EMT Practice Test

1. Question Content...


Question List

Question1: Regarding the file source set in the software management, which of the following descriptions is correct?

Question2: Theaccess control server is the implementer of the corporate security policy, responsible for implementing the corresponding access control in accordance with the security policy formulated by the customer's network(Allow, deny, leave or restrict).

Question3: Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

Question4: In some scenarios, ananonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

Question5: When the account assigned by the administrator for the guest is connected to the network, the audit action that the administrator can perform on the guest does not include which of the following options?

Question6: Visitors refer to users who need temporary access to the network at a specific location.

Question7: For the scenario where the authentication server adopts distributed deployment, which of the following descriptions are correct? (multiple choice)

Question8: Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Question9: In the terminal security all-round defense system, use PPT-PDCA The model can effectively implement terminal security defense. Which of the following options does not belong to PPT Model?

Question10: Regarding asset management, which of the following descriptions is wrong?

Question11: In the campus network, employees can use 802.1X, Portal,MAC Address or SACG Way to access. Use different access methods according to different needs to achieve the purpose of user access control.

Question12: Secure email is Any ffice Solution for corporate office 0A The killer application provided, it provides powerful email business capabilities and rich email strategies. For secure mail, which of the following descriptions are correct? (Multiple choice)

Question13: Regarding the description of the logic architecture of the business accompanying, which of the following options is correct?

Question14: In the Agile Controller-Campus solution, which device is usually used as the hardware SACG?

Question15: Regarding the principle of MAC authentication, which of the following descriptions is wrong?

Question16: For the terminal Wi-Fi The order of the push, which ofthe following is correct?
1. Any Office Mobile office system push Wi-Fi Configuration
2. Any Office The mobile office department automatically applies for a certificate.
3. The administrator configures the enterprise Wi-Fi Push.
4. The terminal automatically connects to the enterprise Wi-Fi.

Question17: Which of the following options is for Portal The statement of the gateway access process is correct?

Question18: Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Question19: Which of the following options cannot be triggered MAC Certification?

Question20: Which of the following methods can be used to protect enterprise terminal security?

Question21: Portal authentication on the Agile Controller-Campus has been configured and is correct.
Configure the following commands on the access control switch:
[S5720] authentication free-rule 1 destination ip 10.1.31.78 mask 255.255. 255.255 Which of the following options are correct? (multiple choice)

Question22: When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result showssuccess, but the user cannot Normal access, the possible reason does not include which of the following options?

Question23: Regarding patch management and Windows patch checking strategies, which of the following descriptions is wrong?

Question24: Traditional access control policy passed ACL or VLAN Can not be achieved with IP Address decoupling, in IP The maintenance workload is heavy when the address changes. And because the agile network introduces the concept of security group, it can achieve the same IP Address decoupling.

Question25: What are the three main steps of business free deployment? (Multiple choice)

Question26: Which of the following options is right PKI The sequence description of the work process is correct?
1. PKI Entity direction CA ask CA Certificate. .
2. PKI Entity received CA After the certificate, install CA Certificate.
3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.
4. PKI Entity direction CA Send a certificate registration request message.
5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.
6. PKI Entity received CA The certificate information sent.
7. PKI After the entity installs the localcertificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.
8. CA receive PKI The entity's certificate registration request message.

Question27: The AD/LDAP account can be synchronized to the AgileController-Campus or not to the Agile Controller-Campus. Synchronize.
The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.
Authorization

Question28: Deployed by an enterprise network managerAgile Controller-Campus withSACG Later;Identityauthentication is successful but cannot access the post-authentication domain, This phenomenon may be caused by any reason? (Multiple choice)

Question29: Configuring WLAN device detection can realize the monitoring of the entire network, but you need to set the working mode of the AP first, which of the following options are.
What is the working mode of AP? (multiple choice)

Question30: According to different reliability requirements, centralized networking can providedifferent reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Question31: There is a three-layer forwarding device between the authentication client and the admission control device:If at this time Portal The certified three-layer authentication device can also obtain the authentication client's MAC address,So you can use IP Addressand MC The address serves as the information to identify the user.

