DSO-ARC PowerPoint - Nova Southeastern University (NSU) a dso-arc PowerPoint -诺瓦东南大学一

DIRECTIVE NUMBER: CPL 02-00-150 EFFECTIVE DATE: April 22, 2011 SUBJECT: Field Operations Manual (FOM)ABSTRACTPurpose: This instruction cancels and replaces OSHA Instruction CPL 02-00-148,Field Operations Manual (FOM), issued November 9, 2009, whichreplaced the September 26, 1994 Instruction that implemented the FieldInspection Reference Manual (FIRM). The FOM is a revision of OSHA’senforcement policies and procedures manual that provides the field officesa reference document for identifying the responsibilities associated withthe majority of their inspection duties. This Instruction also cancels OSHAInstruction FAP 01-00-003 Federal Agency Safety and Health Programs,May 17, 1996 and Chapter 13 of OSHA Instruction CPL 02-00-045,Revised Field Operations Manual, June 15, 1989.Scope: OSHA-wide.References: Title 29 Code of Federal Regulations §1903.6, Advance Notice ofInspections; 29 Code of Federal Regulations §1903.14, Policy RegardingEmployee Rescue Activities; 29 Code of Federal Regulations §1903.19,Abatement Verification; 29 Code of Federal Regulations §1904.39,Reporting Fatalities and Multiple Hospitalizations to OSHA; and Housingfor Agricultural Workers: Final Rule, Federal Register, March 4, 1980 (45FR 14180).Cancellations: OSHA Instruction CPL 02-00-148, Field Operations Manual, November9, 2009.OSHA Instruction FAP 01-00-003, Federal Agency Safety and HealthPrograms, May 17, 1996.Chapter 13 of OSHA Instruction CPL 02-00-045, Revised FieldOperations Manual, June 15, 1989.State Impact: Notice of Intent and Adoption required. See paragraph VI.Action Offices: National, Regional, and Area OfficesOriginating Office: Directorate of Enforcement Programs Contact: Directorate of Enforcement ProgramsOffice of General Industry Enforcement200 Constitution Avenue, NW, N3 119Washington, DC 20210202-693-1850By and Under the Authority ofDavid Michaels, PhD, MPHAssistant SecretaryExecutive SummaryThis instruction cancels and replaces OSHA Instruction CPL 02-00-148, Field Operations Manual (FOM), issued November 9, 2009. The one remaining part of the prior Field Operations Manual, the chapter on Disclosure, will be added at a later date. This Instruction also cancels OSHA Instruction FAP 01-00-003 Federal Agency Safety and Health Programs, May 17, 1996 and Chapter 13 of OSHA Instruction CPL 02-00-045, Revised Field Operations Manual, June 15, 1989. This Instruction constitutes OSHA’s general enforcement policies and procedures manual for use by the field offices in conducting inspections, issuing citations and proposing penalties.Significant Changes∙A new Table of Contents for the entire FOM is added.∙ A new References section for the entire FOM is added∙ A new Cancellations section for the entire FOM is added.∙Adds a Maritime Industry Sector to Section III of Chapter 10, Industry Sectors.∙Revises sections referring to the Enhanced Enforcement Program (EEP) replacing the information with the Severe Violator Enforcement Program (SVEP).∙Adds Chapter 13, Federal Agency Field Activities.∙Cancels OSHA Instruction FAP 01-00-003, Federal Agency Safety and Health Programs, May 17, 1996.DisclaimerThis manual is intended to provide instruction regarding some of the internal operations of the Occupational Safety and Health Administration (OSHA), and is solely for the benefit of the Government. No duties, rights, or benefits, substantive or procedural, are created or implied by this manual. The contents of this manual are not enforceable by any person or entity against the Department of Labor or the United States. Statements which reflect current Occupational Safety and Health Review Commission or court precedents do not necessarily indicate acquiescence with those precedents.Table of ContentsCHAPTER 1INTRODUCTIONI.PURPOSE. ........................................................................................................... 1-1 II.SCOPE. ................................................................................................................ 1-1 III.REFERENCES .................................................................................................... 1-1 IV.CANCELLATIONS............................................................................................. 1-8 V. ACTION INFORMATION ................................................................................. 1-8A.R ESPONSIBLE O FFICE.......................................................................................................................................... 1-8B.A CTION O FFICES. .................................................................................................................... 1-8C. I NFORMATION O FFICES............................................................................................................ 1-8 VI. STATE IMPACT. ................................................................................................ 1-8 VII.SIGNIFICANT CHANGES. ............................................................................... 1-9 VIII.BACKGROUND. ................................................................................................. 1-9 IX. DEFINITIONS AND TERMINOLOGY. ........................................................ 1-10A.T HE A CT................................................................................................................................................................. 1-10B. C OMPLIANCE S AFETY AND H EALTH O FFICER (CSHO). ...........................................................1-10B.H E/S HE AND H IS/H ERS ..................................................................................................................................... 1-10C.P ROFESSIONAL J UDGMENT............................................................................................................................... 1-10E. W ORKPLACE AND W ORKSITE ......................................................................................................................... 1-10CHAPTER 2PROGRAM PLANNINGI.INTRODUCTION ............................................................................................... 2-1 II.AREA OFFICE RESPONSIBILITIES. .............................................................. 2-1A.P ROVIDING A SSISTANCE TO S MALL E MPLOYERS. ...................................................................................... 2-1B.A REA O FFICE O UTREACH P ROGRAM. ............................................................................................................. 2-1C. R ESPONDING TO R EQUESTS FOR A SSISTANCE. ............................................................................................ 2-2 III. OSHA COOPERATIVE PROGRAMS OVERVIEW. ...................................... 2-2A.V OLUNTARY P ROTECTION P ROGRAM (VPP). ........................................................................... 2-2B.O NSITE C ONSULTATION P ROGRAM. ................................................................................................................ 2-2C.S TRATEGIC P ARTNERSHIPS................................................................................................................................. 2-3D.A LLIANCE P ROGRAM ........................................................................................................................................... 2-3 IV. ENFORCEMENT PROGRAM SCHEDULING. ................................................ 2-4A.G ENERAL ................................................................................................................................................................. 2-4B.I NSPECTION P RIORITY C RITERIA. ..................................................................................................................... 2-4C.E FFECT OF C ONTEST ............................................................................................................................................ 2-5D.E NFORCEMENT E XEMPTIONS AND L IMITATIONS. ....................................................................................... 2-6E.P REEMPTION BY A NOTHER F EDERAL A GENCY ........................................................................................... 2-6F.U NITED S TATES P OSTAL S ERVICE. .................................................................................................................. 2-7G.H OME-B ASED W ORKSITES. ................................................................................................................................ 2-8H.I NSPECTION/I NVESTIGATION T YPES. ............................................................................................................... 2-8 V.UNPROGRAMMED ACTIVITY – HAZARD EVALUATION AND INSPECTION SCHEDULING ............................................................................ 2-9 VI.PROGRAMMED INSPECTIONS. ................................................................... 2-10A.S ITE-S PECIFIC T ARGETING (SST) P ROGRAM. ............................................................................................. 2-10B.S CHEDULING FOR C ONSTRUCTION I NSPECTIONS. ..................................................................................... 2-10C.S CHEDULING FOR M ARITIME I NSPECTIONS. ............................................................................. 2-11D.S PECIAL E MPHASIS P ROGRAMS (SEP S). ................................................................................... 2-12E.N ATIONAL E MPHASIS P ROGRAMS (NEP S) ............................................................................... 2-13F.L OCAL E MPHASIS P ROGRAMS (LEP S) AND R EGIONAL E MPHASIS P ROGRAMS (REP S) ............ 2-13G.O THER S PECIAL P ROGRAMS. ............................................................................................................................ 2-13H.I NSPECTION S CHEDULING AND I NTERFACE WITH C OOPERATIVE P ROGRAM P ARTICIPANTS ....... 