Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
Huawei
HCIP-Security
H12-722_V3.0
HCIP-Security-CSSN V3.0 Questions and Answers

Pass the Huawei HCIP-Security H12-722_V3.0 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam H12-722_V3.0 Premium Access

View all detail and faqs for the H12-722_V3.0 exam

Go to Exam

701 Students Passed

88% Average Score

90% Same Questions

Viewing page 3 out of 6 pages

Viewing questions 21-30 out of questions

Questions # 21:

Regarding HTTP behavior, which of the following statements is wrong?

Options:

HTTP POST is generally used to send information to the server through a web page, such as forum posting x form submission, username I password login.

When the file upload operation is allowed, the alarm threshold and blocking threshold can be configured to control the size of the uploaded file.

When the size of the uploaded or downloaded file and the size of the content of the POST operation reach the alarm threshold, the system will generate log information to prompt the device management

And block behavior.

When the uploaded or downloaded file size, POST operation content size reaches the blocking threshold, the system will only block the uploaded or downloaded file, POST

operate.

Answer

Questions # 22:

Regarding scanning and snooping attacks, which of the following descriptions is wrong?

Options:

Scanning attacks include address scanning and port scanning.

It is usually the network detection behavior before the attacker launches the real attack.

155955cc-666171a2-20fac832-0c042c0424

The source address of the scanning attack is real, so it can be defended by adding direct assistance to the blacklist.

When a worm virus breaks out, it is usually accompanied by an address scanning attack, so scanning attacks are offensive.

Answer

Questions # 23:

Network attacks are mainly divided into two categories: single-packet attacks and streaming attacks. Single-packet attacks include scanning and snooping attacks, malformed packet attacks, and special reports.

Wen attack.

Options:

True

False

Answer

Questions # 24:

The user needs of a university are as follows:

1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.

2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.

3. At the same time, some pornographic websites in the student area are prohibited.

The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

155955cc-666171a2-20fac832-0c042c0415

Options:

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Answer

A, C, D

Questions # 25:

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

DF bit is 0, and Fragment Offset + Length> 65535.

The DF bit is 1, and Fragment Ofset + Length <65535.

Answer

A, C

Questions # 26:

Which of the following options does not belong to the security risk of the application layer of the TCP/IP protocol stack?

Options:

Virus

Buffer overflow ρ

System vulnerabilities

Port scan

Answer

Questions # 27:

Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice)

Options:

File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent

Prevent employees from leaking company confidential documents to the Internet.

Content filtering can prevent the disclosure of confidential information and the transmission of illegal information

The application behavior control function can finely control common HTTP behaviors and FTP behaviors.

Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails.

Answer

A, B, C, D

Questions # 28:

Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Options:

Rely on state detection technology and protocol analysis technology

The performance is higher than the agent-based method

The cost is smaller than the agent-based approach

The detection rate is higher than the proxy-based scanning method

Answer

Questions # 29:

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Options:

True

False

Answer

Questions # 30:

Huawei's USG000 product can identify the true type of common files and over-check the content. Even if the file is hidden in a compressed file, or change the extension

The name of the exhibition can't escape the fiery eyes of the firewall.