Question32: Windows in environment,Agile Controller-Campus After the installation is successful, how to manually start the management center(MC)? (Multiple choice)

Question33: When performing terminal access control, the authentication technology that can be used does not include which of the following options?

Question34: Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Question35: Security authentication is mainly achieved through security policies. The terminal host support management for the security checkof monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

Question36: Install Agile Controller-Campus Which of the following steps do not need to be completed before?

Question37: There are three roles in the XMPP protocol: server, gateway, and client. Corresponding to the free mobility solution: AgileController-Campus as For the server, Huawei USG6000 series firewall acts as the gateway; the agile switch acts as the client.

Question38: When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

Question39: In Portal authentication, which of the following parameters must be configured on the switch? (Multiple choice)

Question40: Regarding uninstalling the Agile Controller-Campus in Windows and Linux systems, which of the following descriptions is correct?

Question41: Regarding the identity authentication method and authenticationtype, which of the following descriptions is correct?

Question42: In the scenario of SACG linkage in bypass mode, only the traffic initiated by the terminal user will pass through the firewall, and the server will return to the terminal in use.
The traffic does not need to go through the firewall y. For the firewall, it belongs to the scenario ofinconsistent traffic back and forth paths, this needs to turn off the session state check function.

Question43: Mobile smartphone, tablet PC users through Any Office Client and AE Establish IPSec Encrypted tunnel, After passing the certification and compliance check, visit the enterprise business.

Question44: The administrator issues notices to users in the form of announcements, such as the latest software and patch installation notices. Which of the following options of the announcement is incorrect?

Question45: Regarding the description of the account blacklist, which of thefollowing options is wrong?

Question46: User access authentication technology does not include which of the following options?

Question47: SACG Inquire right-manager The information is as follows, which options are correct? (Multiple choice)

Question48: In theAgile Controller-Campus admission control scenario, regarding the role description of the RADIUS server I client, which of the following is positive True?

Question49: About the hardware SACG Certification deployment scenarios, which of the following descriptions are correct? (Multiple choice)

Question50: View on the switch Agile Controller-Campus The policy issued by the server is as follows:
For this strategy, which of the following options are correct? (Multiple choice)

Question51: The relationship between user groups and accounts in user management is stored in a tree on the Agile Controller-Campus. An account belongs to only one user group.
Consistent with the corporate organizational structure: If the OU (OnizbonUnit) structure stored in the AD/LDAP server is consistent with the corporate organizational structure, users are stored Under 0OU, when the Agile Controller-Campus synchronizes AD/LDAP server accounts, which synchronization method can be used?

Question52: Portal The second-level authentication method ofauthentication refers to the direct connection between the client and the access device(Or only layer devices exist in between),The device can learn the user's MAC Address and can be used IP with MAC Address to identify the user.

Question53: For the convenience of visitors, different authentication and master pages can be distributed for different visitors. When configuring the push page strategy, different matching conditions need to be defined, so which of the following options can be used as the limited matching conditions? (Multiple choice)

Question54: Accordingto the different user name format and content used by the access device to verify user identity, the user name format used for MAC authentication can be changed.
There are three types. Which of the following formats is not included?

Question55: Which of the following cybersecurity threats exist only in WLAN In the network?

Question56: Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Question57: After an enterprise deployed antivirus software, it was discovered that virus infections stilloccurred on a large scale. In addition to the limitations of the product's own technology, the reason for the problem is weak personal terminal security protection, which is also an important factor.

Question58: The following configuration is in A with B The authentication commands are configured on the two admission control devices. For the analysis of the following configuration commands, which ones are correct? (Multiple choice)

Question59: The following is the 802.1X access control switch configuration:
[S5720]dot1x authentication-method eap
[S5720-GigabitEthernet0/0/1] port link-type access
[S5720-GigabitEthemet0/0/1] port default vlan 11
[S5720-GigabitEthernet0/0/1] authentication dot1x
Assuming that GE0/0/1 is connected to user 1 and user 2through the HUB, which of the following options is correct?