2-13CHAPTER 3INSPECTION PROCEDURESI.INSPECTION PREPARATION. .......................................................................... 3-1 II.INSPECTION PLANNING. .................................................................................. 3-1A.R EVIEW OF I NSPECTION H ISTORY .................................................................................................................... 3-1B.R EVIEW OF C OOPERATIVE P ROGRAM P ARTICIPATION .............................................................................. 3-1C.OSHA D ATA I NITIATIVE (ODI) D ATA R EVIEW .......................................................................................... 3-2D.S AFETY AND H EALTH I SSUES R ELATING TO CSHO S.................................................................. 3-2E.A DVANCE N OTICE. ................................................................................................................................................ 3-3F.P RE-I NSPECTION C OMPULSORY P ROCESS ...................................................................................................... 3-5G.P ERSONAL S ECURITY C LEARANCE. ................................................................................................................. 3-5H.E XPERT A SSISTANCE. ........................................................................................................................................... 3-5 III. INSPECTION SCOPE. ......................................................................................... 3-6A.C OMPREHENSIVE ................................................................................................................................................... 3-6B.P ARTIAL. ................................................................................................................................................................... 3-6 IV. CONDUCT OF INSPECTION .............................................................................. 3-6A.T IME OF I NSPECTION............................................................................................................................................. 3-6B.P RESENTING C REDENTIALS. ............................................................................................................................... 3-6C.R EFUSAL TO P ERMIT I NSPECTION AND I NTERFERENCE ............................................................................. 3-7D.E MPLOYEE P ARTICIPATION. ............................................................................................................................... 3-9E.R ELEASE FOR E NTRY ............................................................................................................................................ 3-9F.B ANKRUPT OR O UT OF B USINESS. .................................................................................................................... 3-9G.E MPLOYEE R ESPONSIBILITIES. ................................................................................................. 3-10H.S TRIKE OR L ABOR D ISPUTE ............................................................................................................................. 3-10I. V ARIANCES. .......................................................................................................................................................... 3-11 V. OPENING CONFERENCE. ................................................................................ 3-11A.G ENERAL ................................................................................................................................................................ 3-11B.R EVIEW OF A PPROPRIATION A CT E XEMPTIONS AND L IMITATION. ..................................................... 3-13C.R EVIEW S CREENING FOR P ROCESS S AFETY M ANAGEMENT (PSM) C OVERAGE............................. 3-13D.R EVIEW OF V OLUNTARY C OMPLIANCE P ROGRAMS. ................................................................................ 3-14E.D ISRUPTIVE C ONDUCT. ...................................................................................................................................... 3-15F.C LASSIFIED A REAS ............................................................................................................................................. 3-16VI. REVIEW OF RECORDS. ................................................................................... 3-16A.I NJURY AND I LLNESS R ECORDS...................................................................................................................... 3-16B.R ECORDING C RITERIA. ...................................................................................................................................... 3-18C. R ECORDKEEPING D EFICIENCIES. .................................................................................................................. 3-18 VII. WALKAROUND INSPECTION. ....................................................................... 3-19A.W ALKAROUND R EPRESENTATIVES ............................................................................................................... 3-19B.E VALUATION OF S AFETY AND H EALTH M ANAGEMENT S YSTEM. ....................................................... 3-20C.R ECORD A LL F ACTS P ERTINENT TO A V IOLATION. ................................................................................. 3-20D.T ESTIFYING IN H EARINGS ................................................................................................................................ 3-21E.T RADE S ECRETS. ................................................................................................................................................. 3-21F.C OLLECTING S AMPLES. ..................................................................................................................................... 3-22G.P HOTOGRAPHS AND V IDEOTAPES.................................................................................................................. 3-22H.V IOLATIONS OF O THER L AWS. ....................................................................................................................... 3-23I.I NTERVIEWS OF N ON-M ANAGERIAL E MPLOYEES .................................................................................... 3-23J.M ULTI-E MPLOYER W ORKSITES ..................................................................................................................... 3-27 K.A DMINISTRATIVE S UBPOENA.......................................................................................................................... 3-27 L.E MPLOYER A BATEMENT A SSISTANCE. ........................................................................................................ 3-27 VIII. CLOSING CONFERENCE. .............................................................................. 3-28A.P ARTICIPANTS. ..................................................................................................................................................... 3-28B.D ISCUSSION I TEMS. ............................................................................................................................................ 3-28C.A DVICE TO A TTENDEES .................................................................................................................................... 3-29D.P ENALTIES............................................................................................................................................................. 3-30E.F EASIBLE A DMINISTRATIVE, W ORK P RACTICE AND E NGINEERING C ONTROLS. ............................ 3-30F.R EDUCING E MPLOYEE E XPOSURE. ................................................................................................................ 3-32G.A BATEMENT V ERIFICATION. ........................................................................................................................... 3-32H.E MPLOYEE D ISCRIMINATION .......................................................................................................................... 3-33 IX. SPECIAL INSPECTION PROCEDURES. ...................................................... 3-33A.F OLLOW-UP AND M ONITORING I NSPECTIONS............................................................................................ 3-33B.C ONSTRUCTION I NSPECTIONS ......................................................................................................................... 3-34C. F EDERAL A GENCY I NSPECTIONS. ................................................................................................................. 3-35CHAPTER 4VIOLATIONSI. BASIS OF VIOLATIONS ..................................................................................... 4-1A.S TANDARDS AND R EGULATIONS. .................................................................................................................... 4-1B.E MPLOYEE E XPOSURE. ........................................................................................................................................ 4-3C.R EGULATORY R EQUIREMENTS. ........................................................................................................................ 4-6D.H AZARD C OMMUNICATION. .............................................................................................................................. 4-6E. E MPLOYER/E MPLOYEE R ESPONSIBILITIES ................................................................................................... 4-6 II. SERIOUS VIOLATIONS. .................................................................................... 4-8A.S ECTION 17(K). ......................................................................................................................... 4-8B.E STABLISHING S ERIOUS V IOLATIONS ............................................................................................................ 