Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

A.

True

B.

False

The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide

Analyze the suspicious object, which of the following options are its main features? (multiple choices)

A.

Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so

Not vulnerable to attack.

B.

The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

C.

Need a lot of monitors.

D.

It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.

Which of the following options is not a special message attack?

A.

ICMP redirect message attack) 0l

B.

Oversized ICMP packet attack

C.

Tracert packet attack

D.

IP fragment message item

An enterprise administrator configures the Web reputation system as shown in the figure. Regarding the configuration, which of the following statements is correct?

A.

The content in No. 2 must be configured.

B.

In addition to this page configuration, you also need to enable the firewall and sandbox linkage, otherwise the page configuration is invalid

C.

The content in No. 4 must be configured.

D.

After the configuration is completed, you need to submit the configuration to take effect.

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

A.

True

B.

False

Regarding intrusion prevention, which of the following option descriptions is wrong

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Regarding scanning and snooping attacks, which of the following descriptions is wrong?

A.

Scanning attacks include address scanning and port scanning.

B.

It is usually the network detection behavior before the attacker launches the real attack.

155955cc-666171a2-20fac832-0c042c0424

C.

The source address of the scanning attack is real, so it can be defended by adding direct assistance to the blacklist.

D.

When a worm virus breaks out, it is usually accompanied by an address scanning attack, so scanning attacks are offensive.

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

A.

Keywords contained in the content of the uploaded file

B.

Keywords contained in the downloaded file

C.

File type

D.

File upload direction 335

Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

A.

Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.

B.

When a POP3 message is detected, if it is judged to be an illegal email, the firewall's response action only supports sending alarm information, and will not block the email o

C.

When an IMAP message is detected, if it is judged to be an illegal email; the firewall's response action only supports sending alarm messages and will not block the email.

D.

The attachment size limit is for a single attachment, not for the total size of all attachments.