EMT Practice Test

1. Question Content...


Question List

Question1: By default, the device file, there is a knowledge base file in device, during the upgrade, the device will automatically update the knowledge base files and backups.

Question2: A network administrator configure IP function, when the signed agreement is http, will only detect http header information.

Question3: Regarding the identity authentication method and authentication type, which of the following descriptions is correct?

Question4: Visitors refer to users who need temporary access to the network at a specific location.

Question5: An account can only belong to one user group, that is, a user can only belong to one department.

Question6: Which of the following description is incorrect against server loophole security threats ?

Question7: Regarding uninstalling the Agile Controller-Campus in Windows and Linux systems, which of the following descriptions is correct?

Question8: Agile Controller-Campus Which deployment mode is not supported?

Question9: Regarding the description of the ACL used in the linkage between SACG equipment and the TSM system, which of the following statements is correct!?

Question10: Regarding the way SACG devices connect to the network, which of the following descriptions are correct?
(multiple choice)

Question11: Which of the following options are right 802. 1X The description of the access process is correct? (Multiple choice).

Question12: In a centralized networking, the database, SM server, SC server, and AE server are all centrally installed in the corporate headquarters. This networking method is suitable. It is used for enterprises with a wide geographical distribution of users and a large number of users.

Question13: Which of the statement is not correct according to following configuration?
[USG] pattern-group 6t type url
[USG-pattern-group-url-bt] pattern any bt.com
[USG] url-filter policy urlpolicy3
[USG-urlfilter-policy-urlpolicy3] blacklist enable
[USG-urlfilter-policy-urlpolicy3] whitelist enable
[USG-urlfilter-policy-urlpolicy3] blacklist group 6t
[USG] web-filter policy webpolicy3
[USG-web-filter-policy-webpolicy3] policy url-filter urlpolicy3
[USG-policy-interzone-trust-untrust-outbound] policy 3
[USG-policy-interzone-trust-untrust-outbound-3] action permit
[USG-policy-interzone-trust-untrust-outbound-3] policy source range 10.10.10.101 10.10.10.200
[USG-policy-interzone-trust-untrust-outbound-3] policy web-filter webpolicy3

Question14: Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

Question15: URL filtering, according to the classification of the remote or local classification, the user can create multiple urls strategy, determines the corresponding processing action in URL strategies, a URL strategy was applied to the domain, which can realize the corresponding URL filtering.

Question16: Regarding MAC authentication and MAC bypass authentication, which of the following descriptions are correct? (multiple choice)

Question17: Use the command on the switch to view the status of free mobility deployment, the command is as follows:
For the above command, which of the following descriptions is correct?

Question18: In WPA2, because of the more secure encryption technology-TKIP/MIC, WPA2 is more secure than WPA.

Question19: According to the different user name format and content used by the access device to verify user identity, the user name format used for MAC authentication can be changed.
There are three types. Which of the following formats is not included?

Question20: Which of the following options belong to a third-party server account? (Multiple choice)

Question21: Regarding the description of the account blacklist, which of the following options is wrong?

Question22: Regarding the description of the logic architecture of the business accompanying, which of the following options is correct?

Question23: Business accompanying is-A special access control method, according to the user's access location, access time, access method and terminal use to grant designated investment limits, among which the physical connection can be divided into 3 Class, excluding which of the following access methods?

Question24: MAC Certification refers to 802.1x In the protocol authentication environment, the terminal does not respond to the connection control device after accessing the network 802.1x When protocol authentication is requested, the access control does not automatically obtain the terminal's MAC The address is sent as a credential to access the network RADIUS The server performs verification.

Question25: MAC Bypass authentication means that after the terminal is connected to the network, the access control device automatically obtains the terminal MAC Address, which is sent to RADIUS The server performs euverification.

Question26: The following is the 802.1X access control switch configuration:
[S5720]dot1x authentication-method eap
[S5720-GigabitEthernet0/0/1] port link-type access
[S5720-GigabitEthemet0/0/1] port default vlan 11
[S5720-GigabitEthernet0/0/1] authentication dot1x
Assuming that GE0/0/1 is connected to user 1 and user 2 through the HUB, which of the following options is correct?

Question27: Which of the following statement is not correct about application and identification of knowledge base upgrade?

Question28: When using the misuse of inspection technology, normal user behavior and invasion characteristics knowledge base match successfully will be false positives.

Question29: Webmail filter support Intranet users receive mail filtering.

Question30: The visitor management process includes page customization, account application, user authentication, audit, and logout. After the user successfully applies for an account, he needs to change.
When the account is distributed to users, what stage does the distribution of the account belong to?