4-8C. F OUR S TEPS TO BE D OCUMENTED. ................................................................................................................... 4-8 III. GENERAL DUTY REQUIREMENTS ............................................................. 4-14A.E VALUATION OF G ENERAL D UTY R EQUIREMENTS ................................................................................. 4-14B.E LEMENTS OF A G ENERAL D UTY R EQUIREMENT V IOLATION.............................................................. 4-14C. U SE OF THE G ENERAL D UTY C LAUSE ........................................................................................................ 4-23D.L IMITATIONS OF U SE OF THE G ENERAL D UTY C LAUSE. ..............................................................E.C LASSIFICATION OF V IOLATIONS C ITED U NDER THE G ENERAL D UTY C LAUSE. ..................F. P ROCEDURES FOR I MPLEMENTATION OF S ECTION 5(A)(1) E NFORCEMENT ............................ 4-25 4-27 4-27IV.OTHER-THAN-SERIOUS VIOLATIONS ............................................... 4-28 V.WILLFUL VIOLATIONS. ......................................................................... 4-28A.I NTENTIONAL D ISREGARD V IOLATIONS. ..........................................................................................4-28B.P LAIN I NDIFFERENCE V IOLATIONS. ...................................................................................................4-29 VI. CRIMINAL/WILLFUL VIOLATIONS. ................................................... 4-30A.A REA D IRECTOR C OORDINATION ....................................................................................................... 4-31B.C RITERIA FOR I NVESTIGATING P OSSIBLE C RIMINAL/W ILLFUL V IOLATIONS ........................ 4-31C. W ILLFUL V IOLATIONS R ELATED TO A F ATALITY .......................................................................... 4-32 VII. REPEATED VIOLATIONS. ...................................................................... 4-32A.F EDERAL AND S TATE P LAN V IOLATIONS. ........................................................................................4-32B.I DENTICAL S TANDARDS. .......................................................................................................................4-32C.D IFFERENT S TANDARDS. .......................................................................................................................4-33D.O BTAINING I NSPECTION H ISTORY. .....................................................................................................4-33E.T IME L IMITATIONS..................................................................................................................................4-34F.R EPEATED V. F AILURE TO A BATE....................................................................................................... 4-34G. A REA D IRECTOR R ESPONSIBILITIES. .............................................................................. 4-35 VIII. DE MINIMIS CONDITIONS. ................................................................... 4-36A.C RITERIA ................................................................................................................................................... 4-36B.P ROFESSIONAL J UDGMENT. ..................................................................................................................4-37C. A REA D IRECTOR R ESPONSIBILITIES. .............................................................................. 4-37 IX. CITING IN THE ALTERNATIVE ............................................................ 4-37 X. COMBINING AND GROUPING VIOLATIONS. ................................... 4-37A.C OMBINING. ..............................................................................................................................................4-37B.G ROUPING. ................................................................................................................................................4-38C. W HEN N OT TO G ROUP OR C OMBINE. ................................................................................................4-38 XI. HEALTH STANDARD VIOLATIONS ....................................................... 4-39A.C ITATION OF V ENTILATION S TANDARDS ......................................................................................... 4-39B.V IOLATIONS OF THE N OISE S TANDARD. ...........................................................................................4-40 XII. VIOLATIONS OF THE RESPIRATORY PROTECTION STANDARD(§1910.134). ....................................................................................................... XIII. VIOLATIONS OF AIR CONTAMINANT STANDARDS (§1910.1000) ... 4-43 4-43A.R EQUIREMENTS UNDER THE STANDARD: .................................................................................................. 4-43B.C LASSIFICATION OF V IOLATIONS OF A IR C ONTAMINANT S TANDARDS. ......................................... 4-43 XIV. CITING IMPROPER PERSONAL HYGIENE PRACTICES. ................... 4-45A.I NGESTION H AZARDS. .................................................................................................................................... 4-45B.A BSORPTION H AZARDS. ................................................................................................................................ 4-46C.W IPE S AMPLING. ............................................................................................................................................. 4-46D.C ITATION P OLICY ............................................................................................................................................ 4-46 XV. BIOLOGICAL MONITORING. ...................................................................... 4-47CHAPTER 5CASE FILE PREPARATION AND DOCUMENTATIONI.INTRODUCTION ............................................................................................... 5-1 II.INSPECTION CONDUCTED, CITATIONS BEING ISSUED. .................... 5-1A.OSHA-1 ................................................................................................................................... 5-1B.OSHA-1A. ............................................................................................................................... 5-1C. OSHA-1B. ................................................................................................................................ 5-2 III.INSPECTION CONDUCTED BUT NO CITATIONS ISSUED .................... 5-5 IV.NO INSPECTION ............................................................................................... 5-5 V. HEALTH INSPECTIONS. ................................................................................. 5-6A.D OCUMENT P OTENTIAL E XPOSURE. ............................................................................................................... 5-6B.E MPLOYER’S O CCUPATIONAL S AFETY AND H EALTH S YSTEM. ............................................................. 5-6 VI. AFFIRMATIVE DEFENSES............................................................................. 5-8A.B URDEN OF P ROOF. .............................................................................................................................................. 5-8B.E XPLANATIONS. ..................................................................................................................................................... 5-8 VII. INTERVIEW STATEMENTS. ........................................................................ 5-10A.G ENERALLY. ......................................................................................................................................................... 5-10B.CSHO S SHALL OBTAIN WRITTEN STATEMENTS WHEN: .......................................................................... 5-10C.L ANGUAGE AND W ORDING OF S TATEMENT. ............................................................................................. 5-11D.R EFUSAL TO S IGN S TATEMENT ...................................................................................................................... 5-11E.V IDEO AND A UDIOTAPED S TATEMENTS. ..................................................................................................... 5-11F.A DMINISTRATIVE D EPOSITIONS. .............................................................................................5-11 VIII. PAPERWORK AND WRITTEN PROGRAM REQUIREMENTS. .......... 5-12 IX.GUIDELINES FOR CASE FILE DOCUMENTATION FOR USE WITH VIDEOTAPES AND AUDIOTAPES .............................................................. 5-12 X.CASE FILE ACTIVITY DIARY SHEET. ..................................................... 5-12 XI. CITATIONS. ..................................................................................................... 5-12A.S TATUTE OF L IMITATIONS. .............................................................................................................................. 5-13B.I SSUING C ITATIONS. ........................................................................................................................................... 5-13C.A MENDING/W ITHDRAWING C ITATIONS AND N OTIFICATION OF P ENALTIES. .................................. 5-13D.P ROCEDURES FOR A MENDING OR W ITHDRAWING C ITATIONS ............................................................ 5-14 XII. INSPECTION RECORDS. ............................................................................... 5-15A.G ENERALLY. ......................................................................................................................................................... 5-15B.R ELEASE OF I NSPECTION I NFORMATION ..................................................................................................... 5-15C. C LASSIFIED AND T RADE S ECRET I NFORMATION ...................................................................................... 5-16。

