1. In the Windows system, open ( ) (please capitalize if it involves English) service to provide WEB services to the outside world.
Correct answer: IIS
2. After the dump log is compressed, it can save ( ) space compared with the online log.
Correct Answer: 75%
3. DAS system administrators can view system user operation logs, authority logs () logs, and statistical reports.
Correct answer: session
4. The "General Data Protection Regulation" (abbreviation, GDPR) is a data protection regulation for individuals promulgated by () (country/organization).
Correct Answer: European Union
5. Normally, if the host has opened port 3389, it means that the host is probably the () (lowercase English letter) system host.
Correct answer: windows
6. The DNS transparent proxy function can modify the () address of the DNS request message to realize the redirection of the DNS server.
Correct answer: purpose
7. The user classification on the firewall is mainly divided into three categories, namely access users, ( ) users and administrators.
Correct answer: Internet access
8. The FW can regularly update the intrusion prevention signature database through the ( ) platform.
Correct Answer: Upgrade Center
9. The user organization structure in Huawei Firewall is a tree organization structure, the top node is "authentication domain", where ( ) (lowercase English letters) authentication domain is the default authentication domain of the device.
Correct answer: default
10. The DNS filtering function is to filter the ( ) in the DNS request message, allowing or prohibiting users to visit certain websites, so as to achieve the purpose of standardizing online behavior.
Correct answer: domain name
11. If the original data is 5000, and you want to desensitize the data by adding a fixed offset value of 2000, the desensitized data is ()
Correct answer: 7000
Answer analysis:
Offset: It is a special form of noise addition, which adds a fixed value to the original data.
12. "Eternal Blue" uses Windows system () (if it involves English, please capitalize) service vulnerabilities to spread.
Correct answer: SMB
13. The personal information protection regulations passed by the European Union ( ) protection regulations (capital English letters) are called "the most stringent data protection regulations in history".
Correct answer: GDPR
14. CIS is a situational awareness system launched by Huawei, which mainly relies on () analysis and machine learning technology, which can be used to defend against API attacks.
Correct Answer: Big Data
Answer analysis:
CIS is a situational awareness system launched by Huawei. It uses the latest big data analysis and machine learning technology and can be used to defend against APT attacks. It extracts key information from massive data, and through multi-dimensional risk assessment, uses big data analysis methods to correlate single-point abnormal behaviors, thereby restoring the APT attack chain, accurately identifying and defending against APT attacks, and avoiding the loss of core information assets.
15. Turn on the intrusion prevention function on the FW, and give an alarm or (full Chinese) to the intrusion behavior.
Correct answer: block
16. The general requirements for graded protection version 2.0 include technical requirements and () requirements.
Correct answer: management
17. The default web service timeout time of IPS equipment is () minutes.
Correct answer: 5
18. The length of an IPv6 address is 128 bits, and each () (number) bit is divided into one segment.
Correct answer: 16
19. The IM behavior in firewall application behavior control refers to () (capital English letters) software login behavior control.
Correct answer: QQ
20. ( ) (capital English letters) divides security management into four parts: planning, implementation, inspection, and improvement. Continuous improvement of information security protection measures is the most important part of enterprise security construction.
Correct answer: PDCA
21. The () launched by Huawei uses the latest big data analysis and machine learning technology, which can resist APT attacks. (English, all uppercase)
Correct answer: CIS
22. If the administrator needs to set certain signatures as different actions from the filter, these signatures can be introduced into the () signature and the actions can be configured separately. (full Chinese)
Correct answer: exception
23. The basic attributes of information security include ( ) ( ) availability and non-repudiation
Correct Answer: Confidentiality | Integrity
24. ( ) usually compares the characteristics of virus files with the virus signature database, so as to identify virus files. (full Chinese)
Correct answer: Antivirus system
Answer analysis:
Antivirus (Antivirus) is a security mechanism, which can identify and process virus files through virus signature detection, avoiding data destruction caused by virus files, and making permissions more secure. The anti-virus function relies on the huge and constantly updated virus signature database to effectively protect intranet users and servers from virus files. Deploy virus detection equipment at the network egress to protect the virus.
