Q1

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 25

Take Test: Exam of Security

Content
Assistive Technology Tips [opens in new window]

Test Information

Instructions

Description
Instructions
Timed Test This test has a time limit of 1 hour and 30 minutes.This test will save and
submit automatically when the time expires.
Warnings appear when half the time, 5 minutes, 1 minute, and 30 seconds
remain.
Multiple This test allows multiple attempts.
Attempts
Force Once started, this test must be completed in one sitting. Do not leave the test
Completion before clicking Save and Submit.

Remaining Time:

1 hour, 29 minutes, 39 seconds.

Question 1

1. Proxy firewalls work at the transport layer and can process services between intranets and
the Internet.

True

False
1 points

Question 2

1. Stateful inspection firewalls create and maintain session tables to keep track of TCP and
UDP sessions and use security policies to control which sessions can be created. Only the
packets associated with the created sessions are forwarded.

True

False

1 points

Question 3

1. The IP-Link function of the USGs can be used only with hot backup.

True

False

1 points

Question 4

1. "HRP interface only can use layer 3 interfaces, no matter the physical interface or logic
interface. "
True

False

1 points

Question 5

1. "The Protocol field of IP packet headers identifies the upper-layer protocol. If the field
value is 6, the upper-layer protocol is TCP. If the field value is 17, the upper-layer
protocol is UDP."

True

False

1 points

Question 6

1. "For a encryption algorithm, a longer key takes more time to crack."

True
False

1 points

Question 7

1. "The source socket includes source IP address, source port, and destination IP address. "

True

False

1 points

Question 8

1. SSL can provide secure connections for Hypertext Transfer Protocol (HTTP).

True

False

1 points
Question 9

1. IKE enables key exchange negotiation and SA establishment to simply the use and
management of IPSec.

True

False

1 points

Question 10

1. ASPF enables firewalls to monitor multi-channel protocols.

True

False

1 points

Question 11

1. "In GRE VPN, which of the following protocols is an encapsulation protocol?"


GRE

IPX

IP

NetBEUI

3 points

Question 12

1. Which one of the following protocols is a multi-channel protocol?

FTP

Telnet

HTTP
SMTP

3 points

Question 13

1. Which of the following option is not the feature of IPSec AH protocol?

Anti-replay

Authenticity

Confidentiality

Data integrity

3 points

Question 14

1. Which one of the following orders about the firewall packet forwarding process is
correct? 1. check Security Policy. 2. Check Routing table. 3. Check Server-map. 4.
Check NAT policy
2-4-1-3

2-3-4-1

3-2-1-4

4-2-1-3

3 points

Question 15

1. Which one of the following functions is not supported by SSL VPN?

Web push

Port forwarding

File sharing
Network extension

3 points

Question 16

1. Which of the following Layer-3 VPN is more secure?

GRE

PPTP

IPSec

L2F

3 points

Question 17

1. Stateful inspection firewalls forward subsequent packets (non-first packets) mainly based
on _______?
Routing table

MAC address table

Session table

FIB table

3 points

Question 18

1. Stateful inspection firewalls forward subsequent packets (subsequent packets) mainly


based on _______?

Route table

MAC address table

Session table
FIB table

3 points

Question 19

1. Which of the following zone can be deleted?

Security

Trust

DMZ

Local

3 points

Question 20

1. Which of the following items is not included in a server map entry of the USG series?
Destination IP address

Destination port

Protocol

Source IP address

3 points

Question 21

1. Which of the following option does not belong to symmetric encryption algorithm?

DES

3DES

AES
RSA

3 points

Question 22

1. Which of the following option is not included in network layer attack?

IP spoofing

Smurf attacks

ARP spoofing

ICMP flood attacks

3 points

Question 23

1. Which of the following algorithms uses the same key for encryption and decryption?
DES

RSA (1024)

MD5

SHA-1

3 points

Question 24

1. "In IKE negotiate phase 1, which of the following IKE v1 modes cannot provide identity
protection?"

Main mode

Aggressive mode

Quick mode
Passive mode

3 points

Question 25

1. What is the security level of trust zone?

100

85

50

3 points

Question 26

1. Which of the following option the protocol number of AH?


49

50

51

52

3 points

Question 27

1. Which type of firewall is the most efficient in forwarding non-first packet data?

Packet filtering firewall

Proxy firewall

Stateful inspection firewall


Software firewall

3 points

Question 28

1. "In firewall hot backup networking, in order to achieve overall status switching, which
protocol is needed?"

VRRP

VGMP

HRP

IGMP

3 points

Question 29

1. ACL 2009 is ( )
A basic ACL

An advanced ACL

A MAC-based ACL

A time-based ACL

3 points

Question 30

1. "To enable employees on a business trip to access the intranet file server, which of the
following SSL VPN functions is the optimal solution?"

Web proxy

File sharing

Port forwarding
Network extension

3 points

Question 31

1. Which of the following algorithms are encryption algorithms?

DES

3DES

SHA-1

MD5

3 points

Question 32

1. Which of the following capabilities can encryption provide?


Confidentiality

Integrity

Non-repudiation

Scalability

3 points

Question 33

1. Which of the following items are combined to uniquely identify an SA?

SPI

Source IP address

Destination IP address
Security protocol number

3 points

Question 34

1. Which of following statements about IDS are correct?

The IDS dynamically collects a large volume of key information and


analyzes and identifies the status of the entire system.

The IDS can block detected policy breaches and attacks.

The IDS system is comprised of all software and hardware systems for
intrusion detection.

The IDS system can function with firewalls and switches to better control
external access.

3 points

Question 35

1. The features of IPS include:


Online mode

Real-time prevention

Auto-learning and auto-sensing

In-line deployment

3 points

Question 36

1. Which information can be backed up by HRP?

TCP/UDP session table

Server map entry

Dynamic blacklist
Routing table

3 points

Question 37

1. Which of the following scenarios can IP-link be applied to?

Link aggregation

Static routing

Hot backup

Persistent connection

3 points

Question 38

1. Which of following user authentication methods are supported by the terminal security
system?
IP address authentication

MAC address authentication

User name/Password authentication

LDAP authentication

3 points

Question 39

1. What does AAA mean?

Authentication

Authorization

Accounting
Audit

3 points

Question 40

1. Which of the following VPN access methods are suitable for mobile working?

L2TP VPN

GRE VPN

IPSec VPN

SSL VPN

3 points

Click Save and Submit to save and submit. Click Save All Answers to save all answers.

You might also like