Huawei H12-722_V3.0 Exam Practice Questions Answers

HCIP-Security-CSSN V3.0 Questions and Answers

Question 1

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

Options:

Direction is not enabled

The direction is turned on, but no specific direction is selected

The severity level of the configuration is too high

The protocol selection technique is correct

Question 2

Which of the following is the default port number of Portal authentication service?

Options:

1812

1813

50200

50300

Question 3

The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined

The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons

some?

Options:

The administrator has not set the time to vote every day from 9:00 to 18:00

The shopping website does not belong to the predefined shopping website category

The administrator did not submit the configuration after completing the configuration.

The administrator has not applied the URL pass-through configuration file to the security policy.

Question 4

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

Options:

Keywords contained in the content of the uploaded file

Keywords contained in the downloaded file

File type

File upload direction 335

Question 5

The anti-tampering technology of Huawei WAF products is based on the cache module. Suppose that when user A visits website B, website B has page tampering.

Signs: The workflow for the WAF tamper-proof module has the following steps:.

① WAF uses the pages in the cache to return to the client;

②WAF compares the watermark of the server page content with the page content in the cache

③Store the content of the page in the cache after learning

④ When the user accesses the Web page, the WAF obtains the page content of the server

⑤WAF starts the learning mode to learn the page content of the user's visit to the website;

For the ordering of these steps, which of the following options is correct?

Options:

③④②⑤①

⑤①②④③

②④①⑤③

⑤③④②①

Question 6

After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

Options:

True

False.

Question 7

The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.

The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.

Which of the following statements is correct

Options:

The files obtained by users from website A and website B will be sent to the inspection node for inspection.

When a user visits website B, although the firewall will extract the file and send it to the detection node, the user can still access normally during the detection process

Site B.

After the detection node detects the suspicious file, it not only informs the firewall in the figure of the result, but also informs other network devices connected to it.

Assuming that website A is an unknown website, the administrator cannot detect the traffic file of this website sC

Question 8

Which of the following is not an abnormal situation of the file type recognition result?

Options:

The file extension does not match.

Unrecognized file type

File corruption

The file is compressed

Question 9

For the basic mode of HTTP Flood source authentication, which of the following options are correct? (multiple choice)

Options:

The basic mode can effectively block the access from the Feng Explor client.

The bot tool does not implement a complete HTTP protocol stack and does not support automatic redirection, so the basic mode can effectively defend against HTTP Flood attacks.

hit.

When there is an HTTP proxy server in the network, the firewall will add the IP address of the proxy server to the whitelist, but it will recognize the basic source of the zombie host.

The certificate is still valid.

The basic mode will not affect the user experience, so the defense effect is higher than the enhanced mode.

Question 10

When configuring the URL filtering configuration file, is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

Options:

Users can visit www.videobt.com website.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

User cannot access all the sites ending with bt com.

When users visit www.bt. com, they will be blocked.

Question 11

When the Anti DDoS system finds the attack flow, the state will redirect the attack flow to the cleaning device. After the cleaning device is cleaned, it will flow back.

Note to the original link, which of the following options does not belong to the method of re-injection?

Options:

Policy routing back annotation,

GRE back note:

MPLS LSP back injection

BGP back-annotation

Question 12

Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

Options:

Infrastructure security

Tenant security

How to do a good job in management, operation and maintenance

Hardware maintenance

Question 13

For SYIN Flood attacks, TCP source authentication and TCP proxy can be used for defense. Which of the following descriptions is correct?

Options:

TCP proxy means that the firewall is deployed between the client and the server. When the SYI packet sent by the client to the server passes through the firewall, the

The firewall replaces the server and establishes a three-way handshake with the client. Generally used in scenarios where the back and forth paths of packets are inconsistent.

During the TCP proxy process, the firewall will proxy and respond to each SYN message received, and maintain a semi-connection, so when the SYN message is

When the document flow is heavy, the performance requirements of the firewall are often high.

