EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following are the same features of Windows and LINUX systems? (MultipleChoice)

Question2: On Huawei USG series devices, the administrator wants to erase the configuration file. Which of thefollowing commands is correct?

Question3: Antivirus software and host firewall have the same effect

Question4: As shown in the figure, a TCP connection is established between client A and server
B. Which of the following two "?" packet numbers should be?

Question5: In the Client-Initiated VPN configuration, generally it is recommended to plan the address pool and the headquarters or need to of the network address for the different network or need to open proxy forwarding on the gateway device

Question6: Which of the followingdescription about the VGMP protocol is wrong?

Question7: NAT technology can securely transmit data by encrypting data.

Question8: The Huawei Redundancy Protocol (HRP) is used to synchronize the main firewall configuration and connection status and other data on the backup firewall to synchronize . Whichof the following options is not in the scope of synchronization?

Question9: What are common hash algorithms? (Choose two.)

Question10: Which of the following description is wrong about the intrusion detection system?

Question11: Which of the following are included in the operating system patch violations level of Terminal security system?
(Choose two.)

Question12: Both A and B communicate data. If an asymmetric encryption algorithm is used for encryption, when A sends data to B.
Which of the following keys will be used for data encryption?

Question13: In the USG series firewall, which of the following commands can be used to query the NAT translation result?

Question14: When the sesson authentication mode is used to trigger the firewall's built-in Portal aithentication. the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page? .. ' * '

Question15: The administrator wants to create a web configuration administrator, and set the Https device management port number to 20000, and set the administrator to the administrator level, which of the following commands are correct?

Question16: Which of the following is an action to be taken during the summary phase of the cybersecurity emergency response? (Multiple Choice)

Question17: Regarding the relationship and role of VRRP/VGMP/HRP, which of the following statements are correct? (Multiple choice)

Question18: The following security policy command, representatives of the meaning:

Question19: On the USG series firewalls, the default security policy does not support modification

Question20: Which of the following statement is wong about L2TP VPN?

Question21: Administrators want to clear the current session table. Which of the following command is correct?

Question22: Which of the following does not include the steps of the safety assessment method?

Question23: Which of the following description is wrong about the Internet users and VPN access user authentication?

Question24: Using a computer to store information about criminal activity is not a computer crime.

Question25: HTTP packets are carried by UDP, and the HTTPS protocol is based on TCP three-way handshake. Therefore, HTTPS is relatively secure, and HTTPS is recommended.

Question26: Regarding the problem that the two-way binding user of the authentication-free method cannot access the network resources, which of the following options are possible reasons? (Multiple choice)

Question27: Which of the following option belongs to DES key length?

Question28: Check the firewall HRP status information as follows:
HRP_S [USG_ B] display hrp state
16 : 90 : 13 2010/11/29
The firewall's config state is : SLAVE
Current state of virtual routers configured as slave
GigabitEthernet0/0/0 vird 1 : slave
GigabitEthernet0/0/1 vied 2 : slave
Which of the following description is correct?

Question29: Which of the following description are correct about the security policy action and security configuration file?
(Multiple Choice)

Question30: The configuration commands for the NAT address pool are as follows: nat address-group 1 section 0 202.202.168.10 202.202.168.20 mode no-pat Of which, the meaning of no-pat parameters is:

Question31: Classify servers based on the shape, what types of the following can be divided into? (Multiple choice)

Question32: As shown in the figure, a TCP connection is established between client A and server B Which of the following two "Tpacket numbers should be?

Question33: Which of the following options belong to the necessary configuration for the firewall double hot standby scenario? (Multiple Choice)

Question34: Which ofthe following does not belong to the user authentication method in the USG firewall?

Question35: About the description of firewall active-standby, which of the following is correct? (Multiple Choice)

Question36: Regarding the comparison between windows and Linux, which of the following statements is wrong?

Question37: In the currentnetwork it has deployed other authentication system, device registration function by enabling a single point, reducing the user to re-enter the password. What are correct about single sign-on statements?
(Multiple choice)

Question38: Use iptables to write a rule that does not allow the network segment of 172.16.0.0/16 to access the device. Which of the following rules is correct?

Question39: Which of the following are remote authentication methods? (Multiple choice)

Question40: On the USG seriesfirewall, after the web redirection function is configured, the authentication page cannot be displayed. Which of the following is not the cause of the fault?

Question41: Regarding the problem that the two-way binding user of the authentication-free method cannot access the networkresources, which of the following options are possible reasons? (Multiple choice)

Question42: In the SSL handshake protocol, which of the following message is optional? (Choose two.)

Question43: Administrators want to clear the current session table. Which of the following command is correct?

Question44: Both A and B communicate data. If an asymmetric encryption algorithm is used for encryption, when A sends data to B, which of the following keys will be used for data encryption?

Question45: The network administrator can collect data to be analyzed on the network device by means of packet capture, port mirroring, or log, etc.

Question46: About thecontents of HRP standby configuration consistency check, which of the following is not included?

Question47: A company employee account authority expires, but can still use the account to access the company server.
What are the security risks of the above scenarios? (Multiple Choice)

Question48: HRP (Huawei Redundancy Protocol) Protocol to backup the connection state of data include: (Multiple Choice)

Question49: Terminal detection is an important part of the future development of informationsecurity. Which of the following methods belong to the category of terminal detection? (Multiple Choice)

Question50: Which of the following is the encryption technology used by digital envelopes?

Question51: Digital signatures are used to generate digital fingerprints by using a hashing algorithm to ensure the integrity of data transmission

Question52: Ininformation security prevention, commonly used security products are firewalls, Anti-DDos devices and IPS/IDS devices.

Question53: The Protocol field in the IP header identifies the protocol used by the upper layer.
Which of the following field values indicates that the upper layer protocol is UDP protocol?

Question54: Regarding the firewall security policy, which of the following options are wrong?

Question55: Which of the following is not a rating in the network security incident?

Question56: Both the GE1/0/1 and GE1/0/2 ports of the firewall belong to the DMZ. If the area connected to GE1/0/1 can access the area connected to GE1/0/2, which of the following is correct?

Question57: Based on the GRE encapsulation and de-encapsulation, which description is error?

Question58: What port numbers may be used by FTP protocol? (Choose two.)

Question59: The content of intrusion detection covers authorized and unauthorized intrusions. Which of the following is not in the scope of intrusion detection?

Question60: Which ofthe following optionsis the correct sequence ofthe four phases ofthe Information Security Management System (ISMS)?

Question61: Which of the following attacks is not a special packet attack?

Question62: Digital certificates are fair to public keys through third-party agencies, thereby ensuring the non-repudiation of data transmission. Therefore, to confirm the correctness of the public key, only the certificate of the communicating party is needed.

Question63: Which of the following descriptions is wrong about the source of electronic evidence?

Question64: Which of the following descriptions about the action and security profile of the security policy are correct? (Multiple choice)

Question65: Which of the following is the GRE protocol number?

Question66: When configuring security policy, a security policy can reference an address set or configure multiple destination IP addresses.

Question67: Which of the following is not a hash algorithm?

Question68: Which ofthe following is the username / password for the first login ofthe USG series firewall?

Question69: Which of the following are correct about configuring the firewall security zone? (Multiple Choice)

Question70: When configuring NAT Server on the LSG series firewall, the server-map table will be generated. Which of the following does not belong in the table?

Question71: About the default security zones of USG series security firewall, which of the following statement is correct?

Question72: Execute the command on the firewall and display the following information, which of the following description is correct? (Multiple Choice) HRP_A [USG_A] display vrrp interfaceGigabitEthernet 0/0/1 \ GigabitEthernet9/0/1 | Virtual Router 1VRRP Group: Active state: Active Virtual IP: 202.38.10.1 Virtual MAC: 0000-5e00-0101 Primary IP: 202 38.10.2 PriorityRun: 100 PriorityConfig: 100 MasterPriority: 100 Preempt: YES Delay Time: 10

Question73: Regarding SSL VPN technology, which of the following options is wrong?

Question74: Which of the following descriptions are correct about the buffer overflow attack? (Multiple Choice)

Question75: Use ip tables to write a rule that does not allow the network segment of 172.16.0.0/16 to access the devise.
Which of the following rules is correct?

Question76: Fire Trust domain FTP client wants to access an Um.rust server FTP service has allowed the client: to access the server TCP 21 port, the client in the Windows command line window can log into the FTP server, but can not download the file, what are the following solutions? (Multiple choice)

Question77: The VRRP advertisement packet of the Huawei USG firewall is a multicast packet. Therefore, each firewall in the backup group must be able to implement direct Layer 2 interworking

Question78: Regarding the firewall security policy, which of the following options is wrong?