25. There are three main risks in data security: data availability risk, data confidentiality risk and data () risk.
Correct answer: integrity
26. P2DR model is a representative model of dynamic network security system. It includes four main parts: security policy, protection, detection and ()
Correct Answer: Response
27. After purchasing a license with the intrusion prevention upgrade function, users can continuously obtain new () feature libraries from the security center platform (full English, capitalized)
Correct answer: IPS
28. The ISO27001 standard can be used in the construction and implementation of the organization's information security management. It adopts the () (capital English letters) process method, based on the risk management concept of risk assessment, to comprehensively and continuously improve the organization's information security management.
Correct answer: PDCA
Answer analysis: The ISO2701 standard can be used for the construction and implementation of the organization's information security management. It ensures the organization's information security in all aspects through the management system. It adopts the PDCA process method and the risk management concept based on risk assessment to comprehensively and continuously improve the organization's information security management.
29. Penetration testing is divided into white box testing and () testing
Correct answer: black box
30. The web services deployed by users on the cloud are often affected by CC attacks, SQL injection attacks and other application layer attacks, so we recommend deploying () (capital letters) devices to protect customers' web applications.
Correct answer: WAF
31. The TLS protocol consists of two parts, including the handshake protocol and the () (answer in Chinese) protocol
Correct answer: record
32. The deployment methods of IPS include direct deployment, bypass deployment and () deployment.
Correct answer: single arm
33. At present, the most effective way to defend against APT attacks is mainly () technology.
Correct Answer: Sandbox (FireHunter)
Analysis: It depends on whether the title is in Chinese or English
34. The common drainage methods of Anti-DDos system are dynamic drainage and () drainage.
Correct answer: static
35. WAF can use the () function to automatically generate whitelist rules for the probability statistics algorithm of access traffic, which can solve the 0day attack that is difficult to defend against traditional blacklists.
Correct answer: self-learning
36. Custom keywords are keywords customized by the administrator and need to be detected. There are two ways () and regular expressions.
Correct answer: text
37. The _____ (capital English letters) capability framework model includes five capabilities: risk identification, security defense, security detection, security response, and security recovery.
Correct answer: IPDRR
38. The graded protection is divided into () levels, and the graded protection is divided into () levels
Correct answer: 5|3
Answer analysis: The five grades of protection are the first level for independent protection, the second level for guidance protection, the third level for supervision protection, the fourth level for compulsory protection, and the fifth level for special control protection.
Hierarchical protection is divided into three levels: Secret, Confidential, and Top Secret.
39. Construct an isolated threat detection environment through () technology, and then send network traffic into the environment for isolation analysis and finally give a conclusion whether there is a threat. If a traffic is detected as malicious traffic, the firewall can be notified to block it. (full Chinese, equipment)
Correct Answer: Sandbox
40. HUAWEI CLOUD Vulnerability Scanning Service (VsS) is a security detection service for website vulnerability scanning. It uses () technology to comprehensively penetrate crawler website URLs, analyze website details one by one, and help users discover potential security risks of websites.
Correct answer: web crawler
41. The triggering methods of Portal authentication built in the firewall include pre-authentication and ( ) authentication.
Correct answer: session
42. CIS can cooperate with Agile Controller, switches, and firewalls to implement linkage threat blocking, and the relevant authentication execution point devices need to support () (uppercase English letters) protocol reception blocking strategy.
Correct answer: HTTPS
43. The main mode of transmission of viruses is infection ().
Correct answer: file
44. () Encryption technology means that only plaintext data can be encrypted, but not decrypted.
Correct answer: one way
45. The goal of () is to actively lure the attacker into the quagmire after the attacker enters the network through technical means, and improve the hit rate in a limited simulation environment. (full Chinese)
Correct Answer: Aggressive induction
46. The triggering methods of the built-in Portal authentication in the firewall include session authentication and ( ) authentication.
Correct answer: beforehand
47. The process of the traffic accessing the web server returning to the source site through Huawei Cloud WAF is called () (in Chinese).
