HCIA – Security certification covers the basic knowledge and skills in enterprise network security. HCIA- Security certificate holders are able to perform basic O & M and management operations related to enterprise network security.
HCIA – Security is intended for the development of network security professionals who are familiar with network security basics and have practical skills and experience in inter working network security equipment. The HCIA – Security certification focuses on firewall and terminal security.
HCIA – Security certified engineers are able to perform basic firewall planning and deployment, as well as basic Agile Controller operations and deployment.
Q1). The source socket includes source IP address, source port, and destination IP address.
2. The Protocol field of IP packet headers identifies the upper-layer protocol. If the field value is 6, the upper-layer protocol is TCP. If the field value is 17, the upper-layer protocol is UDP.
3. IN SYN flood attacks, an attacker sends a large number of SYN packets to the server but does not acknowledge the SYN-ACK packets. Therefore, the server maintains a lot of half-open TCP connections, exhausting the server resources.
4. Stateful inspection firewalls create and maintain session tables to keep track of TCP and UDP sessions and use security policies to control which sessions can be created. Only the packets associated with the created sessions are forwarded.
5. In network security, attacks can undermine network resources and make them invalid or unavailable. Such attacks are targeted at
6. Which of the following items is not included in a server map entry of the USG series?
- Destination IP address
- Destination port
- Source IP address
7. Which of the following zones can be deleted?
- Security Zone
- Trust Zone
- Untrust Zone
- DMZ Zone
8. Which of the following statements about buffer overflow attacks are correct? (Select 3 Answers)
- Buffer overflow attacks use software system memory operation defects with high operating privileges to run attack code.
- Operating system vulnerabilities and architecture will not cause buffer overflow attacks.
- The buffer overflow attack is one of the most common methods for attacking software systems.
- The buffer overflow attack is a type of application-layer attack.
9. Stateful inspection firewalls forward subsequent packets (subsequent packets) mainly based on _______?
- Route table
- MAC address table
- Session table
- FIB table
10. Which of the following Layer-3 VPN is more secure?
11. Which of the following statements about ARP spoofing attacks is incorrect?
- The ARP mechanism checks only normal packet interactions.
- ARP spoofing attacks are implemented only through ARP replies.
- When a host sends a normal ARP request, an attacker responds before the server responds, causing the host to establish an incorrect mapping between the IP and MAC addresses.
- ARP static binding can be used to defend against ARP spoofing attacks, and it is used mainly on small-scale networks.
12. ACL 2009 is
- A basic ACL
- An advanced ACL
- A MAC-based ACL
- A time-based ACL
13. Which of the following IP address ranges is the one defined in the rule permit ip source 192.168.11.32 0.0.0.31 command?
14. Which of the following algorithms uses the same key for encryption and decryption?
- RSA (1024)
15. In GRE VPN, which of the following protocols is an encapsulation protocol?
16. Which of the following modes is an IKE mode in the second phase?
- Main mode
- Aggressive mode
- Quick mode
- Passive mode
17. Which one of the following protocols is a multi-channel protocol?
18. What features does the NAT technology have?
- NAT hides private IP addresses and improves network security.
- NAT does not support NAPT for private IP addresses.
- The IP address translation is transparent for both private and public network users. Users cannot percept the translation process.
- If bidirectional NAT is configured, external users can access the resources on the private network without any restriction.
19. What does AAA mean? (Select 3 Answers )
20. Which of the following algorithms are encryption algorithms? (Select 2 Answers )
21. Which of following statements about IDS are correct? (Select 3 Answers )
- The IDS dynamically collects a large volume of key information and analyzes and identifies the status of the entire system.
- The IDS can block detected policy breaches and attacks.
- The IDS system is comprised of all software and hardware systems for intrusion detection.
- The IDS system can function with firewalls and switches to better control external access.
22. Which of the following user access and authentication methods are supported by the Policy Center system? (Select 3 Answers )
- Web, identify authentication
- WebAgent, identify authentication and part of security authentication
- Agent, identify authentication and security authentication
- Network access without authentication
23. To enable employees on a business trip to access the intranet file server, which of the following SSL VPN functions is the optimal solution?
