EMT Practice Test

1. Question Content...


Question List

Question1: Which item stipulates that "spam should be detected and protected at key network nodes, and the upgrade and update of the spam protection mechanism should be maintained"?

Question2: In the future development trend of information security, terminal detection is an important ring. Which methods are the category of terminal detection? (Multiple Choice)

Question3: Regarding the actions of the security policy and the description of the security configuration file, which of the following options are correct? (Multiple choice)

Question4: Which item is correct about SSL VPN?

Question5: The single sign-on function of Internet users, the user directly authenticates to the AD server, the device does not interfere with the user authentication process, the AD monitoring service needs to be deployed in the USG device to monitor the authentication information of the AD server.

Question6: Regarding the NAT policy processing, which of the following are correct? (Multiple choice)

Question7: Digital envelope refers to the data obtained after the sender uses the receiver's ______ to encrypt the symmetric key.

Question8: When the firewall upgrades the signature database and virus database online through the security service center, the firewall must first be able to connect to the Internet, and secondly, the correct DNS address must be configured.

Question9: For data communication between the two communicating parties, if an asymmetric encryption algorithm is used for encryption, when A sends data to B, which of the following keys will be used for data encryption?

Question10: Network administrators can collect data that needs to be analyzed on network devices through packet capture, port mirroring or logs.

Question11: Encryption technology can convert readable information into unreadable information through a certain method.

Question12: Regarding the business continuity plan, which of the following statements is correct? (Multiple choice)

Question13: Which of the following is not the default security zone of the firewall?

Question14: Which of the following options does not belong to the five-tuple range?

Question15: Huawei's Agile-Controller product is a _____ device in the HiSec solution.

Question16: On the USG series firewall, after configuring the web redirection, the the authentication page cannot pop up. Which item below does not belong to the cause?

Question17: Which of the following statement is wrong about the L2TP VPN of Client-Initialized?

Question18: Which configuration below can implement NAT ALG function?

Question19: Clients in the Trust zone of the firewall can log in to the FTP server in the Untrust zone, but cannot download files. Which of the following methods can solve the problem? (Multiple Choice)

Question20: Regarding GRE encapsulation and decapsulation, which of the following descriptions is wrong?

Question21: About AH and ESP security protocols, which of the following statements are correct? (Multiple Choice)

Question22: In the PKI system architecture, _______ is the CA's window to users, and is an extension of CA's certificate issuance and management functions. He is responsible for accepting users' certificate registration and revocation applications, reviewing employees' identity information, and deciding whether to apply for certificate registration and revocation. The CA submits an application to issue or revoke a digital certificate.

Question23: Which of the following are necessary for firewall dual-machine hot backup scenarios? (Multiple choice)

Question24: Which of the following options belong to international organizations related to information security standardization? (Multiple choice)

Question25: Which of the following is not included in the trigger authentication method for firewall access user authentication?

Question26: _________ Mode: Two devices, one active and one standby. Under normal circumstances, business traffic is handled by the main device. When the main equipment fails, the backup equipment takes over the main equipment to process business traffic to ensure uninterrupted business.

Question27: Which of the following is not a file format for saving certificates supported by USG6000 series devices?

Question28: Which of the following factors are related to the initial priority of the USG9500 VGMP group? (Multiple choice)

Question29: Which of the following is the action to be taken in the summary phase of cybersecurity emergency response? (Multiple Choice)

Question30: When the firewall hard disk is on the throne, which of the following statement about the firewall log is correct?

Question31: According to the management regulations, regular inspections of network security systems and equipment, patch upgrades, and network security emergency response drills are organized. Which aspects of the MPDRR network security model are the above actions belong to? (Multiple choice)

Question32: Which of the following descriptions of the VGMP protocol is wrong?

Question33: Which of the following options are included in the encryption technology to protect data during data transmission? (Multiple choice)

Question34: According to the requirements of level protection, which of the following behaviors belong to the scope of information security operation and maintenance management? (Multiple choice)

Question35: In the process of using the digital envelope, which of the following information will be encrypted? (Multiple choice)

Question36: In the USG series firewall, you can use the ______ function to provide a well-known application service for the non-knowledge port.

Question37: Which of the following is not a major form of computer crime?

Question38: Regarding the description of the advanced settings of the windows firewall, which of the following options are wrong? (Multiple choice)

Question39: Which of the following are the response actions after the gateway anti-virus detects the mail virus? (Multiple choice)

Question40: Which of the following options belongs to the Layer 2 VPN technology?

Question41: NAT technology can realize data secure transmission by encrypting data.

Question42: Regarding the matching conditions of the security policy, which of the following options are correct? (Multiple Choice)

Question43: In the IPSec VPN transmission mode, which part of the data message is encrypted?

Question44: On Huawei USG series firewalls, the default security policy does not support modification.