Micro Focus Security ArcSight ConnectorsSmartConnector for Microsoft DNS DGA Trace Log Multiple Server FileConfiguration GuideJanuary 25, 2019Configuration GuideSmartConnector for Microsoft DNS DGA Trace Log Multiple Server FileJanuary 25, 2019Copyright © 2014 – 2019 Micro Focus and its affiliates and licensors.WarrantyThe only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.Restricted Rights LegendConfidential computer software. Except as specifically indicated otherwise, a valid license from Micro Focus is required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.Trademark NoticesAdobe™ is a trademark of Adobe Systems Incorporated. Microsoft® and Windows® are U.S. registered trademarks of Microsoft Corporation. UNIX® is a registered trademark of The Open Group. Revision HistoryDate Description01/25/2019 First edition of this Configuration Guide.Configuration Guide SmartConnector for Microsoft DNS DGA Trace Log Multiple Server FileThis guide provides information for installing the SmartConnector for Microsoft DNS DGA Trace Log Multiple Server File and configuring the device for event collection. Microsoft's Domain Name Service (DNS) included with Microsoft Windows 2008, Microsoft Windows 2012, Microsoft Windows 2016 and Microsoft Windows 2012 R2 are supported.Product OverviewThe Domain Name System (DNS) is a hierarchical distributed database and an associated set of protocols that define a:⏹Mechanism for querying and updating the database⏹Mechanism for replicating the information in the database among servers⏹Schema of the databaseWith DNS, the host names reside in a database that can be distributed among multiple servers, decreasing the load on any one server and providing the ability to administer this naming system on a per-partition basis. DNS supports hierarchical names and allows registration of various data types in addition to host name to IP address mapping used in HOSTS files.This ArcSight SmartConnector lets you import events generated by the Microsoft DNS Trace Log Multiple Server File device into the ArcSight System . See the section "Device Event Mapping to ArcSight Data Fields" later in this document for the specific events mapped to fields in the ArcSight database.The new feature enables users to apply a Domain Generation Algorithm (DGA) and:⏹Whitelist filters on real time⏹Filter and drop events prior a license check⏹Use the Connector immediately after installation. Required files are pre-configured.⏹Populate a dga_whitelist.txt locally or remotely (via ArcMC) to avoid getting events from trusted domains⏹ Add Map files to /user/agent/map/ to extend connector functionalitiesSee the section "Map Files" later in this document for more information.ConfigurationDetailed information regarding DNS Monitoring can be found at: /en-us/library/cc783975(WS.10).aspx.The primary tool used to manage DNS servers is the DNS console, which can be found in the Administrative Tools folder in the Start menu's Programs folder.Micro Focus Security ArcSight Connectors 3SmartConnector for Microsoft DNS DGA Trace Log Multiple Server FileDNS server event messages are separated and kept in their own system event log, the DNS server log. The DNS server log contains events logged by the DNS server service. Most critical DNS server service events are logged here, such as when the server starts but cannot locate initializing data.You can change the event types logged by DNS servers using the DNS console. You also can use the DNS console to selectively enable additional debug logging options for temporary trace logging to a text-based file of DNS server activity. Using Server Debug Logging OptionsBy default, all debug logging options are disabled. When selectively enabled, the DNS Server service can perform additional trace-level logging of selected types of events or messages for general troubleshooting and debugging of the server.Dns.log contains debug logging activity. By default, it is located in the windir\System32\Dns folder.The following DNS debug logging options are available:Packet DirectionOutgoingPackets sent by the DNS server are logged in the DNS server log file.IncomingPackets received by the DNS server are logged in the log file.Packet ContentQueries/TransfersSpecifies that packets containing standard queries (per RFC 1034) are logged in the DNS server log file.UpdatesSpecifies that packets containing dynamic updates (per RFC 2136) are logged in the DNS server log file.NotificationsSpecifies that packets containing notifications (per RFC 1996) are logged in the DNS server log file.Transport ProtocolUDPSpecifies that packets sent and received over UDP are logged in the DNS server log file.TCPSpecifies that packets sent and received over TCP are logged in the DNS server log file.Packet TypeRequestSpecifies that request packets are logged in the DNS server log file (a request packet is characterized by a QR bitset to 0 in the DNS message header).ResponseSpecifies that response packets are logged in the DNS server log file (a response packet is characterized by a QRbit set to 1 in the DNS message header).4Micro Focus Security ArcSight ConnectorsConfiguration Guide Other OptionsFilter packets by IP addressProvides additional filtering of packets logged in the DNS server log file.DetailsSpecifies that all event details be logged in the DNS server log file.Log FileFile path and name lets you specify the name and location of the DNS server log file. Log file maximum size limit lets you set the maximum file size for the DNS server log file.To select and enable debug logging options on the DNS server:1Open DNS. (Click Start -> Control Panel -> Administrative Tools. Double-click DNS.)2In the console tree, right-click the applicable DNS server, then click Properties.3Click the Debug Logging tab.4To set the debug logging options, first select Log packets for debugging. To ensure collecting the appropriate information for processing by ArcSight, select the options shown in the following figure.In addition to selecting events for the DNS debug log file, select the default values or specify the file name, location, and maximum file size for the file.Micro Focus Security ArcSight Connectors 5SmartConnector for Microsoft DNS DGA Trace Log Multiple Server File6 Micro Focus Security ArcSight ConnectorsInstall the SmartConnectorThe following sections provide instructions for installing and configuring your selected SmartConnector.Connector Appliance/ArcSight Management Center supports mounting for Network File System(NFS) and CIFS (Windows) shares. When you install this connector on one of these devices,establish a CIFS mount on the device before adding the connector. Provide this share nameduring connector configuration. For more information, see Remote File Systems in the Connector Appliance or ArcSight Management Center Administrator's Guide.Prepare to Install ConnectorBefore you install any SmartConnectors, make sure that the ArcSight products with which the connectors will communicate have already been installed correctly (such as ArcSight ESM or ArcSight Logger).For complete product information, read the Administrator's Guide as well as the Installation and Configuration guide for your ArcSight product before installing a new SmartConnector. If you are adding a connector to the ArcSight Management Center, see the ArcSight Management Center Administrator's Guide for instructions, and start the installation procedure at "Set Global Parameters (optional)" or "Select Connector and Add Parameter Information."Before installing the SmartConnector, be sure the following are available:⏹ Local access to the machine where the SmartConnector is to be installed⏹ Administrator passwordsInstall Core SoftwareUnless specified otherwise at the beginning of this guide, this SmartConnector can be installed on all ArcSight supported platforms; for the complete list, see the SmartConnector Product and Platform Support document, available from the Micro Focus SSO and Protect 724 sites.1 Download the SmartConnector executable for your operating system from the Micro Focus SSO site.2 Start the SmartConnector installation and configuration wizard by running the executable.Follow the wizard through the following folder selection tasks and installation of the core connector software: IntroductionChoose Install FolderChoose Shortcut FolderPre-Installation SummaryInstalling...3 When the installation of SmartConnector core component software is finished, the following window is displayed:Configuration GuideMicro Focus Security ArcSight Connectors 7Set Global Parameters (optional)If you choose to perform any of the operations shown in the following table, do so before adding your connector. You can set the following parameters:Parameter Setting FIPS modeSelect 'Enabled' to enable FIPS compliant mode. To enable FIPS Suite B Mode, see the SmartConnector User Guide under "Modifying Connector Parameters" for instructions. Initially, this value is set to 'Disabled'. Remote Management Select 'Enabled' to enable remote management from ArcSight Management Center. When queried by the remote managementdevice, the values you specify here for enabling remote management and the port number will be used. Initially, this value is set to'Disabled'.Remote Management Listener Port The remote management device will listen to the port specified in this field. The default port number is 9001.Preferred IP VersionWhen both IPv4 and IPv6 IP addresses are available for the local host (the machine on which the connector is installed), you can choose which version is preferred. Otherwise, you will see only one selection. The initial setting is IPv4.The following parameters should be configured only if you are using Micro Focus SecureData solutions to provide encryption. See the Micro Focus SecureData Architecture Guide for more information.Parameter Setting Format PreservingEncryptionData leaving the connector machine to a specified destination can be encrypted by selecting ‘Enabled’ to encrypt the fields identified in ‘Event Fields to Encrypt' before forwarding events. If encryption is enabled, it cannot be disabled. Changing any of the encryption parameters again will require a fresh installation of the connector. Format Preserving PolicyURLEnter the URL where the Micro Focus SecureData Server is installed. Proxy Server (https)Enter the proxy host for https connection if any proxy is enabled for this machine. Proxy PortEnter the proxy port for https connection if any proxy is enabled for this machine. Format Preserving IdentityThe Micro Focus SecureData client software allows client applications to protect and access data based on key names. This key name is referred to as the identity. Enter the user identity configured for Micro Focus SecureData. Format Preserving Secret Enter the secret configured for Micro Focus SecureData to use for encryption.SmartConnector for Microsoft DNS DGA Trace Log Multiple Server File8 Micro Focus Security ArcSight ConnectorsParameter Setting Event Fields to Encrypt Recommended fields for encryption are listed; delete any fields you do not want encrypted and add any string or numeric fields you wantencrypted. Encrypting more fields can affect performance, with 20 fields being the maximum recommended. Also, because encryption changes the value, rules or categorization could also be affected. Once encryption is enabled, the list of event fields cannot be edited.After making your selections, click Next . A summary screen is displayed. Review the summary of your selections and click Next . Click Continue to return to proceed with "Add a Connector" window. Continue the installation procedure with "Select Connector and Add Parameter Information."Select Connector and Add Parameter Information1 Select Add a Connector and click Next . If applicable, you can enable FIPS mode and enable remote management later inthe wizard after SmartConnector configuration.2 Select Microsoft DNS DGA Trace Log Multiple Server File and click Next .3 Enter the required SmartConnector parameters to configure the SmartConnector, then click Next.Parameter Description FolderThe absolute path to the location of the log files.- For Windows platform, use: 'c:\Program Files\DNS_Multi_File\logs\'- For Linux platform, use: '/var/log/dnsmultifile/'For multiple servers, click Add and enter information about the additional server.- For Windows platform, use: \\<servername>\folder\folder. WildcardThe log file name ('*.log') has two parts:- Part 1: ('*') is the file name - Part 2: ('.log') is the file typeConfiguration GuideMicro Focus Security ArcSight Connectors 9Parameter Description- For example: 'dnsmulti.log' Log File Type Accept the default "tracelog".Select a Destination1 The next window asks for the destination type; select a destination and click Next . For information about thedestinations listed, see the ArcSight SmartConnector User Guide .2 Enter values for the destination. For the ArcSight Manager destination, the values you enter for User and Passwordshould be the same ArcSight user name and password you created during the ArcSight Manager installation. Click Next .3 Enter a name for the SmartConnector and provide other information identifying the connector's use in yourenvironment. Click Next . The connector starts the registration process.4 If you have selected ArcSight Manager as the destination, the certificate import window for the ArcSight Manager isdisplayed. Select Import the certificate to the connector from destination and click Next . (If you select Do not import the certificate to connector from destination , the connector installation will end.) The certificate is imported and the Add connector Summary window is displayed.Complete Installation and Configuration1 Review the Add Connector Summary and click Next . If the summary is incorrect, click Previous to make changes.2 The wizard now prompts you to choose whether you want to run the SmartConnector as a stand-alone process or as aservice. If you choose to run the connector as a stand-alone process, select Leave as a standalone application , click Next , and continue with step 5.3 If you chose to run the connector as a service, with Install as a service selected, click Next . The wizard prompts you todefine service parameters. Enter values for Service Internal Name and Service Display Name and select Yes or No for Start the service automatically . The Install Service Summary window is displayed when you click Next .4 Click Next on the summary window.5 To complete the installation, choose Exit and Click Next .For instructions about upgrading the connector or modifying parameters, see the SmartConnector User Guide . Map FilesBy adding map files, users can increment the functionalities of the Connector.FileDescription Sample Content dga_whitelist.txt White list file. Includes all domains that are notscanned by the DGA detection. , , , , , , , google.co.in, , , , SmartConnector for Microsoft DNS DGA Trace Log Multiple Server File10 Micro Focus Security ArcSight Connectors FileDescription Sample Content map.2.properties Numbered connector map file. It callsthe_domainWhitelist operation. This operation isa lookup for whitelisted domains in each eventand marks them as WHITELISTED, so they can bedropped by the filter later.!Flags,Overwrite+set.expr(destinationHostName).event.deviceCustomFloatingPoint2Label __ domainWhitelist(destinationHostName) map.3.properties Numbered connector map file. It calls thedgaForbiddenTrigrams operation. This operationapplies the forbiddenTrigrams DGA classifier inevery event and returns 1 or 0 for each.!Flags,Overwrite+set.expr(destinationHostName).event.deviceCustomNumber1__dgaForbiddenTrigrams (destinationHostName) map.4.properties Numbered connector map file. It calls theForbiddenTrigramsHel per operation. This is ahelper function that adds a label to the dga fieldin CEF.!Flags,Overwrite+set.expr(deviceCustomNumber1).event.deviceCustomNumber1Label__dgaForbiddenTrigrams Helper(deviceCustomNumber1) map.5.properties Numbered connector map file. It sets theevent.dropEventFlag based on the value ofevent.deviceCustomFloatingPoint2Label. It is setto "true" when the value ofevent.deviceCustomFloatingPoint2Label isWHITELISTED. event.deviceCustomFloatingPoint2Label,set.event.dropEventFlag, WHITELISTED,trueNote: Adjust the sequence numbers of your new map files based on any existing map files. Forexample, if the last map file in the connector is number 3, the new DGA map file must be set to 4 and so on.Run the SmartConnectorSmartConnectors can be installed and run in stand-alone mode, on Windows platforms as a Windows service, or on UNIX platforms as a UNIX daemon, depending upon the platform supported. On Windows platforms, SmartConnectors also can be run using shortcuts and optional Start menu entries.If the connector is installed in stand-alone mode, it must be started manually and is not automatically active when a host is restarted. If installed as a service or daemon, the connector runs automatically when the host is restarted. For information about connectors running as services or daemons, see the ArcSight SmartConnector User Guide .To run all SmartConnectors installed in stand-alone mode on a particular host, open a command window, go to $ARCSIGHT_HOME\current\bin and run: arcsight connectorsTo view the SmartConnector log, read the file $ARCSIGHT_HOME\current\logs\agent.log ; to stop all SmartConnectors, enter Ctrl+C in the command window.Device Event Mapping to ArcSight FieldsThe following section lists the mappings of ArcSight data fields to the device's specific event definitions. See the ArcSight Console User's Guide for more information about the ArcSight data fields.Microsoft DNS DGA Trace Log Multiple Server File Mappings to ArcSight ESM FieldsArcSight ESM Field Device-Specific Field Agent (Connector)Severity High = 2, 3, 5, 16, SERVFAIL, NXDOMAIN, REFUSED, BADVERS, BADSIG; Medium = 1, 4, 6-10, 17-22, Error, Warning, FORMERR, NOTIMP, YXDOMAIN, YXRRSET, NXRRSET, NOTAUTH, NOTZONE, BADKEY, BADTIME, BADMODE, BADNAME, BADALG, BADTRUNC; Low = 0, 11-15,23-65535, Information, Success, NOERROR (based on Rcode values at: /enp/protocol/dns.htm#Rcode, Return code)Configuration GuideMicro Focus Security ArcSight Connectors 11 ArcSight ESM Field Device-Specific Field Application Protocolapplication protocol Bytes InSize, incoming bytes Destination Addressdestination address Destination DNSDomaindestination DNS domain Destination HostNamedestination host name Destination NTDomaindestination NT domain Device ActionAction taken by the device Device CustomFloating Point 2 LabelWHITELISTED Device Custom IPv6Address 2Source IPv6 address Device CustomNumber 11 Device CustomNumber 1 LabelDNS-Analytics Device Custom String1Thread Id Device Custom String2OpCode Device Custom String3Flags (character codes) Device Custom String4Reason or error code Device DirectionSnd=Outbound, Rcv=Inbound Device EventCategoryContext Device Event Class IDEvent Name Device Product'DNS Trace Log' Device Receipt TimeDateTime Device SeverityOne of (Information, Warning, Error, Success, NOERROR) Device Vendor'Microsoft' File Namefile name File Pathfile path MessageRcode description (based on Rcode descriptions at: /enp/protocol/dns.htm#Rcode, Return code NameRcode name (based on Rcode name at: /enp/protocol/dns.htm#Rcode, Return code Request URLQuestion Name Source AddressSource network address Source DNS DomainsourceDNSDomain Source Host NameSource host name Source PortSource port Source Service NamesourceServiceName Start TimestartTime Transport Protocol transport protocol (UDP)。

