1184 お客様のコメント
質問 1:
VGMP unified management of VRRP backup group status, the priority of VGMP management group Active is 65001, and the priority of Standby is 65000. When the VGMP management group monitors the interface Down through the VRRP backup group or directly, the priority of the VGMP management group will be recalculated. When each interface is Down, the priority of the VGMP management group decreases by 2.
A. TRUE
B. FALSE
正解:A
質問 2:
A network needs to replace the dual-system hot-standby USG_A and USG_B due to the network upgrade of the new hardware USG. Without affecting the business, how to upgrade:
USG_A is the Active device, and USG_B is the Standby device.
Which of the following are the correct cutover steps?
① Connect the 5th line to the new USG_B in turn.
② Connect lines 1 , 2 , and 3 from the old USG_A to the new USG A in turn,
③ Power on the new USG_B and the new USG_A, and import the configuration.
④ Input undo hrp enable in USG_B, and cut off lines 4, 5, and 3 in turn.
⑤ Adjust the routing cost so that all traffic passes through USB_B.
⑥ Enter hrp enable for new USG_A and new USG_B to adjust routing cost to meet expectations.
A. ③ -> ④ -> ① -> ② -> ⑥ -> ⑤
B. ③ -> ④ -> ⑤ -> ① -> ② -> ⑥
C. ④ -> ① -> ⑤ -> ③ -> ② -> ⑥
D. ③ -> ④ -> ① -> ⑤ -> ② -> ⑥
正解:D
質問 3:
On the USG stateful inspection firewall, if the administrator sets the security policy for data packets from Trust to Untrust to permit, and the security policy for data packets in the opposite direction to deny, the final result is:
A. Terminals in the Untrust zone cannot actively initiate connections to terminals in the Trust zone, but the returned packets in the Trust zone can pass normally.
B. Terminals in the Trust zone can actively initiate connections to terminals in the Untrust zone, and even the packets returned by Untrust can pass normally.
C. Terminals in the Untrust zone cannot actively initiate connections to terminals in the Trust zone, and can only passively connect to connections initiated by users in the Trust zone.
D. Terminals in the Trust zone can actively initiate connections to terminals in the Untrust zone, but the packets returned by Untrust cannot pass normally.
正解:B,C
質問 4:
Which of the following commands cannot be backed up in the command backup function of the firewall's dual-system hot backup?
A. IPS command
B. routing table
C. Forwarding Policy Commands
D. IP address configuration
正解:B,D
質問 5:
Which of the following statements about hot standby is correct?
A. If the preemption time is set too long, the switch operation will not be performed immediately when the USG fails.
B. The preemption operation is always started only after the failure recovery or the restart of the primary USG is completed.
C. hrp auto-sync config , which will manually back up the commands configured on the primary USG to the secondary USG.
D. The vrrp vrids of the interfaces corresponding to the heartbeat lines on the two USGs may be different.
正解:B
質問 6:
Which of the following options fall under the scope of visitor management?
A. Guest Account Approval
B. Visitor page customization
C. Visitor online behavior audit
D. The guest uses the account to authenticate
E. Guest Account Creation
F. Visitors register on the registration page
正解:A,B,C,E
質問 7:
Which authentication methods does L2TP over IPsec dial-up support?
A. Radius
B. Support local authentication
C. TSM Certified
D. PEAP authentication
E. LDAP
正解:A,B,E
質問 8:
If the content of the visited web page contains filtered content, what will be the result?
A. Displays "The page has been filtered".
B. Displays "Cannot open webpage"
C. The filter content is deleted and will not be displayed.
D. The filter content is replaced by "*".
正解:B
質問 9:
What is the matching priority order of the URL filtering of the USG firewall?
A. Blacklist, Whitelist, Custom Classification, Predefined Classification
B. Whitelist, Blacklist, Custom Classification, Predefined Classification
C. Whitelist, Blacklist, Predefined Classification, Custom Classification
D. blacklist, whitelist, predefined classification, custom classification
正解:B
VGMP unified management of VRRP backup group status, the priority of VGMP management group Active is 65001, and the priority of Standby is 65000. When the VGMP management group monitors the interface Down through the VRRP backup group or directly, the priority of the VGMP management group will be recalculated. When each interface is Down, the priority of the VGMP management group decreases by 2.
A. TRUE
B. FALSE
正解:A
質問 2:
A network needs to replace the dual-system hot-standby USG_A and USG_B due to the network upgrade of the new hardware USG. Without affecting the business, how to upgrade:
USG_A is the Active device, and USG_B is the Standby device.
Which of the following are the correct cutover steps?
① Connect the 5th line to the new USG_B in turn.
② Connect lines 1 , 2 , and 3 from the old USG_A to the new USG A in turn,
③ Power on the new USG_B and the new USG_A, and import the configuration.
④ Input undo hrp enable in USG_B, and cut off lines 4, 5, and 3 in turn.
⑤ Adjust the routing cost so that all traffic passes through USB_B.
⑥ Enter hrp enable for new USG_A and new USG_B to adjust routing cost to meet expectations.
A. ③ -> ④ -> ① -> ② -> ⑥ -> ⑤
B. ③ -> ④ -> ⑤ -> ① -> ② -> ⑥
C. ④ -> ① -> ⑤ -> ③ -> ② -> ⑥
D. ③ -> ④ -> ① -> ⑤ -> ② -> ⑥
正解:D
質問 3:
On the USG stateful inspection firewall, if the administrator sets the security policy for data packets from Trust to Untrust to permit, and the security policy for data packets in the opposite direction to deny, the final result is:
A. Terminals in the Untrust zone cannot actively initiate connections to terminals in the Trust zone, but the returned packets in the Trust zone can pass normally.
B. Terminals in the Trust zone can actively initiate connections to terminals in the Untrust zone, and even the packets returned by Untrust can pass normally.
C. Terminals in the Untrust zone cannot actively initiate connections to terminals in the Trust zone, and can only passively connect to connections initiated by users in the Trust zone.
D. Terminals in the Trust zone can actively initiate connections to terminals in the Untrust zone, but the packets returned by Untrust cannot pass normally.
正解:B,C
質問 4:
Which of the following commands cannot be backed up in the command backup function of the firewall's dual-system hot backup?
A. IPS command
B. routing table
C. Forwarding Policy Commands
D. IP address configuration
正解:B,D
質問 5:
Which of the following statements about hot standby is correct?
A. If the preemption time is set too long, the switch operation will not be performed immediately when the USG fails.
B. The preemption operation is always started only after the failure recovery or the restart of the primary USG is completed.
C. hrp auto-sync config , which will manually back up the commands configured on the primary USG to the secondary USG.
D. The vrrp vrids of the interfaces corresponding to the heartbeat lines on the two USGs may be different.
正解:B
質問 6:
Which of the following options fall under the scope of visitor management?
A. Guest Account Approval
B. Visitor page customization
C. Visitor online behavior audit
D. The guest uses the account to authenticate
E. Guest Account Creation
F. Visitors register on the registration page
正解:A,B,C,E
質問 7:
Which authentication methods does L2TP over IPsec dial-up support?
A. Radius
B. Support local authentication
C. TSM Certified
D. PEAP authentication
E. LDAP
正解:A,B,E
質問 8:
If the content of the visited web page contains filtered content, what will be the result?
A. Displays "The page has been filtered".
B. Displays "Cannot open webpage"
C. The filter content is deleted and will not be displayed.
D. The filter content is replaced by "*".
正解:B
質問 9:
What is the matching priority order of the URL filtering of the USG firewall?
A. Blacklist, Whitelist, Custom Classification, Predefined Classification
B. Whitelist, Blacklist, Custom Classification, Predefined Classification
C. Whitelist, Blacklist, Predefined Classification, Custom Classification
D. blacklist, whitelist, predefined classification, custom classification
正解:B
宫前** -
解釈でわかりやく内容を明示。つまづきやすいポイントをフォローしてくれてる。H12-731-ENU試験用のテキストです。