Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following options are common reasons for IPS detection failure? (multiple choices)

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Which of the following are typical intrusions? "Multiple choice)

A.

Computer is infected by U disk virus

B.

Abnormal power interruption in the computer room

C.

Tampering with Web pages

D.

Copy/view sensitive data

Which of the following iterations is correct for the description of the management center?

A.

The management server of the management center is responsible for the cleaning of abnormal flow, as well as the collection and analysis of business data, and storage, and is responsible for the summary

The stream is reported to the management server for report presentation.

B.

The data coking device is responsible for the cleaning of abnormal flow, the centralized management and configuration of equipment, and the presentation of business reports.

C.

The data collector and management server support distributed deployment and centralized deployment. Centralized deployment has good scalability.

D.

The management center is divided into two parts: management server and teaching data collector.

What content can be filtered by the content filtering technology of Huawei USG6000 products?

A.

File content filtering

B.

Voice content filtering

C.

Apply content filtering..

D.

The source of the video content

​​SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

A.

③④①②

B.

③④②①

C.

④①②③

D.

④②①③

Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

A.

The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source

B.

For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify

The legitimacy of the source IP.

C.

In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process

It will consume the TCP connection resources of the OINS cache server.

D.

Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Single-packet attacks are divided into scanning and snooping attacks, malformed packet attacks, and special packet attacks. Ping of death is a special packet attack.

A.

True

B.

False

Regarding the description of intrusion detection technology, which of the following statements is correct?

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425