- Web proxy
- File sharing
- Port forwarding
- Network extension
24. Which of the following protocols are used by SSL? (Select 3 Answers)
- Handshake protocol
- Record protocol
- Alert protocol
- Heartbeat protocol
25. Which of the following headers contains a VLAN tag?
- Ethernet Frame
- IP header
- TCP header
- UDP header
26. Which of the following is not a major feature of the information security system? (single choice)
27. Which of the following statements are true about the functions of the “allow l2tp virtual-template 0 remote client” command in L2TP configuration? (multiple choice)
- This command specifies the virtual interface template to be used.
- This command specifies the peer tunnel name.
- This command specifies the local tunnel name.
- You do not need to specify the tunnel name in certain cases.
28. Checking the system running status, collecting system fault information, and detecting
information security incidents are all actions in cyber security emergency response. Which of the following phases do these actions belong to? (single choice)
- Preparation phase
- Detection phase
- Response phase
- Recovery phase
29. Which of the following statements are true about the signature in certificate content? (multiple choice)
- It indicates the encryption result of the public key.
- It indicates the encryption result of the certificate information.
- It is generated by encrypting the private key of the certificate issuer.
- It is generated by encrypting the private key of the public key owner.
30. Which of the following statements are false about the IPsec VPN key generation mode? (multiple choice)
- The key can be manually configured.
- The key can be generated using IKE.
- The key generated using IKE can be periodically changed.
- The key generated during IKE negotiation cannot be used to authenticate identity information.
31. Which of the following is an analysis layer device in the Huawei SDSec solution? (single choice)
- Agile Controller
32. Which of the following is not a state of the Huawei Redundancy Protocol (HRP) heartbeat interface? (single choice)
33. When a cyber security issue occurs, the severity of the issue must be determined first and immediately reported. (single choice)
34. Which of the following methods can be used by an administrator to log in to Huawei routers for the first time? (single choice)
35. In the ARP address resolution process, ARP-Reply packets are sent in broadcast mode. All hosts on the same Layer 2 network can receive these packets and learn the mapping between IP and MAC addresses from them. (single choice)
36. When intranet users access the Internet, you can configure a source NAT policy in the easy-ip format. (single choice)
37. Which of the following password settings is the most secure? (single choice)
- Digits only
- Letters only
- Digits+letters+special characters
38. Which of the following is not a risk identification phase in risk assessment of ISO 27001? (single choice)
- Risk avoidance
- Weaknesses identification and assessment
- Penetration test
- Network architecture analysis
39. Which of the following statements is false about iptables? (single choice)
- A: iptables is a free packet filtering firewall.
- The table of iptables consists of chains, and a chain consists of rules.
- A Linux firewall consists of netfilter and iptables.
- The table processing priority is mangle > raw > nat > filter.
40. A vulnerability is usually called a virus. (single choice)
41. Which layer of the OSI model can encrypt data formats and data? (single choice)
- Application layer
- Presentation layer
- Session layer
- Transport layer
42. Which of the following are included in AAA? (multiple choice)
43. Which of the following statements are true about penetration test steps? (multiple choice)
- Collect information and analyze network conditions before a penetration test.
- Escalate access control rights for implementing a penetration test.
- After a penetration test is complete, directly output a test report.
- Provide security suggestions after a test report is output.
44. Which of the following statements is true about antivirus software? (single choice)
- A: The virus library of antivirus software usually lags behind computer viruses.
- Good antivirus software can kill all viruses.
- Antivirus software can kill all found viruses.
- Computers that have antivirus software installed will not be infected by viruses.
45. Which of the following actions should be taken in the recovery phase of cyber security emergency response? (multiple choice)
- Continuously monitor the devices that go online again to learn their running status.
- Set an isolation zone, summarize data, and estimate loss.
- Restore the configuration of the damaged network devices and back up all changes.
- Set up management and technical teams and assign responsibilities to personnel.