Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.

The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.

Which of the following statements is correct

A.

The files obtained by users from website A and website B will be sent to the inspection node for inspection.

B.

When a user visits website B, although the firewall will extract the file and send it to the detection node, the user can still access normally during the detection process

Site B.

C.

After the detection node detects the suspicious file, it not only informs the firewall in the figure of the result, but also informs other network devices connected to it.

D.

Assuming that website A is an unknown website, the administrator cannot detect the traffic file of this website sC

Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

A.

Rely on state detection technology and protocol analysis technology

B.

The performance is higher than the agent-based method

C.

The cost is smaller than the agent-based approach

D.

The detection rate is higher than the proxy-based scanning method

The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

A.

Prefix matching

B.

Suffix matching

155955cc-666171a2-20fac832-0c042c043

C.

Keyword matching

D.

Exact match

URL filtering technology can perform URL access control on users according to different time objects and address objects to achieve precise management of users.

The purpose of the Internet behavior.

A.

True

B.

False

Which of the following options is correct for the description of the Anti DDoS system configuration?

A.

Configure drainage and re-injection on the testing equipment.

B.

Configure port mirroring on the cleaning device.

C.

Add protection objects on the management center.

D.

Configure drainage and re-injection on the management center.

Which of the following descriptions are correct for proxy-based anti-virus gateways? (multiple choice)

A.

The detection rate is higher than the flow scanning method

B.

System overhead will be relatively small

C.

Cache all files through the gateway's own protocol stack

D.

More advanced operations such as decompression, shelling, etc. can be performed

Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

A.

Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.

B.

When a POP3 message is detected, if it is judged to be an illegal email, the firewall's response action only supports sending alarm information, and will not block the email o

C.

When an IMAP message is detected, if it is judged to be an illegal email; the firewall's response action only supports sending alarm messages and will not block the email.

D.

The attachment size limit is for a single attachment, not for the total size of all attachments.

Viruses can damage computer systems. v Change and damage business data: spyware collects, uses, and disperses sensitive information of corporate employees.

These malicious pastoral software seriously disturb the normal business of the enterprise. Desktop anti-disease software can solve the problem of central virus and indirect software from the overall situation.

A.

True

B.

False

Regarding computer viruses, which of the following options is correct?

A.

Patching the system can completely solve the virus intrusion problem

B.

Computer viruses are latent, they may be latent for a long time, and only when they encounter certain conditions will they begin to carry out sabotage activities

C.

Computer viruses are contagious. They can spread through floppy disks and CDs, but they will not spread through the Internet.

D.

All computer viruses must be parasitic in files and cannot exist independently

The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide

Analyze the suspicious object, which of the following options are its main features? (multiple choices)

A.

Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so

Not vulnerable to attack.

B.

The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

C.

Need a lot of monitors.

D.

It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.