Question45: When using the ______ function of SSL VPN, the virtual gateway will assign an internal network IP address to the access user, which is used for the access user to access the internal network IP resources

Question46: If internal employees access the Internet through a firewall and find that they cannot connect to the Internet normally, which viewing commands can be used on the firewall to troubleshoot the interface, security zone, security policy, and routing table? (Write any viewing command, require: command line Words must be complete and correct to score, and cannot be omitted or abbreviated)

Question47: Regarding the problem that users with two-way binding in authentication-free mode cannot access network resources, which of the following options are possible reasons? (Multiple choices)

Question48: According to the HiS ec solution, please drag the devices on the left into the logical architecture layer on the right.

Question49: Please order the following digital envelope encryption and decryption processes correctly.

Question50: Regarding the description of the buffer overflow attack, which of the following options are correct? (Multiple choice)

Question51: Which of the following is not asymmetric encryption algorithm?

Question52: Which of the following attacks is not a network attack?

Question53: In order to obtain criminal evidence, it is necessary to master the technology of intrusion tracking. Which of the following description of the tracking technology is correct? (Multiple choices)

Question54: In order to obtain criminal evidence, it is necessary to master the intrusion tracking technology. Which of the following description of the tracking technology is correct? (Multiple choice)

Question55: In the digital signature process, which of the following items are mainly used for HASH algorithm to verify the integrity of data transmission?

Question56: Which types can be divided into according to the shape of servers? (Multiple Choice)

Question57: IPSec VPN uses an asymmetric encryption algorithm to encrypt the transmitted data.

Question58: Regarding the firewall security strategy, which of the following is wrong?

Question59: Regarding IPSec SA, which of the following statements is correct?

Question60: Using a computer to store information about criminal activities is not a method of computer crime

Question61: Which of the following options belong to the characteristics of the symmetric encryption algorithm? (Multiple choices)

Question62: In the Huawei SDSec solution, which of the following belong to the execution layer equipment? (Multiple choice)

Question63: Drag the stages of cybersecurity emergency response on the left into the box on the right, and arrange them from top to bottom in the order of execution.

Question64: Which of the following options can be operated in the advanced settings of the windows firewall? (Multiple choice)

Question65: NAPT technology can implement a public IP address for multiple private network hosts.

Question66: "Implementing security monitoring management for information and information systems, preventing illegal use of information and information systems", is to achieve which feature in information security?

Question67: When the USG series firewall hard disk is in place, which of the following logs can be viewed? (Multiple choice)

Question68: When configuring the security policy, ______ can control the flow based on the user.

Question69: In the _______ view of the firewall, you can use the reboot command to restart the firewall.

Question70: Which of the following attacks is not a malformed message attack?

Question71: Please match the following malicious code classification and description one by one

Question72: Regarding the description of the operating system, which of the following is wrong?

Question73: Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security protection? (Multiple choice)

Question74: User authentication is the authentication of the client's identity by the SSL virtual gateway, including: ________, server authentication, certificate anonymous authentication and certificate challenge authentication.

Question75: Regarding the description of the ARP spoofing attack, which of the following is wrong?

Question76: RFC (Request For Comment) 1918 sets aside 3 IP address ends for private use, namely 10.0.0.0-10.255.255.255, _______, 192.168.0.0-192.168.255.255

Question77: In the user management of Huawei firewall, which of the following categories are included? (Multiple choice)

Question78: Which of the following is the basic function of anti-virus software? (Multiple Choice)

Question79: Security policy conditions can be divided into multiple fields, such as source address, destination address, source port, destination port, etc. These fields have an "and" relationship, that is, only the information in the message and all fields If they all match, it is considered to have hit this strategy.

Question80: Please match the whole worm virus attack process and attack description.

Question81: Which of the following is a remote authentication method? (Multiple Choice)

Question82: The firewall imports users locally, and supports importing user information in _______ format files and database dbm files to the local device.

Question83: What versions of the SNMP protocol are there? (Multiple choice)

Question84: Please match the following information security risks with information security incidents one by one.

Question85: Regarding single sign on, which of the following statements are correct? (Multiple Choice)

Question86: "Caesar Password" is mainly encrypted by using a stick of specific specifications.

Question87: About the description of the Windows firewall, which of the following statements are correct? (Multiple Choice)

Question88: Which of the following is the default backup mode of dual-machine hot backup?

Question89: Which of the following about the difference between pre-accident prevention strategies and post-accident recovery strategies is correct? (Multiple choice)

Question90: In the classification of the information security level protection system, which of the following levels defines if the information system is damaged, it will damage the social order and public interests? (Multiple choice)

Question91: HTTP packets are carried by UDP, and the HTTPS protocol is based on the TCP three-way handshake, so HTTPS is more secure, and HTTPS is more recommended.

Question92: 1. The enterprise needs to have its own dedicated mailbox, and the sending and receiving of mail needs to go through the enterprise's server;
2. The server must provide file transfer and access services, and provide accounts with different permissions for users in different departments of the enterprise;
3. The enterprise can directly enter the domain name in the browser when accessing the internal webpage of the enterprise.
To meet the above requirements, which of the following servers does the enterprise need to deploy? (Multiple choice)

Question93: IPS (Intrusion Prevention System) is a defense system that can real-time block during the found invasion.