Correct answer: back to the source
48. () Developed based on the mature self-developed commercial big data platform FusionInsight, combined with intelligent detection algorithms, it can conduct multi-latitude massive data correlation analysis, actively discover various security threats in real time, and restore the attack behavior of the entire APT attack chain. (Full English)
Correct answer: CIS
49. () Virus scanning can be performed on uploaded and downloaded files to prevent intranet PCs from being infected with viruses. (full English equipment)
Correct answer: NIP
50. Through ( ), the attack traffic that the attacker tries to access normal assets can be actively forwarded to the simulation environment. (full Chinese)
Correct answer: traffic forwarding
51. Units such as military industry, electric power, and finance that have specific requirements for network security and meet the confidentiality level of protection, should meet the requirements of the security () level when designing the network.
Correct answer: four
52. SecoManager sends the security policy to the firewall through the () (lowercase English letters) channel.
Correct answer: netconf
Answer analysis: The data center security linkage solution provides the capability of centralized management of security services. SecoManager can automatically discover devices, perform configuration consistency checks, and visualize configuration differences. The firewall opens the northbound API, and SecoManager sends the security policy to the firewall through the NETCONF channel to realize automatic implementation and deployment of the security policy. Security services can help customers prevent, monitor and discover security risks of hosts or sites and systems, provide solutions and authoritative reports, and repair attacked systems in a timely manner. In addition, one-stop services such as security and safety can also be provided.
53. Data () technology refers to the transformation and modification of sensitive data under given conditions, which can largely solve the problem of using sensitive data in an uncontrollable environment.
Correct answer: Desensitization
Answer analysis:
Data desensitization, also known as data de-privacy, or data deformation, is a technical mechanism for transforming and modifying sensitive data under given rules and policies, which can largely solve the problem of sensitive data being uncontrollable. The environment in which the problem is used is one of the database security techniques.
54. HTTP messages are divided into () (Chinese) messages and response messages.
Correct answer: request
55. File operations such as program creation, modification, deletion, and reading in () will not affect the real files in the system, (full Chinese, equipment)
Correct Answer: Sandbox
56. In the Huawei cloud solution, the anti-DDos high-defense IP service belongs to the network security service, and the cloud bastion machine belongs to the () (Chinese) service.
The correct answer is: operation and maintenance management
Answer analysis:
The bastion host currently supports two service modules: cloud bastion host instance and operation and maintenance expert service. The cloud bastion machine instance corresponds to an independently running cloud bastion machine system. The cloud bastion machine system has core system operation and maintenance and full audit control functions, meets the requirements of security compliance review, and provides users with a safe and unified operation and maintenance management platform.
57. () It can intercept Trojan horse or disc program activities based on vulnerability attacks, and protect the privacy, identity and other key data information of office computers. (full English uppercase, equipment)
Correct answer: NIP
58. In Huawei's HiSec solution, _____ (capital English letters) equipment is responsible for advanced threat analysis, visibility of the entire network situation, and joint delivery of threat defense.
Correct answer: CIS
59. The four deployment modes of cloud computing include private cloud, industry cloud, public cloud and ()
Correct Answer: Hybrid Cloud
60. The FW can regularly update the intrusion prevention signature database through the ( ) platform.
Correct Answer: Upgrade Center
61. WAF equipment supports the protection of http and () (lowercase English letters) protocols.
Correct answer: https
Answer analysis: WAF advantages In order to solve the security threats faced by Web business systems, WAF products came into being. WAF has the following advantages: it can analyze HTTP/HTTPS traffic, can effectively identify and can completely record HTP request header, request content, response header, and response content.
62. There are two main deployment methods of WAF: transparent proxy and () proxy.
Correct answer: reverse
Answer Analysis:
Transparent Proxy Deployment Reverse Proxy Deployment
63. K-anonymity technology means that the number of records in each group is K, that is, when an attacker targeting big data performs a link attack, the attack on any record will be associated with _______ (the letters in the formula are capitalized )Records.
Correct answer: K-1
Answer analysis:
