is false about HTTP behavior?
A. You can set an alarm threshold and a block threshold to limit the size of the upload file if file upload is allowed.
B. When the size of the uploaded or downloaded file or the size of the content obtained through the POST operation reaches the alarm threshold, the system generates a log to notify the device administrator and block the behavior.
C. When the size of the uploaded or downloaded file or the size of the content obtained through the POST operation reaches the block threshold, the system blocks the uploaded or downloaded file or POST operation.
D. The POST method of HTTP is commonly used to send information to the server through web pages. For example, use this method when you post threads, submit forms, and use your user name and password to log in to a specific system.
Correct Answer: C
QUESTION 37
Which of the following statements are true about the blacklist and whitelist in URL Filtering?
A. If there are only a few websites in the predefined URL categories on the firewall, you can use either the blacklist and whitelist or user-defined URL categories.
B. Blacklist and whitelist cannot be used together with URL categories.
C. Whitelists take precedence over blacklists.
D. If only the main web page is added to the whitelist, some embedded web pages on the main web page
cannot be accessed.
Correct Answer: ACD
QUESTION 38
Which of the following mail transfer protocols is not supported by the firewall for mail filtering?
A. IMAP
B. POp3
C. SMTP
D. SMTPS
Correct Answer: D
QUESTION 39
Which of the following response actions can be performed when the firewall identifies keywords during data filtering?
A. Operate by weight
B. Block
C. Allow
D. Alert
Correct Answer: ABD
QUESTION 40
In the URL filtering process, which of the following actions is performed in the first step?
A. Implementing remote query
B. Matching the blacklist and whitelist
C. Detecting abnormal HTTP packets
D. Matching URL categories
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.