Table of ContentsIntroduction (3)What’s New (4)Table 1: Supported components inside virtual machines (5)Table 2: Data Protector Virtual Environment Agent platform support (VDDK) (6)Table 3: VMware vCenter support (6)Table 4: Data Protector Virtual Environment Agent platform support (7)Table5: Granular Recovery Extension for VMware vSphere (7)Table 6: Microsoft Hyper-V Virtualization application integration support (7)Table 7: Supported configurations – HPE SimpliVity Storage (7)Table 8: Supported configurations – H3C CAS (8)Table 9: Supported configurations – Red Hat KVM (8)Table 10: Supported configurations – Nutanix vCenter (8)Table 11: Supported configurations – Nutanix AHV (8)Note: The combinations of Data Protector components with operating systems and/or application versions are supported by Data Protector if the associated operating system and/or application versions are supported by respective vendors.All guest operating systems supported by the respective vendors are supported with Data Protector if they are listed as supported on physical hosts in the Data Protector 10.80 Platform and Integration Support Matrix.For information about specific Windows versions supported by Data Protector please refer to the Platform and Integration Support Matrix.Quiescent state of MS File Systems and Applications within a VMware virtual machine is handled and supported by VMware ToolsUpdates/changes to individual fields within the Matrix will be highlighted in RED.1. Removed the Table 5 “Supported Microsoft applications for quiescence enabled backups”2. Support of Microsoft Hyper-V Server 2019The following table lists various Data Protector components supported inside the guest operating systems: Table 1: Supported components inside virtual machinesVirtualization application Supported Data Protector componentsVMware1 •Cell Manager/Installation Server•Manager of Managers•Disk Agent•Media Agent2•Graphical User Interface•Online Extension Agents3•StoreOnce Software Deduplication•HPE P9000 XP SSEA Agent4•HPE 3PAR SMI-S Agent5•VSS Agent6Microsoft Hyper-V7•Cell Manager/Installation Server•Manager of Managers•Disk Agent•Media Agent•Graphical User Interface•Online Extension Agents3•StoreOnce Software Deduplication•HPE P9000 XP SSEA Agent4•VSS Agent7HPE Integrity Virtual Machines (IVM) •Cell Manager/Installation Server •Disk Agent•Media Agent8•Manager of Managers •Online Extension Agents3•HPE P9000 XP SSEA Agent4Solaris Zones •Disk Agent (Global and Local Zones)•Media Agent (Global Zone)•Oracle Online Agent (Global and Local Zones)Oracle VM •Cell Manager/Installation Server•Manager of Managers•Disk Agent•Media Agent•Graphical User Interface•Online Extension Agents3•StoreOnce Software Deduplication•HPE P9000 XP SSEA Agent4•VSS Agent 6•Oracle Online AgentRed Hat, KVM •Cell Manager/Installation Server•Manager of Managers•Disk Agent•Media Agent•Online Extension Agents3•StoreOnce Software Deduplication•HPE P9000 XP, SSEA Agent41 Includes support for Virtual Infrastructure and vSphere components like vMotion, HA, DRS.2 Supported for HPE StoreOnce Backup Systems with iSCSI and Catalyst, file devices, HPE StoreOnce Backup System using Catalyst, HPE StoreOnce Software, and file libraries only.3 Valid for all applications that are listed as supported in Data Protector 10.80 Platform and Integration Support Matrix and are supported byrespective vendors inside a virtual machine4 Includes application integrations listed in the Data Protector 10.80 HPE Storage Support Matrix for HPE P9000 XP Disk Array Family5 Includes application integrations listed in the Data Protector 10.80 HPE Storage Support Matrix for HPE 3PAR Disk Array Family Using SMI-SAgent. For more information on instant recovery, see Data Protector Zero Downtime Backup Integration Guide.6 In case of VSS backups, the application host can be a virtual host, but the backup host for FC based arrays (3PAR, XP, etc) must be a physicalserver. For details of the supported VSS configurations, see the Data Protector 10.80 VSS Integration Support Matrix7 Individual disk restores are only supported for Windows Hyper-V Server 2012 or later.8 Support includes attached AVIO Devices.Table 2: Data Protector Virtual Environment Agent platform support (VDDK)Data Protector versions VMware VDDK component Supported backup / mount proxy operating systems10.00 •VDDK 6.0 U2 Windows Server 2008 R2 (x64)Windows Server 2012, 2012 R2 (x64)RHEL 6.64, 7.0 (x64) 5,6,7SLES 11.3, 12 (x64) 5,6,710.01,10.02,10.03,10.04 and 10.10 •VDDK 6.5 U1 Windows Server 2008 R2 (x64)Windows Server 2012, 2012 R2 (x64)Windows Server 2016 (x64)RHEL 6.7, 6.8, 7.2, 7.3 (x64)5,6,7SLES 11.4, 12.1 (x64) 5,6,710.20, 10.30, 10.40, 10.50 •VDDK 6.7 U1 Windows Server 2008 R2 (x64)Windows Server 2012, 2012 R2 (x64)Windows Server 2016CentOS 7.4 (x64)5,6,7RHEL 6.7, 6.8, 6.9, 7.2, 7.3 (x64)5,6,7SLES 11.4, 12.1, 15 (x64)5,6,710.60, 10.70, 10.80 •VDDK 6.7 U3 Windows Server 2008 R2 (x64)Windows Server 2012, 2012 R2 (x64)Windows Server 2016CentOS 7.4 (x64)5,6,7RHEL 6.7, 6.8, 6.9, 7.2, 7.3, 7.6 (x64)5,6,7SLES 11.4, 12.1, 12.4, 15 (x64)5,6,71 Data Protector supports guest operating systems that are supported by the respective operating system vendor and are supported as aguest operating system by VMware.2 GPT disks are supported for Backup and Restore.3 Data Protector does not support backup of SATA disks.4 RHEL 6.6 does not support Power On and Live Migrate operation.5 Supported partition type for GRE: Linux partition (ID 83), Linux LVM partition (ID 8E).6 Linux mount proxies do not support granular recovery of ownership, ACLs, file attributes, and alternate data streams for files and folders in78Table 3: VMware vCenter supportVMware vCenter support for Data Protector 10.80 1,2,3,4,5,6VMware vCenter Server 6.0, 6.0 U1, 6.0 U2, 6.0 U3, 6.5, 6.5 U1, 6.5 U2, 6.5 U3, 6.7, 6.7 U1, 6.7 U2, 6.7 U3, 7.07VMware Virtual Server Appliance 6.0, 6.0 U1, 6.0 U2, 6.0 U3, 6.5, 6.5 U1, 6.5 U2, 6.5 U3, 6.7, 6.7 U1, 6.7 U2, 6.7 U3, 7.071 Data Protector supports only the above mentioned VMware vCenter versions.The ESXi Servers supported by these VMware vCenter versions are supported as Data Protector Application clients.2 For the respective ESX Server support, refer to the VMware Product Interoperability Matrix using the following link:https:///comp_guide2/sim/interop_matrix.php.3 Data Protector does not support free ESXi licenses.4 Raw Disk Mappings is supported with VADP based backups in virtual mode but not supported in physical mode.5 VMware VVol (Virtual Volumes) are supported for VMs that are hosted on 3PAR VVol only.6 Data Protector supports the backup of encrypted VMs (non-ZDB mode only). Such VMs will be restored in an unencrypted manner. Advancedoperations such as Granular Recovery, Power On and Live Migrate are currently not supported. Encrypted VMs backup is not supported withvCenter 6.7, 6.7 U1, 6.7 U2. 6.7 U3, 7.07 VMware VVol (Virtual Volumes) is not supported.Table 4: Data Protector Virtual Environment Agent platform supportData Protector components Platforms Supported backup / mount proxy operating systemsVirtual Environment Agent(vStorage API support for Data Protection) •VMware vCloud Director 5.5.0 Windows Server 2008 (x64)Windows Server 2008 R2 (x64)Windows Server 2012 (x64)Virtual Environment Agent •H3C CAS 5.0(E0522, E0526 andE05503)Windows Server 2008 (x64) Windows Server 2008 R2 (x64) Windows Server 2012 (x64) Windows Server 2012 R2 (x64) RHEL 6, 7 (x64) Cent OS 6, 7(x64) SLES 11, 12 (x64)1 Data Protector supports guest operating systems that are supported by the respective operating system vendor and are supported as a guestoperating system by VMware.2 GPT disks are supported for Backup and Restore.3 Only Cent OS 7.5 (x64) is supported as a Backup Proxy host for Cached method.Table5: Granular Recovery Extension for VMware vSphereData Protector component VMware component Supported VMware versions Granular Recovery Extension forVMware vSphere Client (HTML5)VMware vCenter Server 6.5 U2, 6.5 U3, 6.7, 6.7 U1, 6.7 U2, 6.7 U3, 7.0Granular Recovery Extension forVMware vSphere Client (HTML5)VMware Server Appliance (VSA) 6.5 U2, 6.5 U3, 6.7, 6.7 U1, 6.7 U2, 6.7 U3, 7.01 For Cached GRE using Smart Cache, mount proxy and backup server should be the same host (for NAS devices).2 Granular recovery of data is supported for VMs hosted on vSAN datastores. vSAN versions 6.6.1 and 6.7 are supported for this operationData Protector supports the following virtualization application-specific features, which enable VSS snapshots for instantrecovery without an agent inside the VMs.Table 6: Microsoft Hyper-V Virtualization application integration supportVirtualization application Data Protector component Supported application componentsMicrosoft Hyper-V Server 2008,2008 R21,20121, 2012 R21, 20161, 20191Microsoft Volume ShadowCopy IntegrationVSS based snapshots of VMsMicrosoft Hyper-V Server 2008, 2008 R21Virtual Environment Agent VSS based snapshots of VMs (cluster aware) Microsoft Hyper-V Server 20121,3, 2012R21,3Virtual Environment Agent VSS based snapshots of VMs (cluster aware)Microsoft Hyper-V Server 20161,3Virtual Environment Agent VSS based snapshots of VMs (cluster aware) Microsoft Hyper-V Server 20191,2,3Virtual Environment Agent VSS based snapshots of VMs (cluster aware)1 Instant recovery for Hyper-V VSS snapshots is done using the SMIS-A agent.2 Restore to target storage path not supported due to known Microsoft Limitation3 Scale-Out File Server with cluster storage volume recommended by Microsoft for SMB on Hyper V ClusterTable 7: Supported configurations – HPE SimpliVity Storage1Integration Backup Restore Power On and Live Migrate GRE VMware 6.5, 6.5 U1 Supported Supported Supported Supported1. Supported HPE SimpliVity Storage version is 3.7.0 and aboveTable 8: Supported configurations – H3C CASIntegration Backup Restore Power On and Live Migrate GREH3C CAS 5.01,2Supported Supported Not Supported Not Supported1. Supported CAS Server versions are E0522, E0526 and E05502 E0550 supports only the Cached method. E0522 and E0526 supports only Non-Cached methodTable 9: Supported configurations – Red Hat KVM1Integration Backup Restore Power On and Live Migrate GREKVM 1.4.x Supported Supported Not Supported Not Supported1. This is a scripted solution which processes data using Filesystem Backup and Restore.Table 10: Supported configurations – Nutanix vCenterIntegration Backup Restore Power On and Live Migrate GRE Nutanix 5.10.1 LTS Supported Supported Not Supported Not SupportedTable 11: Supported configurations – Nutanix AHVIntegration Backup Restore Power On and Live Migrate GRE Nutanix 5.10.3 LTS Supported Supported Not Supported Supported21. This is a scripted solution (File-level, Image-level) which processes data using Filesystem/Raw-Image Backup and Restore.2 This is supported for virtual machines backed up using the File-level scripted solution3 Cell manager and backup proxy host must be Linux。

