EMT Practice Test

1. Question Content...


Question List

Question1: With the continuous development of the network and the rapid development of applications, companies are making users more and more frequently start to transfer files on the network.
Virus threats are becoming more and more serious. Only by rejecting the virus outside the network can data security and system stability be guaranteed. So, which of the following are What harm might be caused by illness? (multiple choices)

Question2: An enterprise has a large number of mobile office employees, and a mobile office system needs to be deployed to manage the employees. The number of employees in this enterprise exceeds 2000 People, and the employees' working areas are distributed all over the country. In order to facilitate management, which deployment method is adopted?

Question3: Which of the following options is for Portal The description of the role of each role in the authentication system is correct?

Question4: After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

Question5: Which of the following descriptions are correct for proxy-based anti-virus gateways? (multiple choice)

Question6: Which of the following is the correct configuration idea for the anti-virus strategy?
1. Load the feature library
2. Configure security policy and reference AV Profile
3. Apply and activate the license
4. Configure AV Profile
5. Submit

Question7: Anti-DDoS defense system includes: management center, detection center and cleaning center.

Question8: Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

Question9: A network adopts Portal Authentication, the user finds the pushed Web No username entered on the page/The place of the password. This failure may Which of the following causes?

Question10: Which of the following options belong to the keyword matching mode? (multiple choice)

Question11: Windows in environment,Agile Controller-Campus After the installation is successful, how to manually start the management center(MC)? (Multiple choice)

Question12: Which of the following statement is correct about Policy Center system client function?

Question13: Which of the following options is not a scenario supported by Free Mobility?

Question14: When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Question15: Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

Question16: With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.
Generally, APT attacks can be summarized into four stages:
1. Collecting Information & Intrusion
2. Long-term lurking & mining
3. Data breach
4. Remote control and penetration
Regarding the order of these four stages, which of the following options is correct?

Question17: Sort all services according to user group and account: By the end IP The address range is time-sharing, if it is a user group, a small terminal with an account IP Address range allocation for the same business(Chen Gongji outside business) I The business assigned to the one with the highest priority will take effect.
Which of the following is correct regarding the order of priority?

Question18: After an enterprise deployed antivirus software, it was discovered that virus infections still occurred on a large scale. In addition to the limitations of the product's own technology, the reason for the problem is weak personal terminal security protection, which is also an important factor.

Question19: Fage attack means that the original address and target address of TOP are both set to the IP address of a certain victim. This behavior will cause the victim to report to it.
SYN-ACK message is sent from the address, and this address sends back an ACK message and creates an empty connection, which causes the system resource board to occupy or target The host crashed.

Question20: In order to increase AP The security can be AC Going online AP Perform authentication. Currently Huawei AC What are the supported authentication methods? (Multiple choice)

Question21: When the Anti DDoS system finds the attack flow, the state will redirect the attack flow to the cleaning device.
After the cleaning device is cleaned, it will flow back.
Note to the original link, which of the following options does not belong to the method of re-injection?

Question22: Use on access control equipment test-aaa Command test and Radius When the server is connected, the running result shows a timeout, which may be caused by incorrect account or password configuration.

Question23: Which of the following options is not a cyber security threat caused by weak personal security awareness?

Question24: Portal At the time of certification, pass Web After the browser enters the account password for authentication, it prompts"Authenticating.."The status lasts for a long time before it shows that the authentication is successful. Which of the following reasons may cause this phenomenon?

Question25: If a company wants to detect image files, Shellcode code files and PDF files, which of the following types of sandboxes can be used? (More
155955cc-666171a2-20fac832-0c042c0420
select)

Question26: In the Agile Controller-Campus solution, which device is usually used as the hardware SACG?

Question27: When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

Question28: Jailbroken mobile terminal\Mobile terminals with non-compliant applications installed or terminals with non-compliant lock screen passwords connecting to the corporate network for office operations are not safe for companies. Any 0fice How to solve the problem of mobile office system?

Question29: Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Question30: Agile Controller-Campus The system can manage the software installed on the terminal, define the black and white list of software, and assist the terminal to install necessary software and uninstall the software that is not allowed to be installed by linking with the access control equipment,Regarding the definition of black and white lists, which of the following statements is correct?

Question31: Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

Question32: What content can be filtered by the content filtering technology of Huawei USG6000 products?

Question33: Regarding the description of keywords, which of the following is correct? (multiple choice)

Question34: Terminal fault diagnosis tool can diagnose fault, also can collect terminal information.