Question31: For the terminal Wi-Fi The order of the push, which of the following is correct?
1. Any Office Mobile office system push Wi-Fi Configuration
2. Any Office The mobile office department automatically applies for a certificate.
3. The administrator configures the enterprise Wi-Fi Push.
4. The terminal automatically connects to the enterprise Wi-Fi.

Question32: Configuring WLAN device detection can realize the monitoring of the entire network, but you need to set the working mode of the AP first, which of the following options are.
What is the working mode of AP? (multiple choice)

Question33: Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

Question34: Which of the following methods can be used to protect enterprise terminal security?

Question35: Windows in environment,Agile Controller-Campus After the installation is successful, how to manually start the management center(MC)? (Multiple choice)

Question36: When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

Question37: Portal The second-level authentication method of authentication refers to the direct connection between the client and the access device(Or only layer devices exist in between),The device can learn the user's MAC Address and can be used IP with MAC Address to identify the user.

Question38: Regarding the description of the security zone in the Agile Controller-Campus, which of the following options are correct? (multiple choice)

Question39: About WEB URL filtering technology audit function, which of the following description is correct? (Choose 3 answers)

Question40: Agile Controller-Campus The product architecture includes three levels. Which of the following options does not belong to the product architecture level?

Question41: Which of the following options is for Portal The description of the role of each role in the authentication system is correct?

Question42: Which of the following options are relevant to MAC Certification and MAC The description of bypass authentication is correct? (Multiple choice)

Question43: An account can belong to multiple roles, that is, a user may hold multiple positions.

Question44: Portal At the time of certification, pass Web After the browser enters the account password for authentication, it prompts"Authenticating.."The status lasts for a long time before it shows that the authentication is successful. Which of the following reasons may cause this phenomenon?

Question45: When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Question46: Jailbroken mobile terminal\Mobile terminals with non-compliant applications installed or terminals with non-compliant lock screen passwords connecting to the corporate network for office operations are not safe for companies. Any 0fice How to solve the problem of mobile office system?

Question47: Which of the following options is not a challenge brought by mobile office?

Question48: URL filtering, remote classification list provided and maintained by a third-party classification servers, devices can be synchronous updated automatically or manually from third-party classification servers.

Question49: The terminal host access control function does not take effect, the following is SACG View information on:
<FW> display right- manager role-id rule
Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1 rule 1000 permit ip (1280 times matched) rule 1001 permit ip destination 172.18.11.2210 (581 times matched) rule 1002 permit ip destination 172:18.11.2230 (77 times matched) rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched) rule 1004 deny ip (507759 times matched) Which of the following statements is correct?

Question50: IPS custom signature in UTM supports you to set direction and protocol type.

Question51: In order to increase AP The security can be AC Going online AP Perform authentication. Currently Huawei AC What are the supported authentication methods? (Multiple choice)

Question52: What are the three main steps of business free deployment? (Multiple choice)

Question53: Which of the following statement is correct about AV engine when Execute the command display av version?

Question54: Regarding the policy for checking account security, which of the following descriptions are correct? (Multiple choice)

Question55: In SA detection technology, which feature detection matching method does not include?

Question56: In some scenarios, an anonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

Question57: On WIDS functional WLAN Regarding the judgment of illegal devices in the network, which of the following statements are correct? (Multiple choice)

Question58: About the anti-spam local black and white list, which of the following statements is wrong?

Question59: The multi-level defense system is mainly reflected in the network level and the system level. Which of the following options are used for security defense at the network level? (Multiple choice)

Question60: Security zone division means to better protect the internal network security,Based on the business type and security requirements of the intranet, divide the intranet into several granularities.
Logical area. Which of the following options does not belong Agile Controller-Campus Security domain?

Question61: According to the user's access5W1H Conditions determine access rights andQoS Strategy for5W1Ho[Which of the following descriptions are correct? (Multiple choice)

Question62: Agile Controller-Campus As RADIUS When the server performs authentication, how many ends need to be configured for authentication on the admission control device?

Question63: For hardware SACC Access control, if the terminal does not pass the authentication, it can access the resources of the post-authentication domain. This phenomenon may be caused by the following reasons?
(Multiple choice)

Question64: Regarding the basic principles of user access security, it is wrong not to list any description?

Question65: In enterprises where terminal host access control management is relatively strict, administrators hope to bind terminal hosts and accounts to prevent terminal users from accessing the controlled network from unauthorized terminal hosts at will. Regarding the description of binding the terminal host and account, which of the following is correct?

Question66: In centralized networking, database,SM server,SC server\ AE Servers are centrally installed in the corporate headquarters. This networking method is suitable for companies with a wide geographical distribution of users and a large number of users.

Question67: Which of the following options cannot be triggered MAC Certification?

Question68: Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Question69: Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Question70: Which of the following options is about Portal The description of the certification process is correct?