Let's take the L2TP over IPSec in the dual-machine scenario What is wrong with the description is the egg? (single selection).
Which of the following options is not part of the base metric of CVSS assessment? (single selection).
Which of the following information cannot be scanned by the nmap tool? (single selection).
Which of the following is not a cybersecurity threat (single selection).
After you deploy HUAWEI CLOUD ANTI-DDoS Pro or Anti-DDoS Premium (DDoS Pro) or Anti-DDoS Pro, whether or not a DDoS attack occurs All access traffic is sent directly to the origin server IPo
Configure the source NAT policy for the campus network egress firewall to use the internal network users to access the external network, if you need to use security policies to block access to the external network The source IP address matched in the security policy is the private IP address of the user.
Which of the following options is a DDOS attack against the application layer? (multiple selection).
As DNS reflection attacks
B. UDP fragmentation attacks
C. HTTP slow attacks
D. TCPSYN flood attack
In the HCIE-Security V2.0 course architecture, which of the following pieces are included? (multiple selection).
Which of the following items is included in the processing of raw traffic?
The intensity of a system security threat is only related to the vulnerability of the system, and a well-protected system is basically immune to attack.
Which of the following options is part of the business security resiliency (multiple choices)?
What are the logical/technical access controls in the following equation? (multiple selection).
The following describes port scanning Which is wrong? (single selection).
The target IP address information can be collected through attacks, such as distributed denial-of-service attacks to obtain the target's IP information. (single selection).
Which is the correct order for IPS to process traffic? (single selection).
When it is not in the same deployment as the log server, only FW can send conference logs to the log server through the IPSec tunnel and GRE tunnel (single selection).
Right to request rectification by the data controller Which right of the data subject does the data subject belong to the completion of inaccurate/incomplete personal data? (single selection).
The following description of information security training Which items are correct? (multiple selection).
The following describes the service identification Which item ◊ (single selection) is wrong
Which of the following options are the main dangers of computer Trojans?
Which of the following services are security management services in HUAWEI CLOUD solutions?
In the following description of IPv6 security features, which one is wrong? (single selection).
As IPv6 DNS and other related protocols are designed for security
B. IPv6 addresses can be generated by encryption However, privacy headers are not supported
C. AH, and ES can be used as extension headers for IPv6 IPsec is used for additional security.
D. The IPv6 address is 128 bits to ensure that the source address is trusted
With the following description of the load balancing feature of USG Firewall Server, what are the correct items?
The following describes vulnerabilities and identification and assessment Which one is incorrect? (single selection).
The following describes the guiding principles for information security management Which one is incorrect? (single selection).
At this time, there is no defense against C&C attacks that use TLS for encryption
NIP's service interfaces are all working at Layer 2, which can not change the customer's existing network topology. It provides direct and transparent access to the customer network In addition, the default threat protection policy is configured, and protection can be started after connecting to the network.
Which of the following options allows complete destruction of data, (multiple selection)
Which of the following behaviors does not pose an information security risk. (Single selection)
USG firewall's DDoS attack prevention techniques include which of the following?
Let's see which devices can be used as Huawei CIS (Cybersecurity Intelligence system.). Trapping probes in network security intelligence systems?
How does the following not belong to the firewall to detect viruses? (single selection).
The global nature of the Internet exposes Teb services to attacks of varying sizes, sizes, and sophistications So which of the following options can secure Web services?
If the attacker uses a fake address to launch a TCP flood attack Which of the following defenses is most effective? (single).
Common database security audit techniques according to technical characteristics What are the categories that can be divided into? (multiple selection).
A backdoor is a hacking method that obtains access to a program or system from a relatively stealthy channel But it does not overrule the security controls of the software.
The purpose of access control is to provide access to authorized subjects and prevent any unauthorized and intentional access.
The following describes the USG firewall VRRP backup group status, which one is wrong
Which of the following access control types is defined according to the organization's security policy or (single-select).
NIP provides security mechanisms from multiple levels such as administrators and logs to build the security of operation and maintenance Which of the following security options are included?
Which of the following options is a major cause of business disruption in the cloud? (multiple selection).