When personal privacy information is violated or leaked.
How to deal with the adoption of self-help measures?
- A . Require the infringer to stop the infringement.
- B . Obtain privacy information of infringers and warn them.
- C . Call the police and ask the public security authorities to deal with it.
- D . Filing a lawsuit in the people’s court.
According to the requirements of Graded Protection 2.0, the scope of security audits should cover not only every operating system user on the server, but also which of the following
- A . Database user
- B . Monitor users
- C . Configure the user
- D . Non-admin users
Databases often store important information about the enterprise, and hackers try to gain profits by destroying servers and databases Therefore. Securing databases is becoming increasingly important.
Which of the following are common database political methods?
- A . SQL injection
- B . Privilege elevation
- C . Eliminate unpatched database vulnerabilities
- D . Steal backed-up (unencrypted) tapes
- E . Brute force weak password or default username and password
JDBC is a mechanism for Java applications to talk to various different databases, and ODEC, similar to JDEC, is also an important database access technology.
- A . TRUE
- B . FALSE
In the Cloudabric scenario, which of the following ways is the firewall deployed?
- A . One machine deployment
- B . Primary/standby dual-machine images
- C . Dual machine load sharing
- D . Hot standby for both active and standby machines
Which of the following options is not included in the data theft phase of HiSec Insight?
- A . Ping Tunnel detection
- B . DNS Turnel detection
- C . Traffic base anomaly detection
- D . Web anomaly detection
When Hisec Insight is linked with terminals, it is mainly linked with the EDR of third-party vendors with cooperative relationships.
- A . TRUE
- B . FALSE
Regarding situational awareness, is the following description correct?
- A . Perception of elements in the environment
- B . Rationale for the current situation
- C . A projection of a longer period of time in the future
- D . Perception of elements in a temporal and spatial environment An understanding of their meaning, and a projection of their later state
The main role of the audit system is to audit security events after the fact.
To provide sufficient evidence, a security audit product must have which of the following features7
- A . Protect the security of user communications and the integrity of data, and prevent malicious users from intercepting and tampering with data It can fully protect users from malicious damage during operation
- B . It can provide fine-grained access control to maximize the security of user resources
- C . It provides centralized management of all server and network device accounts, which can complete the monitoring and management of the entire life cycle of the account
- D . It can automatically display the user’s operation process and monitor the user’s every behavior Determine whether the user’s behavior poses a danger to the internal network security of the enterprise
On the principle of defense against trapping.
Which of the following is described as incorrect
- A . By deceiving network detection activities, fake resources are displayed, so that attackers cannot discover real system information and vulnerabilities
- B . Interact with the attack campaign to confirm the intent and discover the attacker before the breach occurs
- C . Trapping systems discover and block attacker attacks
- D . Interference Attack Gathering System Information diaphragmatic weakness determination" process, inducing the attacker to expose the intention
Which of the following does HiSec Insight’s big data processing not include?
- A . Data preprocessing
- B . Flow data collection
- C . Distributed storage
- D . Distributed indexes
Multi-factor authentication is mainly used in scenarios of login protection and operation protection.
- A . TRUE
- B . FALSE
When there is a large amount of data (such as photos, videos or database files, etc.) that need to be added and unsealed, the user can encrypt and decrypt the data by encrypting the data with the number of watermarks, and the data can be encrypted and decrypted without transmitting a large amount of data over the network
- A . TRUE
- B . FALSE
Which of the following features can be used for operation auditing of HUAWEI CLOUD bastion hosts?
- A . report analysis
- B . Double License
- C . Work order management
- D . Action playback
When a user terminates the use of HUAWEI CLOUD services, as a service provider, we should ensure the security of user data operations.
- A . Transmission security
- B . Storage security
- C . Destroy security
- D . Collect security
After you deploy HUAWEI CLOUD WAF Traffic to the tenant’s Neb server is sent directly to the origin server Cloud WAF intercepts and detects traffic whose destination IP address is the IP address of the origin server.
- A . TRUE
- B . FALSE
Which of the following services are security management services in HUAWEI CLOUD solutions?
