Q - 91 Which of the Following Functions Are Provided by HUAWEI CLOUD VPC?

  1. Customizing CIDR blocks
  2. Customizing access control policies
  3. Accessing the Internet using EIPs
  4. Connecting a local data center using a VPN or Direct Connect connection

Answer: ALL

Q - 92 Which of the Following CIDR blocks care available for VPC Service?

  1. 10.0.0.0/8
  2. 0.0.0.0/32
  3. 172.16.0.0/16
  4. 192.168.0.0/16

Answer: A & C & D

Q - 93 Which of the following cannot be configured in a VPC?

  1. Security group
  2. Elastic IP address
  3. Bandwidth
  4. Load balancing

Answer: D

Q - 94 Which port must be opened by an inbound security group rule to enable RDP access to a created Windows ECS?

  1. 3389
  2. 80
  3. 37
  4. 53

Answer: A

Q - 95 Which of the following must be configured to enable an ECS without a bound EIP to access the Internet through an ECS with a bound EIP?

  1. Virtual Table
  2. Route table
  3. Shared bandwidth
  4. Load balancing

Answer: B

Q - 96 How many network interface cards (NICs) does an ECS functioning as a SNAT server require?

  1. 1
  2. 2
  3. 3
  4. 4

Answer: A

Q - 97 Which of the following true for the default security group rule?

  1. All outbound traffic is allowed, and ECSs associated with the same security group can access each other.
  2. All inbound traffic is denyed, and ECSs associated with the same security group can access each other.
  3. All forward traffic is allowed, and ECSs associated with the same security group cannot access each other.
  4. All inbound traffic is denyed, and ECSs associated with the same security group cannot access each other.

Answer: A

Q - 98 In a VPC to communicate with a host in a private data center, Which of the following can enable an ECS?

  1. Internet connection
  2. VPN
  3. VPC peering connection
  4. Routing

Answer: B

Q - 99 Which of the following is optional when you create a subnet?

  1. Name
  2. CIDR block
  3. Internet Gateway
  4. Tag

Answer: D

Q - 100 Which of the following EIP types must you choose, If you have high requirements on network stability and availability

  1. Static BGP
  2. Dynamic BGP
  3. Static OSPF
  4. Dynamic OSPF

Answer: B

Q - 101 Which of the following CIDR blocks is not supported by the VPC service?

  1. 10.0.0.0 – 10.255.255.255
  2. 172.16.0.0 – 172.31.255.255
  3. 192.168.0.0 – 192.168.255.255
  4. 255.255.0.0 – 255.255.255.255

Answer: D

Q - 102 Which of the following are VPC features?

  1. Secure isolation
  2. Flexible deployment
  3. Dynamic BGP
  4. Hybrid deployment

Answer: ALL

Q - 103 Which of the following is NOT a component of the ELB service?

  1. Firewall
  2. Load Balancer
  3. Listener
  4. Instance

Answer: A

Q - 104 Which of the following functions are supported by ELB?

  1. Creating a load balancer
  2. Deleting a load balancer
  3. Querying a load balancer
  4. Adjusting the bandwidth

Answer: ALL

Q - 105 Which of the following items is not required for adding a listener to a load balancer?

  1. A frontend protocol and port
  2. A VPC
  3. A certificate
  4. A load balancing algorithm

Answer: B

Q - 106 Which of the following load balancing algorithms are provided by ELB?

  1. Weighted round robin
  2. Weighted least connections
  3. Encryption algorithm
  4. Weighted

Answer: A & B

Q - 107 Which of the following protocols requires certificates?

  1. CP
  2. DP
  3. TTP
  4. TTPS

Answer: D

Q - 108 Which of the following protocols does ELB support

  1. CP
  2. DP
  3. TTP
  4. TTPS

Answer: ALL

Q - 109 Which of the following services can be used to view real-time monitoring data of load balancers and listeners?

  1. Cloud Container Engine
  2. Cloud Eye
  3. Auto Scaling
  4. Virtual Private Cloud

Answer:

Q - 110 Which of the following statement about Direct Connect is not true?

    A.Direct Connect is a high-speed, low-latency, stable, and secure dedicated network connection that connects user's local data
  1. nter to a VPC on a cloud.
  2. Direct Connect uses the Internet tunneling technology on the public network.
  3. To create a direct connection, users need to create a connection, a virtual gateway, and a virtual interface.
  4. Currently, only the yearly/monthly billing mode is supported.

Answer: B

Q - 111 Direct Connect enables a user to set up a dedicated network connection between a local data center and the public cloud. Currently, which of the following connection type is supported by Direct Connect?

  1. MPLSVPN
  2. IPSecVPN
  3. SSL VPN
  4. OSPF VPN

Answer: A

Q - 112 which statement is not true for VPN GW connection:

  1. local GW is HUAWEI CLOUD IP address
  2. Remote GW is the public IP address of the VPN connection in your DC
  3. Local Subnet specifies the VPC subnets that need to communicate with your DC
  4. Remote Subnet specifies the subnets of your DC

Answer: A

Q - 113 Which of the following features can be used together with the Direct Connect/VPN/Cloud Connect?

  1. SNAT
  2. DNAT
  3. Both A & B
  4. FNAT

Answer: C

Q - 114 Which of the following policies must be consistent between the local and remote sides of a VPN that connects HUAWEI CLOUD and a local data center?

  1. SSL
  2. IPv6
  3. IKE
  4. IPSec

Answer: C & D

Q - 115 What are customer requirements for cloud security?

  1. CSA Top Threats
  2. National legal compliance requirements
  3. Service continuity
  4. Data confidentiality

Answer: ALL

Q - 116 Which of the following are CSA TOP threats?

  1. Data leakage and loss
  2. Abuse and malicious use of cloud services
  3. Insufficient management of identity, credentials, and access
  4. Insecure ports and APIs

Answer: ALL

Q - 117 which include in Data Security:

  1. Data Encryption Workshop (DEW)
  2. Host Security Service (HSS)
  3. Container Guard Service (CGS)
  4. Database Security Service (DBSS)

Answer: A & D

Q - 118 Which of the following statements about AAD is true?

  1. AAD does not support high-defense IP address access for multiple lines.
  2. The Anti-DDoS cluster provides Layer 4 DDoS attack cleansing and works with GameCC for attack blocking.
  3. The WAF cluster provides DDoS attack cleansing and web CC defense on Layer 7.
  4. AAD supports various cloud services

Answer: A

Q - 119 With data security as its core, HUAWEI CLOUD builds a series of security services to meet the particular needs. Security services include:

  1. Data Security
  2. Host Security
  3. Application Security
  4. Network Security

Answer: ALL

Q - 120 Which of the following security services can be used to protect websites?

  1. WAF
  2. VSS
  3. SCM
  4. Anti-DDoS

Answer: ALL