Question94: Want to implement "anti-virus function" in the security policy, you must perform license activation.

Question95: Data Analysis Technology is to find, match keywords or key phrases, and analyze the correlation of time in data streams or information streams that have been obtained.
Which of the following does not belong to evidence analysis technology?

Question96: Which of the following is the port number used by L2TP packets?

Question97: Which of the following types of attacks are DDos attacks?

Question98: Security policy conditions can be divided into multiple fields, such as source address, destination address, source port, destination port, etc. These fields have an "and" relationship, that is, only the information in the message matches all fields It is considered that this strategy has been hit by the above.

Question99: Which of the following options belong to the certification field of ISO27001? (Multiple choice)

Question100: Regarding the online user management, which of the following is incorrect?

Question101: Digital certificate technology solves the problem that the owner of the public key cannot be determined in digital signature technology

Question102: Regarding NAT address conversion, which of the following statements is wrong?

Question103: When connecting to Wi-Fi in public places, which of the following is relatively safer?

Question104: Regarding the investigation and evidence collection, which of the following statement is correct?

Question105: When the administrator upgrades the USG firewall software version, which of the following operations are necessary? (Multiple choice)

Question106: Which of the following is not a stand-alone anti-virus technology?

Question107: "Be good at observation" and "keep suspicion" can help us better identify security threats in the online world.

Question108: Which of the following is the encryption technology used in the digital envelope?

Question109: Please classify the following servers and their functions correctly

Question110: About SSL VPN technology, which of the following statement is wrong?

Question111: Which of the following are not common application scenarios of digital certificates?

Question112: Which of the following options is not included in the consistency check of the HRP master and backup configuration?

Question113: Which of the following VPNs cannot be used in Site to-Site scenarios?

Question114: After the company ' s network administrator has configured dual-system hot backup, he can view VRRP and other information through commands, and get the following information
HRP_M<FWA>
Gigabit Ethernet 0/0/3 Virtual Router 1
State: Master
Virtual IP: 10.3.0.3
Master IP: 10.3.0.1
Priority Run: 120
Priority Config: 100
Master Priority: 120
Preempt: YES Delay Time: 0s
Timer Run: 60s
Timer Config: 60s
Auth type: NONE
Virtual MAC: 0000-5e00-0101
Check TIL: YES
Config type: vgmp Vrrp
Backup-forward : disabled
Create time : 2020-03-17 17:35:54UTC+08:02
Last change time: 2020-03-22 16:01:56 UTC+08:02
Type in the blank space to view the command is _____

Question115: Regarding the sequence of call establishment procedures for L2TP corridors, which of the following descriptions is correct?
1. Establish L2TP tunnel
2. Establish a PPP connection
3. LNS authenticates users
4. User access to intranet resources
5. Establish an L2TP session

Question116: Regarding the firewall security zone, which of the following statements are correct? (Multiple Choice)

Question117: Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security protection? (Multiple choice)

Question118: Regarding the description of the preemption function managed by VGMP, which of the following is wrong?

Question119: Which of the following data does the digital signature technology encrypt to obtain a digital signature?

Question120: Which of the following options does not belong to the log type of the windows operating system?

Question121: When one of the following situations occurs in the VGMP group, the VGMP group will not actively send VGMP messages to the opposite end?

Question122: Regarding the source of electronic evidence, which of the following descriptions is wrong?

Question123: Which of the following are multi-user operating systems? (Multiple choice)

Question124: About the description of the vulnerability scan, which of the following is wrong?

Question125: Which of the following SSL VPN functions can only access all TCP resources?

Question126: In addition to supporting built-in Portal authentication, firewall also supports custom Portal authentication, and does not require separate deployment of external Portal servers when using custom Portal authentication.

Question127: In the construction of an information security system, a security model is needed to accurately describe the relationship between important aspects of security and system behavior

Question128: The matching principle of the security policy is: first search for the manually configured inter-domain security policy, if it does not match, then directly discard the data packet.

Question129: Both GE1/0/1 and GE1/0/2 ports of the firewall belong to the DMZ zone. If you want to realize that the area connected by GE1/0/1 can access the area connected by GE1/0/2, which of the following is correct?

Question130: Regarding the description of the authentication of Internet users and VPN access users, which of the following is wrong?

Question131: The reason why OSPF is more commonly used than RIP is that OSPF has a device authentication function and is more secure.

Question132: Digital signature is to generate a digital fingerprint by using a hash algorithm to ensure the integrity of data transmission

Question133: In the Linux system, if the user wants to enter the tmp folder in the root directory, the command that needs to be entered is ________/tmp. [Fill in the blanks]

Question134: IPSec VPN uses an asymmetric algorithm to calculate the ______ key to encrypt data messages.

Question135: Regarding port mirroring, which of the following descriptions are correct? (Multiple Choice)

Question136: Regarding IKE SA, which of the following descriptions is wrong?

Question137: Which of the following options are malicious programs? (Multiple choice)

Question138: When an enterprise establishes its own information system, it checks every operation in accordance with the authoritative standards established internationally, and can check whether its own information system is safe or not.