Question35: In the park, users frequently enter and leave the wireless signal coverage area due to office needs. If you need to ensure the user's Internet experience, after the user passes an authentication, when he accesses the network again, no important authentication is required:Which of the following authentication methods is recommended?

Question36: Which of the following descriptions about viruses and Trojans are correct? (multiple choices)

Question37: Regarding the basic principles of user access security, it is wrong not to list any description?

Question38: Which of the following options does not belong to the basic DDoS attack prevention configuration process?

Question39: Which of the following options is wrong for the description of the cleaning center?

Question40: When managing guest accounts, you need to create a guest account policy and set the account creation method. For the account creation method, which of the following descriptions is wrong?

Question41: What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

Question42: Regarding the use of MAC authentication to access the network in the WLAN networking environment, which of the following statements is wrong en.

Question43: Regarding asset management, which of the following descriptions is wrong?

Question44: According to the different user name format and content used by the access device to verify user identity, the user name format used for MAC authentication can be changed.
There are three types. Which of the following formats is not included?

Question45: The anti-virus feature configured on the Huawei USG6000 product does not take effect. Which of the following are the possible reasons? (multiple choice)

Question46: The following is the 802.1X access control switch configuration:
[S5720]dot1x authentication-method eap
[S5720-GigabitEthernet0/0/1] port link-type access
[S5720-GigabitEthemet0/0/1] port default vlan 11
[S5720-GigabitEthernet0/0/1] authentication dot1x
Assuming that GE0/0/1 is connected to user 1 and user 2 through the HUB, which of the following options is correct?

Question47: Which of the following options will not pose a security threat to the network?

Question48: Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Question49: In the WLAN wireless access scenario, which of the following network security technologies belong to user access security? (Multiple choice)

Question50: The analysis and processing capabilities of traditional firewalls at the application layer are weak, and they cannot correctly analyze malicious codes that are mixed in the flow of allowed application teaching: many Attacks or malicious behaviors often use the firewall's open application data flow to cause damage, causing application layer threats to penetrate the firewall

Question51: Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice)

Question52: Which of the following options is not a feature of big data technology?

Question53: In WPA2, because of the more secure encryption technology-TKIP/MIC, WPA2 is more secure than WPA.

Question54: Which of the following options is for Portal The statement of the gateway access process is correct?

Question55: In the construction of information security, the intrusion detection system plays the role of a monitor. It monitors the flow of key nodes in the information system.
In-depth analysis to discover security incidents that are occurring. Which of the following are its characteristics?. c0O

Question56: In the campus network, employees can use 802.1X, Portal,MAC Address or SACG Way to access. Use different access methods according to different needs to achieve the purpose of user access control.

Question57: Deployed by an enterprise network managerAgile Controller-Campus withSACG Later;Identity authentication is successful but cannot access the post-authentication domain, This phenomenon may be caused by any reason? (Multiple choice)

Question58: View on the switch Agile Controller-Campus The policy issued by the server is as follows:
For this strategy, which of the following options are correct? (Multiple choice)

Question59: When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Question60: When configuring the terminal visits, we put some equipment configured exception equipment ,which of the following statements are true about the exception equipment?

Question61: What are the typical technologies of anti-virus engines (multiple choice)

Question62: Which of the following options is about Portal The description of the certification process is correct?

Question63: Regarding the application scenarios of Agile Controller-Campus centralized deployment and distributed deployment, which of the following options are correct? (Multiple select)

Question64: Terminal security access technology does not include which of the following options?

Question65: Huawei USG6000 products can scan and process certain file transfer protocols for viruses, but which of the following protocols is not included?

Question66: A policy template is a collection of several policies. In order to audit the security status of different terminal hosts and the behavior of end users, the administrator needs to customize.
The same policy template is used to protect and manage terminal hosts. Regarding the policy template, which of the following option descriptions are correct? (multiple choice)

Question67: Which of the following options is not a special message attack?

Question68: The processing flow of IPS has the following steps;
1. Reorganize application data
2. Match the signature
3. Message processing
4. Protocol identification
Which of the following is the correct order of the processing flow?

Question69: If you deploy Free Mobility, in the logic architecture of Free Mobility, which of the following options should be concerned by the administrator?

Question70: Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

Question71: In Portal authentication, which of the following parameters must be configured on the switch? (Multiple choice)

Question72: Regarding patch management and Windows patch checking strategies, which of the following descriptions is wrong?

Question73: When the device recognizes a keyword during content filtering detection, which response actions can the device perform? (multiple choice)

Question74: Regarding the description of the security zone in the Agile Controller-Campus, which of the following options are correct? (multiple choice)

Question75: If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses It is the stream scanning method.

Question76: A network adopts 802. 1X To authenticate access users, the access control equipment is deployed at the convergence layer, and after the deployment is completed, it is used on the access control equipment t-aa The command test is successful, but the user cannot access the network. The failure may be caused by the following reasons? (Multiple choice)

Question77: Regarding traditional firewalls, which of the following statements are correct? (multiple choice)

Question78: 802.1X During the authentication, if the authentication point is at the aggregation switch, in addition to RADIUS,AAA,802.1X In addition to the conventional configuration, what special configuration is needed?

Question79: Regarding the global configuration of file filtering configuration files for Huawei USG6000 products, which of the following descriptions is correct?

Question80: The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.

The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.
Which of the following statements is correct

Question81: In the process of establishing CAPWAP channel between AP and AC, AP and AC negotiate to establish CAPWAP tunnel. In this process, CAPWAP tunnel is established.
Use DTLS to encrypt and transmit UDP packets. What are the encryption methods supported by DTLS?
(multiple choice)

Question82: Which of the following is not an abnormal situation of the file type recognition result?

Question83: Portal The second-level authentication method of authentication refers to the direct connection between the client and the access device(Or only layer devices exist in between),The device can learn the user's MAC Address and can be used IP with MAC Address to identify the user.

Question84: When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

Question85: Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Question86: If the user's FTP operation matches the FTP filtering policy, what actions can be performed? (multiple choice)

Question87: In the visitor reception hall of a company, there are many temporary terminal users, and the administrator hopes that users do not need to provide any account numbers and passwords. access Internet. Which of the following authentication methods can be used for access?

Question88: Regarding the file source set in the software management, which of the following descriptions is correct?

Question89: Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?
1. The Netflow analysis device samples the current network flow;
2. Send a drainage command to the cleaning center;
3. Discover the DDoS attack stream;
4.Netior: analysis equipment sends alarms to ATIC management center
5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;
6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage
7. The cleaning log is sent to the management center to generate a report;
8. The cleaned traffic is sent to the original destination server.

Question90: The use of the 802.1X authentication scheme generally requires the terminal to install specific client software.
For large-scale deployment of client software, the methods that can be taken. What are the cases? (multiple choices)

Question91: Regarding CAPWAP encryption, which of the following statements is wrong?

Question92: When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Question93: Regarding the description of file reputation technology in anti-virus engines, which of the following options is correct?

Question94: The AD/LDAP account can be synchronized to the Agile Controller-Campus or not to the Agile Controller-Campus. Synchronize.
The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.
Authorization

Question95: Regarding HTTP behavior, which of the following statements is wrong?

Question96: Regarding the anti-spam response code, which of the following statements is wrong?

Question97: Server Fault information collection tool Server Collector, which of the following does collected information items not include?

Question98: When the account assigned by the administrator for the guest is connected to the network, the audit action that the administrator can perform on the guest does not include which of the following options?

Question99: Hardware in useSACG At the time of certification,SACG After the configuration is completed, you can seeSACG andAgile Agile Controller-Campus The linkage is successful, but the user authentication fails. This phenomenon may be caused by the following reasons? (Multiple choice)

Question100: Which of the following options is right PKI The sequence description of the work process is correct?
1. PKI Entity direction CA ask CA Certificate. .
2. PKI Entity received CA After the certificate, install CA Certificate.
3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.
4. PKI Entity direction CA Send a certificate registration request message.
5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.
6. PKI Entity received CA The certificate information sent.
7. PKI After the entity installs the local certificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.
8. CA receive PKI The entity's certificate registration request message.

Question101: When deploying the Agile Controller-Campus, the high-reliability solution of the Windows+SQL Server platform is adopted. Which of the following components is not supported for deployment?

Question102: What are the three main steps of business free deployment? (Multiple choice)

Question103: When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Question104: Which of the following options are relevant to Any Office The description of the solution content is correct?
(Multiple choice)

Question105: The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the website of the security center platform?

Question106: Configure the following commands on the Huawei firewall:
[USG] interface G0/0/1
[USG] ip urpf loose allow-defult-route acl 3000
Which of the following options are correct? (multiple choice)

Question107: Which of the following options are correct for the configuration description of the management center ATIC?
(multiple choice)