Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

H12-722_V3.0 Exam Dumps - HCIP-Security-CSSN V3.0

Question # 4

Which is correct about the following Policy Center troubleshooting process?

A.

Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

B.

connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

C.

Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

D.

hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

Full Access
Question # 5

An enterprise has 3 server, which is the most reasonable plan when deploy Policy Center system

planning?

A.

manager + controller + FTP + witness database, controller + master database + FTP, controller + mirror database+ FTP

B.

manager + controller + FTP + master database, controller + FTP + witness database, controller + FTP

+ mirror database

C.

manager + controller + FTP + mirror database, controller + FTP + witness database, controller + FTP +

master database

D.

manager + controller + FTP, controller + FTP + witness databases, controller + FTP + master database

Full Access
Question # 6

What are the typical technologies of anti-virus engines (multiple choice)

A.

First package detection technology

B.

Heuristic detection technology

C.

Decryption technology

D.

File reputation detection technology 5

Full Access
Question # 7

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

A.

True

B.

False

Full Access
Question # 8

Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

A.

True

B.

False

Full Access
Question # 9

When the license of Huawei USG6000 product expires, the RBL function will be unavailable, and users can only use the local black and white list to filter junk mail.

155955cc-666171a2-20fac832-0c042c0435

A.

True

B.

False

Full Access
Question # 10

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Full Access
Question # 11

The status code in the HTTP response message indicates the type of the response message, and there are many possible values. Which of the following status codes represents the client request

The resource does not exist?

A.

400.

B.

404

C.

200

D.

503

Full Access
Question # 12

If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses

It is the stream scanning method.

A.

True

B.

False

Full Access
Question # 13

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

A.

Direction is not enabled

B.

The direction is turned on, but no specific direction is selected

C.

The severity level of the configuration is too high

D.

The protocol selection technique is correct

Full Access
Question # 14

Content filtering is a security mechanism for filtering the content of files or applications through Huawei USCG00 products. Focus on the flow through deep recognition

Contains content, the device can block or alert traffic containing specific keywords.

A.

True

B.

False

Full Access
Question # 15

Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice)

A.

File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent

Prevent employees from leaking company confidential documents to the Internet.

B.

Content filtering can prevent the disclosure of confidential information and the transmission of illegal information

C.

The application behavior control function can finely control common HTTP behaviors and FTP behaviors.

D.

Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails.

Full Access
Question # 16

Threats detected by the big data intelligent security analysis platform will be synchronized to each network device at the same time C and then collected from the network device

Collect it in the log for continuous learning and optimization.

A.

True

155955cc-666171a2-20fac832-0c042c0433

B.

False

Full Access
Question # 17

An enterprise administrator configures a Web reputation website in the form of a domain name, and configures the domain name as www. abc; example. com. .

Which of the following is the entry that the firewall will match when looking up the website URL?

A.

example

B.

www. abc. example. com

C.

www.abc. example

D.

example. com

Full Access
Question # 18

IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.

Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

A.

IPS is an intrusion detection system that can block real-time intrusions when found

B.

IPS unifies IDS and firewall

C.

IPS must use bypass deployment in the network

D.

Common IPS deployment modes are in-line deployment,

Full Access
Question # 19

The anti-tampering technology of Huawei WAF products is based on the cache module. Suppose that when user A visits website B, website B has page tampering.

Signs: The workflow for the WAF tamper-proof module has the following steps:.

â‘  WAF uses the pages in the cache to return to the client;

â‘¡WAF compares the watermark of the server page content with the page content in the cache

â‘¢Store the content of the page in the cache after learning

â‘£ When the user accesses the Web page, the WAF obtains the page content of the server

⑤WAF starts the learning mode to learn the page content of the user's visit to the website;

For the ordering of these steps, which of the following options is correct?

A.

③④②⑤①

B.

⑤①②④③

C.

②④①⑤③

D.

⑤③④②①

Full Access
Question # 20

The processing flow of IPS has the following steps;

1. Reorganize application data

2. Match the signature

3. Message processing

4. Protocol identification

Which of the following is the correct order of the processing flow?

A.

4-1-2-3

B.

1-4-2-3

C.

1-3-2-4

D.

2-4-1-3:

Full Access
Question # 21

Regarding the description of intrusion detection technology, which of the following statements is correct?

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

Full Access
Question # 22

Which of the following are the control items of HTTP behavior?) (multiple choice)

A.

POST operation

B.

Browse the web

C.

Acting online

D.

File upload and download

Full Access
Question # 23

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

A.

display version av-sdb

B.

display utm av version

C.

display av utm version

D.

display utm version

Full Access
Question # 24

Regarding worms and viruses, which of the following statements is correct?

A.

Worms exist in a parasitic way

155955cc-666171a2-20fac832-0c042c0413

B.

Viruses mainly rely on system vulnerabilities to spread

C.

The target of the worm infection is other computer systems on the network.

D.

The virus exists independently in the computer system.

Full Access
Question # 25

Regarding the processing flow of file filtering, which of the following statements is wrong?

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Full Access
Question # 26

Regarding the anti-spam local black and white list, which of the following statements is wrong?

A.

The black and white list is matched by extracting the destination IP address of the SMTP connection

B.

The black and white list is matched by the sender's dns suffix

C.

The black and white list is matched by extracting the source IP address of the SMTP connection

155955cc-666171a2-20fac832-0c042c0419

D.

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

Full Access
Question # 27

Which of the following options describes the IntelliSense engine IAE incorrectly?

A.

lAE's content security detection functions include application identification and perception, intrusion prevention, and Web application security.

B.

Full English name: intelligent Awareness Engine.

C.

The core of C.IAE is to organically centralize all content security-related detection functions.

D.

The security detection of the IAE engine is parallel, using a message-based file processing mechanism, which can receive file fragments and perform security checks.

Full Access
Question # 28

For compressed files, the virus detection system can directly detect them.

A.

True

B.

False

Full Access
Question # 29

Which of the following statements about IPS is wrong?

A.

The priority of the coverage signature is higher than that of the signature in the signature set.

B.

When the "source security zone" is the same as the "destination security zone", it means that the IPS policy is applied in the domain.

C.

Modifications to the PS policy will not take effect immediately. You need to submit a compilation to update the configuration of the IPS policy.

D.

The signature set can contain either predefined signatures or custom signatures. 832335

Full Access