Question79: The scene of internal users access the internet as shown, the subscriber line process are:
1. After authentication, USG allow the connection
2. The user input http://1.1.1.1 to access Internet
3. USG push authentication interface, User =? Password =?
4. The user successfully accessed http://1.1.1.1, equipment create Session table.
5. User input User = *** Password = ***
Which the following procedure is correct?

Question80: Evidence identification needs to resolve the integrity verification of the evidence and determine whether it meets the applicable standards. Which of the following statements is correct about the standard of evidence identification?

Question81: Regarding the description of Windows Firewall, which of the following options are correct? (Multiple Choice)

Question82: Which of the following is non-symmetric encryption algorithm?

Question83: When Firewall does dual-system hot backup networking, in order to achieve the overall status of the backup group switching, which of the following protocol technology need to be used?

Question84: Which of the following are part of the SSL VPN function? (Multiplechoice)

Question85: Which of the following are the hazards of traffic attacks? (Multiple choice)

Question86: Which of the following descriptions is wrong about the root CA certificate?

Question87: In order to obtain evidence of crime, it is necessary to master the technology of intrusion tracking. Which of the following descriptions are correct about the tracking technology? (Multiple Choice)

Question88: Which of the following descriptions of the firewall fragment cache function are correct? (Multiple choice)

Question89: Which of the following descriptions about the action and security profile of the security policy are correct?
(Multiple choice)

Question90: Which of the following statement about the NAT configuration is wrong?

Question91: When the NAT server is configured on the USG system firewall, a server-map table is generated. Which of the following does not belong to the content in the performance?

Question92: Manual auditing is a supplement to tool evaluation. It does not require any software to be installed on the target system being evaluated, and has no effect on the operation and status of the target system.
Which of the following options does not include manual auditing?

Question93: ASPF (Application Specific Packet Filter) is a kind of packet filtering basedon the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol.
ASPF by Server Map table achieves a special security mechanism. Which statement about ASPF and Server map table are correct? (Multiple choice)

Question94: As shown, when configuring the point-to-multipoint scenarios, the headquarters network segment is
10.1.1.0/24, the segment of branch 1 is 10.1.2.0/24, of branch 2 is 10.1.3.0/24.
About the protected data flow configuration which defined by headquarters and branch offices, which of the following combinations can be the full matched requirements?

Question95: Which of the following protocols can guarantee the confidentiality of data transmission? (Multiple Choice)

Question96: Which of the following statements are correct about the differences between pre-accident prevention strategies and post-accident recovery strategies? (H/multiple Choice)

Question97: Which ofthe following descriptions is correct about port mirroring? (Multiple Choice)

Question98: Social engineering is a means of harm such as deception, injury, etc. through psychological traps such as psychological weakness, instinctive reaction, curiosity, trust, and greed

Question99: Which of the following encryption algorithm, encryption and decryption keys are the same?

Question100: Which of the following is not the identity of the IPSec SA?

Question101: What is the nature of information security in "Implementation of security monitoring and management of information and information systems to prevent the illegal use of information and information systems"?

Question102: What problem does IPsec IKE aggressive mode mainly solve?

Question103: Terminal security access control can support? (Choose three.)

Question104: Which of the following is true about the description of SSL VPN?

Question105: Regarding the HRP master and backup configuration consistency check content, which of the following is not included?

Question106: Some applications, such as Oracle database application, there is no data transfer for a long time, so that firewall session connection is interrupted, thus resulting in service interruption, which of the following technology can solve this problem?

Question107: When the firewall hard disk is in place, which of the following is correct description for the firewall log?

Question108: Which of the following is not in the quintuple range?

Question109: Which description about disconnect the TCP connection 4 times-handshake is wrong?

Question110: Which of the following attacks can DHCP Snooping prevent? (Multiple Choice)

Question111: Which of the following types are included in Huawei firewall user management? (Multiple Choice)

Question112: Which ofthe following are core elements ofthe IATF (InformationAssurance Technology Framework) model?
(Multiple choice)

Question113: Which of the following statement about the NAT is wrong?

Question114: Which of the following are the status information that can be backed up by the HRP (Huawei Redundancy Protocol) protocol? (Multiple choice)

Question115: Which of the following is wrong about the scanning of vulnerabilities?

Question116: Which of the following are the basic functions of anti-virus software? (Multiple Choice)

Question117: Which of the following attacks does not belong to special packet attack?

Question118: Against IP Spoofing, which of the following description is wrong?

Question119: Which of the following is not the certificate save file format supported by the USG6000 series?

Question120: Which of the following is not part of the method used in the Detection section of the P2DR model?

