A security administrator is tasked with configuring a remote access solution for employees who travel frequently. The primary requirements are that the solution must be accessible from any standard web browser without requiring pre-installed client software, and it should provide access to internal web applications and file shares (SMB/CIFS). Which Huawei firewall feature is the most appropriate choice to meet these specific requirements?
A company is implementing a policy where employees in the 'Sales' department can only access the internet during business hours (9 AM to 5 PM, Monday to Friday). An administrator has created a user group for the Sales team and a time range object for the specified business hours. Which component of a Huawei USG firewall security policy must be configured to enforce this rule?
Which of the following statements about the Huawei Redundancy Protocol (HRP) are correct? (Select TWO)
An engineer is configuring a site-to-site IPSec VPN between a Huawei USG6000 at the headquarters and a third-party firewall at a branch office. During the IKE Phase 1 negotiation, the tunnel fails to establish. The engineer observes logs indicating a 'Payload Malformed' error. Which of the following configuration mismatches is the most likely cause of this specific error?
True or False: In a Huawei USG firewall, security zones are logical groupings of one or more interfaces, and by default, traffic is permitted between interfaces within the same security zone.
A network administrator needs to provide secure access to an internal web server (192.168.1.10) for external users. The Huawei USG firewall has a public IP address of 203.0.113.5 on its Untrust interface. The administrator wants external users to access the web server by browsing to https://203.0.113.5. Which type of NAT configuration is required on the USG firewall?
A company has two data centers, each with a Huawei USG firewall. They need to establish a secure and resilient connection between them over the public internet. The primary goal is to ensure data confidentiality and integrity for all traffic between the two sites. Which technology should be implemented? ```mermaid graph TD subgraph Data Center A FWA[USG Firewall A] LANA[LAN A] end subgraph Data Center B FWB[USG Firewall B] LANB[LAN B] end FWA --- LANA FWB --- LANB FWA |Internet| FWB ```
What is the primary function of the Diffie-Hellman (DH) algorithm within the IKE protocol used by IPSec?
A security administrator is deploying a Huawei USG firewall and wants to implement an Intrusion Prevention System (IPS). Which of the following are valid actions that can be configured for a signature in an IPS profile? (Select THREE)
A company wants to implement 802.1X authentication for all devices connecting to its campus network. The goal is to ensure that only authorized and authenticated users and devices can gain network access. In this architecture, what is the role of the Huawei switch to which the end-user devices connect?