New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Huawei H12-722 Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) Exam Practice Test

Demo: 26 questions
Total 177 questions

Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) Questions and Answers

Question 1

IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.

Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

Options:

A.

IPS is an intrusion detection system that can block real-time intrusions when found

B.

IPS unifies IDS and firewall

C.

IPS must use bypass deployment in the network

D.

Common IPS deployment modes are in-line deployment,

Question 2

Regarding the 3 abnormal situations of the file type recognition result, which of the following option descriptions is wrong?

Options:

A.

File extension mismatch means that the file type is inconsistent with the file extension.

B.

Unrecognized file type means that the file type cannot be recognized and there is no file extension.

C.

File damage means that the file type cannot be identified because the file is damaged.

D.

Unrecognized file type means that the file type cannot be recognized, and the file extension cannot be recognized.

Question 3

Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice)

Options:

A.

Local upgrade

B.

Manual upgrade

C.

Online upgrade

D.

Automatic upgrade

Question 4

The administrator has defined two key words that need to be recognized on the firewall: the weight of the keyword x is 2, and the weight of the key y is 3: defined

The alarm interval value from the content is 5, and the blocking threshold value is 10. If the device detects that there is a secondary key space x in the webpage created by the user, the two keywords are

Y; Regarding the weight value and monthly household visits to Heshun Street, is the following statement correct?

Options:

A.

The weight value is 8, you can visit the web page

B.

The weight value is 10, and the page cannot be accessed

C.

The weight value is 8, the page cannot be accessed

D.

The weight value is 10, you can ask the web page before

Question 5

In the deployment of Huawei NIP6000 products, only port mirroring can be used for streaming replication.

Options:

A.

True

B.

False

Question 6

For the description of the Anti DDOS system, which of the following options is correct? C

Options:

A.

The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.

User network, send to the real destination.

B.

The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.

View in categories and generate reports.

C.

The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to

The management center makes a judgment.

D.

The firewall can only be used for inspection equipment

Question 7

Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system

If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)

Options:

A.

Host

B.

A group of users

C.

Single user

D.

A key program and file in the system

Question 8

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

Options:

A.

3->1->4->2->5

B.

3->2->4->1->5

C.

3->2->1->4->5

D.

3->1->2->4->5

Question 9

Which of the following options belong to the keyword matching mode? (multiple choice)

Options:

A.

Text

B.

Regular expressions

C.

Community word

D.

Custom keywords

Question 10

After enabling the IP policy, some services are found to be unavailable. Which of the following may be caused by? (multiple choice)

Options:

A.

Only packets in one direction pass through the firewall

B.

The same message passes through the firewall multiple times

C.

IPS underreporting

D.

Excessive traffic causes the Bypass function to be enabled

Question 11

For the description of URPF technology, which of the following options are correct? (multiple choice)

Options:

A.

The main function is to prevent network attacks based on source address spoofing.

B.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

C.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

D.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

Question 12

Information security is the protection of information and information systems to prevent unauthorized access, use, leakage, interruption, modification, damage, and to improve

For confidentiality, integrity and availability. ,

Options:

A.

True

B.

False

Question 13

Due to differences in network environment and system security strategies, intrusion detection systems are also different in specific implementation. From the perspective of system composition, the main

Which four major components are included?

Options:

A.

Event extraction, intrusion analysis, reverse intrusion and remote management.

B.

Incident extraction, intrusion analysis, intrusion response and on-site management.

C.

Incident recording, intrusion analysis, intrusion response and remote management.

D.

Incident extraction, intrusion analysis, intrusion response and remote management.

Question 14

When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

Options:

A.

True

B.

False

Question 15

When a virus is detected in an email, which of the following is not the corresponding action for detection?

Options:

A.

Warning

B.

Block

C.

Declare

D.

Delete attachments

Question 16

The anti-virus feature configured on the Huawei USG6000 product does not take effect. Which of the following are the possible reasons? (multiple choice)

Options:

A.

The security policy does not reference the anti-virus configuration file.

B.

The anti-virus configuration file is configured incorrectly.

C.

The virus signature database version is older.

D.

No virus exceptions are configured.

Question 17

Huawei NIP6000 products provide carrier-class high-reliability mechanisms from multiple levels to ensure the stable operation of equipment.

Which of the following options belong to the network reliability? (multiple choice)

Options:

A.

Dual machine hot backup

B.

Power supply. 1+1 redundant backup

C.

Hardware Bypass

D.

Link-group

Question 18

Which of the following options are common behavioral characteristics of viruses? (multiple choices)

Options:

A.

Download and backdoor features

B.

Information collection characteristics

C.

Self-hidden features

D.

Network attack characteristics

Question 19

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Options:

A.

Planting malware

B.

Vulnerability attack

C.

Web application attacks

D.

Brute force

Question 20

There are several steps in a stored XSS attack

①The attacker hijacks the user session

②The attacker submits an issue containing known JavaScript

③User login

④The user requests the attacker's question 5

⑤The server responds to the attacker’s JavaScript

⑥ The user's browser sends a session token to the attacker

⑦The attacker's JavaScript is executed in the user's browser

For the ordering of these steps, which of the following options is correct?

Options:

A.

③②⑦⑥④⑤①

B.

③②④⑤⑦⑥①

C.

③②④⑥⑤⑦①

155955cc-666171a2-20fac832-0c042c0428

D.

⑧②⑤⑦④⑥①

Question 21

Which of the following is not an abnormal situation of the file type recognition result?

Options:

A.

The file extension does not match.

B.

Unrecognized file type

C.

File corruption

D.

The file is compressed

Question 22

Among the following options, which attack is a malformed packet attack based on the TCR protocol?

Options:

A.

Teardrop attack

B.

Ping of Death attack

C.

IP Spoofng attack

D.

Land attack

Question 23

When the license of Huawei USG6000 product expires, the RBL function will be unavailable, and users can only use the local black and white list to filter junk mail.

155955cc-666171a2-20fac832-0c042c0435

Options:

A.

True

B.

False

Question 24

Which of the following options are correct for the configuration description of the management center ATIC? (multiple choice)

Options:

A.

The drainage task needs to be configured on the management center, and when an attack is discovered, it will be issued to the cleaning center.

B.

It is necessary to configure the protection object on the management center to guide the abnormal access flow in etpa

C.

Port mirroring needs to be configured on the management center to monitor abnormal traffic.

155955cc-666171a2-20fac832-0c042c0411

D.

The reinjection strategy needs to be configured on the management center to guide the flow after cleaning. Q:

Question 25

In order to protect the security of data transmission, more and more websites or companies choose to use SSL to encrypt transmissions in the stream. About using Huawei NIP6000

The product performs threat detection on (SSL stream boy, which of the following statements is correct?

Options:

A.

NIP0OO does not support SSL Threat Detection.

B.

The traffic after threat detection is sent directly to the server without encryption

C.

NIP can directly crack and detect SSL encryption.

D.

After the process of "decryption", "threat detection", and "encryption"

Question 26

Regarding the anti-spam local black and white list, which of the following statements is wrong?

Options:

A.

The black and white list is matched by extracting the destination IP address of the SMTP connection

B.

The black and white list is matched by the sender's dns suffix

C.

The black and white list is matched by extracting the source IP address of the SMTP connection

155955cc-666171a2-20fac832-0c042c0419

D.

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

Demo: 26 questions
Total 177 questions