- A . DDOS Anti-DDoS Pro IP services
- B . Situational awareness services
- C . SSL certificate management service
- D . Security Expert Services
The purpose of access control is to provide access to authorized subjects and prevent any unauthorized and intentional access.
- A . TRUE
- B . FALSE
When USG Firewall sends logs outward, it supports several different log information encapsulation formats.
Which of the following items is a supported firewall format?
- A . Netflow format
- B . Datafl ow format
- C . Binary format
- D . Syslog format
USG firewall’s DDoS attack prevention techniques include which of the following?
- A . Current limiting technology
- B . Cryptography
- C . Fingerprint technology
- D . Source detection technology
By default, the firewall authenticates traffic that passes through itself.
- A . TRUE
- B . FALSE
There are many firewall security policies in the data center network, and the administrator enables the policy backup acceleration function, and the source address matching conditions of the security policy are modified It can be effective immediately.
- A . TRUE
- B . FALSE
If a user queries the security log of the AD server using single sign-on through the firewall, the firewall can immediately take the user offline after the user logs out. A5RUE
B. FALSE
If the database O&M workload is much greater than the host O&M workload, you can choose to have an independent department outside the original O&M bastion host. The database bastion host.
- A . TRUE
- B . FALSE
With the following description of the load balancing feature of USG Firewall Server, what are the correct items?
- A . The IP address specified in the security policy should be the IP address of the real server
- B . The IP address specified in the security policy should be the IP address of the virtual server
- C . Modifying the destination IP address and destination port number of a packet occurs after querying the inter-domain security policy
- D . Modifying the destination IP address and destination port number occurs before querying the inter-domain security policy
Control of ping packets to the USG firewall itself. The access control management function of the interface takes precedence over the security policy.
- A . TRUE
- B . FALSE
Which is the more correct number of DNS servers that can be bound to each outbound interface in the USC Firewall DNS Transparent Proxy function?
- A . 2
- B . 3
- C . 4
- D . 1
A description of the following IPv6 Secure Neighbor Discovery feature information for one of the interfaces.
Which one is wrong?
- A . The minimum key length that the interface can accept is 512
- B . The maximum key length that the interface can accept is 2048
- C . The interface does not have strict security mode enabled
- D . The security level of the CGA address is 1
In the following description of the USG firewall security policy, which one is wrong?
- A . When the firewall is equipped with the undo firewall packet-filter basic-protocol enable command, unicast packets are not controlled by security policies
- B . By default… Broadcast packets are not controlled by security policies
- C . In the case of the province, multicast packets are not controlled by security policies
- D . By default… Unicast packets are controlled by security policies
The USG firewall is connected to the corporate intranet through a router After the firewall is configured with the cross-Layer 3 MAC identification feature, then the security policy of the firewall can configure the MAC address as a match condition
- A . TRUE
- B . FALSE
Configure the source NAT policy for the campus network egress firewall to use the internal network users to access the external network, if you need to use security policies to block access to the external network. The source IP address matched in the security policy is the private IP address of the user.
- A . TRUE
- B . FALSE
An important purpose of adopting a distributed denial-of-service attack architecture is to isolate network contacts Protect attackers… So that it will not be tracked by the monitoring system while the attack is in progress
- A . TRUE
- B . FALSE
Let’s see which devices can be used as Huawei CIS (Cybersecurity Intelligence system.).
Trapping probes in network security intelligence systems?
- A . firewall
- B . switchboard
- C . router
- D . server
With the prevalence of e-commerce, online banking, e-government. The business value of WEB servers is getting higher and higher, and the security threats faced by web servers are also increasing, and the defense against the web application layer has become an inevitable trend, WAF (Web Application Firewall WEB APPLICATION FIREWALL) PRODUCTS BEGAN TO BECOME POPULAR. As shown in the figure. The firewall uses the deployment mode of transparent proxy About the deployment mode of WAF using transparent proxy.
Which of the following options is described incorrectly.
- A . You need to configure the IP address and route for the forwarding interface of the WAF
- B . The agent works in route-forwarding mode instead of bridge mode
- C . JUDGING FROM THE ANGULARITY OF THE WEB CLIENT THE WEB CLIENT IS STILL DIRECTLY ACCESSING THE SERVER AND IS NOT AWARE OF THE EXISTENCE OF WAF
- D . Minimal network changes enable zero-configuration deployment
The web reputation feature categorizes websites and differentiates them according to different classifications. When a user visits a potentially risky website, it can be promptly alerted or blocked by the system thus helping the user quickly confirm the security of the target website.
Which of the following options does not fall under the classification of Web Reputation Sites?
- A . Default trusted Web site
- B . Customize trusted websites
- C . Customize the suspicious station
- D . Predefined trusted websites
With the continuous development of network technology. The firewall is also completing its own upgrade. The technology evolution that firewalls have undergone includes which of the following options
- A . Stateful Detection Firewall
- B . App Proxy Firewall
- C . Packet filtering firewall
- D . Web firewall
NIP provides security mechanisms from multiple levels such as administrators and logs to build the security of operation and maintenance.
Which of the following security options are included?
- A . Administrator decentralization and domain management mechanism
- B . Anti-brute force mechanism
- C . Protection mechanism for sensitive user information
- D . Access channel control
PT (Advanced Persistent Threat) attacks are stealthy and persistent computer intrusion processes, usually orchestrated by certain personnel For specific goals.
- A . TRUE
- B . FALSE
Employees visit illegal or malicious websites at will Viruses, Trojans, and worms will be attacked, so we need to enable URL filtering.
Which of the following options is a feature of URL Shopping?
- A . Great impact on performance However, only HTTP/HTTPS access is controlled
- B . The impact on performance is small And all services corresponding to the domain name can be controlled
- C . Control in the domain name resolution stage, control the granularity Control can only be done down to the domain name level
- D . Control is performed during the URL request phase of making HTTP/HTTPs Fine control granularity Can be controlled down to the directory and file level
Trojans due to infection of other files It also destroys computer systems, and at the same time replicates itself, so Trojans have the characteristics of traditional computer viruses.
- A . TRUE
- B . FALSE
When NIP is deployed at the Internet perimeter, it is generally deployed in the egress firewall or router back, transparent access network.
Which of the following features is the main focus of the summer scene
- A . Intrusion prevention
- B . App control
- C . Content filtering
- D . Anti-virus
Based on years of deep understanding of customer needs and professional research in security, Huawei launched the Anti-DDoS solution, which does not include which of the following options is less
- A . Suga Center
- B . Testing Center
- C . Traffic Center
- D . Cleaning center
The global nature of the Internet exposes Teb services to attacks of varying sizes, sizes, and sophistications So which of the following options can secure Web services?
- A . run IIS Lockdown Wizzard
- B . Install the latest operating system patches
- C . Disable default and management of web sites
- D . Disable network printing
NIP’s service interfaces are all working at Layer 2, which can not change the customer’s existing network topology. It provides direct and transparent access to the customer network.
In addition, the default threat protection policy is configured, and protection can be started after connecting to the network.
- A . TRUE
- B . FALSE
Broiler chickens Also known as a zombie, it usually refers to a machine that can be controlled remotely by hackers and is often used in DDOS attacks.
- A . TRUE
- B . FALSE
The signature filter will batch out signatures, and usually set to a uniform action for ease of management. If an app wants to treat it differently You can also use exception signatures to match O’s from signature filters
- A . TRUE
- B . FALSE
About black box testing in paint through testing Primarily to find problems with which of the following options?
Test the validity of internal data structures
B. Whether there are initialization or terminating errors
C. Whether the performance can meet the requirements
D. Whether there are incorrect or missing features
The server can set or read the information contained in the cookie This maintains state in the user’s
session with the server.
- A . TRUE
- B . FALSE
Which of the following options are the main dangers of computer Trojans?
- A . Personal accounts, passwords and other information were stolen
- B . Cause the system to slow down or even freeze
- C . Illegal remote control of a computer
- D . User files are corrupted
Hard drives are non-volatile memory on the host computer that uses a hard spinning platter It stores and retrieves data on a flat magnetic surface.
So which of the following options does the data hard disk save file saved in the hard disk?
- A . cluster
- B . object
- C . slice
- D . piece