TCP source authentication has the restriction that the return path must be consistent, so the application of TCP proxy is not common. State "QQ: 9233

TCP source authentication is added to the whitelist after the source authentication of the client is passed, and the SYN packet of this source still needs to be verified in the future.

Question 14

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:

After the file decompression fails, the file will still be filtered. .

The application identification module can identify the type of application that carries the file.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Question 15

Which of the following statement is correct about Policy Center system client function?

Options:

NAC Agent support MAC account login.

Web page login for authentication and can perform checks Strategy.

Web Agent login for identity certification and security certification.

NAC Agent cannot be installed on Windows Vista operating system.

Question 16

Regarding HTTP behavior, which of the following statements is wrong?

Options:

HTTP POST is generally used to send information to the server through a web page, such as forum posting x form submission, username I password login.

When the file upload operation is allowed, the alarm threshold and blocking threshold can be configured to control the size of the uploaded file.

When the size of the uploaded or downloaded file and the size of the content of the POST operation reach the alarm threshold, the system will generate log information to prompt the device management

And block behavior.

When the uploaded or downloaded file size, POST operation content size reaches the blocking threshold, the system will only block the uploaded or downloaded file, POST

operate.

Question 17

Regarding the anti-spam response code, which of the following statements is wrong?

Options:

The response code will vary depending on the RBL service provider.

155955cc-666171a2-20fac832-0c042c046

USG treats mails that match the answer code as spam.

If the response code is not returned or the response code is not configured on the USG, the mail is released.

The response code is specified as 127.0.0.1 in the second system.

Question 18

Which of the following options is not a defense against HTTP Flood attacks?

Options:

HTTP Flood source authentication

HTTP source statistics

URI source fingerprint learning function

Baseline learning

Question 19

Which of the following elements does PDCA include? (Choose 3 answers)

Options:

Plan

Implementation

termination

Monitoring

Question 20

URL filtering technology can perform URL access control on users according to different time objects and address objects to achieve precise management of users.

The purpose of the Internet behavior.

Options:

True

False

Question 21

Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?

1. The Netflow analysis device samples the current network flow;

2. Send a drainage command to the cleaning center;

3. Discover the DDoS attack stream;

4.Netior: analysis equipment sends alarms to ATIC management center

5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;

6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage

7. The cleaning log is sent to the management center to generate a report;

8. The cleaned traffic is sent to the original destination server.

Options:

1-3-4-2-5-6-7-8

1-3-2-4-6-5-7-8

1-3-4-2-6-5-8-7

1-3-24-6-5-8-7

Question 22

The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

Options:

Prefix matching

Suffix matching

155955cc-666171a2-20fac832-0c042c043

Keyword matching

Exact match

Question 23

Fage attack means that the original address and target address of TOP are both set to the IP address of a certain victim. This behavior will cause the victim to report to it.

SYN-ACK message is sent from the address, and this address sends back an ACK message and creates an empty connection, which causes the system resource board to occupy or target

The host crashed.

Options:

True

False

Question 24

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

Options:

SACG and IP address 2.1.1.1 server linkage is not successful

SACG linkage success with controller.

master controller IP address is 1.1.1.2.

master controller IP address is 2.1.1.1.

Question 25

For full encryption registered mobile storage devices must be formatted to normal use in not installed NAC client terminal host.

Options:

TRUE

FALSE

Question 26

Which is correct about the following Policy Center troubleshooting process?

Options:

Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

Question 27

Which of the following descriptions about viruses and Trojans are correct? (multiple choices)

Options:

Viruses are triggered by computer users

Viruses can replicate themselves

Trojan horses are triggered by computer users

Trojans can replicate themselves

Question 28

SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

Options:

③④①②

③④②①

④①②③

④②①③

Question 29

Which of the following options belong to the network layer attack of the TCP/IP protocol stack? (multiple choice)

Options:

Address scanning

Buffer overflow p

Port scan

IP spoofing

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Huawei H12-722_V3.0 Dumps

HCIP-Security-CSSN V3.0 Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: