EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following files can the sandbox detect? (multiple choice)

Question2: The main attack prevention technologies of Huawei USG6000 products include: source detection, fingerprint learning and associated defense.

Question3: Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

Question4: In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.
"Hand in" to activate.

Question5: After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

Question6: For compressed files, the virus detection system can directly detect them.

Question7: With the continuous development of the network and the rapid development of applications, companies are making users more and more frequently start to transfer files on the network.
Virus threats are becoming more and more serious. Only by rejecting the virus outside the network can data security and system stability be guaranteed. So, which of the following are What harm might be caused by illness? (multiple choices)

Question8: If the regular expression is "abc. de", which of the following will not match the regular expression?

Question9: Which of the following options is not a defense against HTTP Flood attacks?

Question10: The processing flow of IPS has the following steps;
1. Reorganize application data
2. Match the signature
3. Message processing
4. Protocol identification
Which of the following is the correct order of the processing flow?

Question11: The administrator has configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not allowed Can the reason?

Question12: Which of the following options belong to the network layer attack of the TCP/IP protocol stack? (multiple choice)

Question13: Regarding the Anti-DDoS cloud cleaning solution; which of the following statements is wrong?

Question14: The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons some?

Question15: Content filtering is a security mechanism for filtering the content of files or applications through Huawei USCG00 products. Focus on the flow through deep recognition Contains content, the device can block or alert traffic containing specific keywords.

Question16: When the device recognizes a keyword during content filtering detection, which response actions can the device perform? (multiple choice)

Question17: The administrator has made the following configuration:
1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.
2. The action of overwriting signature ID3000 is an alarm.

Question18: What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

Question19: Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Question20: Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Question21: Use BGP protocol to achieve diversion, the configuration command is as follows
[sysname] route-policy 1 permit node 1
[sysname-route-policy] apply community no-advertise
[sysname-route-policy] quit
[sysname]bgp10029
[sysname-bgp] peer
[sysname-bgp] import-route unr
[sysname- bgpl ipv4-family unicast
[sysname-bgp-af-ipv4] peer 7.7.1.2 route-policy 1 export
[sysname-bgp-af-ipv4] peer 7.7. 1.2 advertise community
[sysname-bgp-af-ipv4] quit
[sysname-bgp]quit
Which of the following options is correct for the description of BGP diversion configuration? (multiple choice)

Question22: Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

Question23: The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

Question24: With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.
Generally, APT attacks can be summarized into four stages:
1. Collecting Information & Intrusion
2. Long-term lurking & mining
3. Data breach
4. Remote control and penetration
Regarding the order of these four stages, which of the following options is correct?

Question25: Regarding the description of intrusion detection technology, which of the following statements is correct?

Question26: Which of the following descriptions about viruses and Trojans are correct? (multiple choices)

Question27: Which of the following options is correct for the description of the Anti DDoS system configuration?

Question28: When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Question29: Which of the following options are correct for the configuration description of the management center ATIC?
(multiple choice)

Question30: Regarding the processing flow of file filtering, which of the following statements is wrong?

Question31: Which of the following options are common behavioral characteristics of viruses? (multiple choices)

Question32: When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item:
At the same time, set it in the custom URL category.
A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More select)

Question33: An enterprise administrator configures the Web reputation system as shown in the figure. Regarding the configuration, which of the following statements is correct?

Question34: The following commands are configured on the Huawei firewall:
[USG] firewall defend ip-fragment enable
Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Question35: Which of the following are typical intrusions? "Multiple choice)

Question36: The user needs of a university are as follows:
1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.
2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.
3. At the same time, some pornographic websites in the student area are prohibited.
The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

Question37: Which of the following options are common reasons for IPS detection failure? (multiple choices)

Question38: When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

Question39: Huawei NIP6000 products have zero-setting network parameters and plug-and-play functions, because the interfaces and interface pairs only work on layer 2 without Set the IP address.

Question40: IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.
Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

Question41: If the processing strategy for SMTP virus files is set to alert, which of the following options is correct?

Question42: The analysis and processing capabilities of traditional firewalls at the application layer are weak, and they cannot correctly analyze malicious codes that are mixed in the flow of allowed application teaching: many Attacks or malicious behaviors often use the firewall's open application data flow to cause damage, causing application layer threats to penetrate the firewall.

Question43: Among the following options, which attack is a malformed packet attack based on the TCR protocol?

Question44: Which of the following options is not a feature of Trojan horses?

Question45: Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

Question46: Which of the following is the correct configuration idea for the anti-virus strategy?
1. Load the feature library
2. Configure security policy and reference AV Profile
3. Apply and activate the license
4. Configure AV Profile
5. Submit

Question47: Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

Question48: Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice)

Question49: The results of the RBL black and white list query on the firewall are as follows:

Based on the above information only, which of the following statements is correct? (multiple choice)

Question50: Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)

Question51: Regarding HTTP behavior, which of the following statements is wrong?

Question52: Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

Question53: Regarding the processing process of file overwhelming, which of the following statements is correct?

Question54: Regarding traditional firewalls, which of the following statements are correct? (multiple choice)

Question55: Which of the following options is wrong for the description of the cleaning center?

Question56: Huawei NIP6000 products provide carrier-class high-reliability mechanisms from multiple levels to ensure the stable operation of equipment.
Which of the following options belong to the network reliability? (multiple choice)

Question57: In the penetration stage of an APT attack, which of the following attack behaviors will the attacker generally have?

Question58: Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

Question59: The following figure shows the configuration of the URL filtering configuration file. Regarding the configuration, which of the following statements is correct?