云计算HCIP模拟题（附参考答案）一、单选题（共60题，每题1分，共60分）1、FusionCompute 在勾选一致性快照后会保存当前虚拟机内存中的数据，在还原虚拟机时能还原虚拟机创建快照时的内存状态。

A、TRUEB、FALSE正确答案：A2、华为桌面云系统采用指纹认证模式时，指纹认证过程是由以下哪个对象完成认证的？A、WIB、ADC、HDCD、虚拟机正确答案：D3、关于 HDA 的描述，下面不正确的是？A、HDA 是一系列桌面连接服务代理。

B、每一个桌面虚拟机不是必须要安装 HDAC、HDA 是在制作模板时安装的。

D、与 HDA 交互的协议是 HDP 协议。

正确答案：B4、Fusi onAccess 修改文件重定向策略后，如何才能在用户虚拟机里生效？A、保存策略配置后立即生效B、重启 HDC 服务C、刷新 WI 页面D、断开重连用户虚拟机正确答案：D5、IDV 只能用特殊的终端，移动设备无法支持。

A、TRUEB、FALSE正确答案：A6、在 FusionCompute 中，在新添加主机上创建虚拟机时，无网络资源可选，可能的原因是以下哪一项？A、DVS 上没有端口组B、DVS 上没有 VLAN 池C、没有添加 DVS 到新添加主机的上行链路D、物理交换机故障正确答案：C7、客户端使用桌面时，桌面访问流量需要经过的组件单选是？A、HDCB、ITAC、WID、以上都不是正确答案：D8、以下哪项不属于华为桌面云系统的禁用操作？A、禁用 HDP 类服务B、在 FusionCompute 界面上删除虚拟机C、在虚拟机操作系统中更新补丁D、在桌面云中搭建 DHCP 服务器正确答案：C9、FusionCompute 虚拟机的精简磁盘配置采用以下哪一项磁盘技术？A、动态磁盘B、固态磁盘C、SSDD、差分磁盘正确答案：A10、以下哪一项不是 FusionCompute 可以提供的虚拟化资源？A、虚拟 CPUB、虚拟储存C、虚拟内存D、虚拟带库正确答案：D11、关于 AD 备份，下面描述不正确的是？A、需要在FusionAccess“系统管理>初始配置>域/0 U”中，将“是否开启备份”设置为“是”。

云计算HCIP试题及答案一、单选题（共52题，每题1分，共52分）1.组策略通过什么来进行设置？A、规则设置器B、组策略条例C、组策略对象D、筛选器正确答案：C2.华为桌面云系统中，虚拟机组与虚拟机类型的对应关系不可能是？A、虚拟机组（快速封装）-虚拟机类型（快速封装）B、虚拟机组（托管机）-虚拟机类型（托管机）C、虚拟机组（全内存）-虚拟机类型（全内存）D、虚拟机组（链接克隆）-虚拟机类型（链接克隆）正确答案：A3.关于 FusionAccess 软件重装恢复，下面描述不正确的是？A、ITA 组件和 WI 组件重装恢复的流程完全一致。

B、HDC 组件和 WI 组件重装恢复的流程完全一致。

C、vAG 组件重装恢复时，无需重启相应服务。

D、GaussDB 组件重装恢复后需要进行数据同步。

正确答案：B4.以下天于 NUMA 技术的描述，错误的是哪一顶？A、CPU 访问同 node 中内存速度最快，访问其他 Node 中内存性能较差B、开启 NUMA 后，虚拟机不可热迁移C、将 CPu 划分成不同的 Node，每个 Nlode 由一个或多个 CPU 组成，并且有独立的本地内存、1/0 等资源D、解决了多处理器系统中的可扩展性问题正确答案：B5.在 FusionAccess 中，管理员可以为虚拟机桌面配置策略，且策略发布后将立即生效。

A、TB、F正确答案：B6.当客户无外部时钟源，且 AD 由华为提供时，VRM 对应的 CNA节点为一级时钟源，在 FusionAcces 配置时钟源后，AD 作为二级时钟源将自动从第一时钟源同步时间，用户虚拟机及基础架构虚拟机自动从 AD 同步时间。

A、TRUEB、FALSE正确答案：A7.FusionCompute 中的存储资源对应的有IP-SAN、F C-SAN、NAS、FusionStorage 以及本地硬盘。

A、TRUEB、FALSE正确答案：B8.桌面云管理员不能通过 FusionAccess 做以下哪个操作？A、回收虚拟桌面B、发放虚拟桌面C、维护虚拟桌面D、制作虚拟桌面模板正确答案：D9.以下关于 IMC 功能的描述，正确的是哪一项？A、IMC 配置可以确保集群内的主机向虚拟机提供相同的 CPU 功能集，即使这些主机的实际 CPU 不同，也不会因 CPU 不兼容而导致迁移虚拟机失败B、如果在已设置 IMC 的集群中添加主机，则主机支持的 CPU 功能集必须等于或低于集群的 IMC 功能集。