Question121: Digital signature technology obtains a digital signature by encrypting which of the following data?

Question122: Regarding the description of the vulnerability scanning, which of the following is wrong?

Question123: In order to obtain evidence of crime, it is necessary to master :he technology of intrusion tracking. Which of the following descriptions are correct about thetracking technology? (Multiple Choice)

Question124: Except built-in Portal authentication, firewall also supports custom Portal authentication, when using a custom Portalauthentication, no need to deploy a separate external Portal sever.

Question125: The administrator wants to create a web configuration administrator, and set the Https device management port number to 20000, and set the administrator to the administrator level. which of the following commands are correct?

Question126: Which ofjhe following is the encryption technology used in digital envelopes?

Question127: Which of the following belongs to multi-channel protocol?

Question128: Which VPN access modes are suitable for mobile office workers? (Choose three.)

Question129: When the session authentication mode is used to trigger the firewall's built-in Portal authentication, the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page.

Question130: The GE1/0/1 and GE1/0/2 ports of the firewall belong to the DMZ. If the area connected to GE1/0/1 can accessthe area connected to GE1/0/2, which of the following is correct?

Question131: Which of the following information will be encrypted during the use of digital envelopes? (Multiple Choice)

Question132: Which of the following are the response actions after the gateway antivirus detects the mail virus? (Multiple choice)

Question133: Which of the following are the main implementations of gateway anti-virus? (Multiple choice)

Question134: The single-point login function of the online user, the user authenticates directly to the AD server, and the device does not interfere with the user authentication process. The AD monitoring service needs to be deployed on the USG device to mcnitorthe authentication information of the AD server.

Question135: In the Client-Initiated VPN configuration, generally it is recommended to plan the address pool and the headquarters of the network address for the different network segments, or need to open proxy forwarding on the gateway device.

Question136: Which of the following options does not belong to the log type of the Windows operating system?

Question137: Which of the following types of attacks does the DDoS attack belong to?

Question138: When the user single sign-on is configured, the receiving PC message mode is adopted. Theauthentication process has the following steps: 1 The visitor PC executes the login script and sends the user login information to the AD monitor 2 The firewall extracts the correspondence between the user and the IP from the login information. Add to theonline user table 3 AD monitor connects to the AD server to query the login user information, and f?rwards the queried user information to the firewall. 4 The visitor logs in to the AD domain.
The AD server returns the login success message to the user anddelivers the login script, which of the following order is correct?

Question139: In the first stage of IKE negotiation, which of the following IKE exchange mode does not provide identity protection features?

Question140: Which of the following belongs to the devices at the execution layer in the Huawei SDSec solution? 'Multiple Choice)

Question141: In a Firewall hot standby configuration, HRP key configuration includes which of the following? (Choose three.)

Question142: UDP port scanning means that the attacker sends a zero-byte UDP packet to a specific port of the target host.
If the port is open, it will return an ICMP port reachable data packet

Question143: Which of the following statements about Client-Initiated VPN is correct? (Multiple choice)

Question144: Which of the following statement about the L2TP VPN of Clieit-initialized is wrong?

Question145: Which of the following are the ways in which a PKI entity applies for a local certificate from CA? (Multiple Choice)

Question146: Through display ike sa to see the result as follows, which statements are correct? (Multiple choice)

Question147: Which configuration is correct to implement NAT ALG function?

Question148: The administrator PC and the USG firewall management interface directly connected using the web the way initialization. Which nether following statements are true? (Multiple choice)

Question149: Which of the following traffic matches the authentication policy triggers authentication?

Question150: Device destruction attacks are generally not easy to cause information leakage, but usually cause network communication services to be interrupted.

Question151: Which of the following statements are correct about the business continuity plan? (Multiple Choice)

Question152: Which of the following options are suppoied by VPNtechnology to encrypt data messages? (Multiple choice)

Question153: In the environment of GRE configuration, which of the following statements are true? (Choose three.)

Question154: Which of the following is the analysis layer device in the Huawei SDSec solution?

Question155: Which of the following descriptions about IKE SA is wrong?

Question156: In most scenarios, NAT Inbound is used to the enterprise private network users to access the Internet scenario.

Question157: Against IP Spoofing,which of the following description is wrong?

Question158: In the VRRP (Virtual Router Redundancy Protocol) group, the primary firewall periodically sends advertisement packets to the backup firewall. The backup firewall is only responsible for monitoring advertisement packets and will not respond.