New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Huawei H12-722 Dumps Questions Answers

Page: 1 / 7
Total 177 questions

Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) Questions and Answers

Question 1

Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

Options:

A.

True

B.

False

Buy Now
Question 2

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

Options:

A.

Direction is not enabled

B.

The direction is turned on, but no specific direction is selected

C.

The severity level of the configuration is too high

D.

The protocol selection technique is correct

Question 3

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Options:

A.

Planting malware

B.

Vulnerability attack

C.

Web application attacks

D.

Brute force

Question 4

For compressed files, the virus detection system can directly detect them.

Options:

A.

True

B.

False

Question 5

Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black

Whitelist and other configuration files.

A True

B. False

Options:

Question 6

There are several steps in a stored XSS attack

①The attacker hijacks the user session

②The attacker submits an issue containing known JavaScript

③User login

④The user requests the attacker's question 5

⑤The server responds to the attacker’s JavaScript

⑥ The user's browser sends a session token to the attacker

⑦The attacker's JavaScript is executed in the user's browser

For the ordering of these steps, which of the following options is correct?

Options:

A.

③②⑦⑥④⑤①

B.

③②④⑤⑦⑥①

C.

③②④⑥⑤⑦①

155955cc-666171a2-20fac832-0c042c0428

D.

⑧②⑤⑦④⑥①

Question 7

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:

A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Question 8

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Options:

A.

True

B.

False

Question 9

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

Options:

A.

The action of signing iD3000 is an alarm

B.

The action of signing ID3000 is to block

C.

Unable to determine the action of signature ID3000

D.

The signature set is not related to the coverage signature

Question 10

For the description of the Anti DDOS system, which of the following options is correct? C

Options:

A.

The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.

User network, send to the real destination.

B.

The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.

View in categories and generate reports.

C.

The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to

The management center makes a judgment.

D.

The firewall can only be used for inspection equipment

Question 11

Which of the following features does Huawei NIP intrusion prevention equipment support? (multiple choice)

Options:

A.

Virtual patch

B.

Mail detection

C.

SSL traffic detection

D.

Application identification and control

Question 12

The administrator has configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not allowed Can the reason?

Options:

A.

The file filtering configuration file is not referenced in the security policy

B.

File filtering configuration file is incorrect

C.

License is not activated.

D.

The action configuration of the file extension does not match is incorrect

Question 13

If a company wants to detect image files, Shellcode code files and PDF files, which of the following types of sandboxes can be used? (More

155955cc-666171a2-20fac832-0c042c0420

select)

Options:

A.

PDF heuristic sandbox

ja$

B.

PE heuristic sandbox

C.

Web heuristic sandbox

D.

Heavyweight sandbox (virtual execution)

Question 14

Anti-DDoS defense system includes: management center, detection center and cleaning center.

Options:

A.

True

155955cc-666171a2-20fac832-0c042c0421

B.

False

Question 15

Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

Options:

A.

Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.

B.

When a POP3 message is detected, if it is judged to be an illegal email, the firewall's response action only supports sending alarm information, and will not block the email o

C.

When an IMAP message is detected, if it is judged to be an illegal email; the firewall's response action only supports sending alarm messages and will not block the email.

D.

The attachment size limit is for a single attachment, not for the total size of all attachments.

Question 16

When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

Options:

A.

True

B.

False

Question 17

Regarding the global configuration of file filtering configuration files for Huawei USG6000 products, which of the following descriptions is correct?

Options:

A.

File filtering, content filtering and anti-virus detection cannot be performed when the file is damaged. At this time, the documents can be released or blocked according to business requirements.

B.

When the file extension does not match, if the action is "Allow" or "Alarm", file filtering, content filtering and anti-virus are performed according to the file type

Detection.

C.

When the number of compression layers of a file is greater than the configured "Maximum Decompression Layers", the firewall cannot filter the file.

D.

When the file type cannot be recognized, file filtering, content filtering and anti-virus detection are not performed.

Question 18

Regarding the anti-spam response code, which of the following statements is wrong?

Options:

A.

The response code will vary depending on the RBL service provider.

155955cc-666171a2-20fac832-0c042c046

B.

USG treats mails that match the answer code as spam.

C.

If the response code is not returned or the response code is not configured on the USG, the mail is released.

D.

The response code is specified as 127.0.0.1 in the second system.

Question 19

The application behavior control configuration file takes effect immediately after being referenced, without configuration submission.

Options:

A.

True

B.

False

Question 20

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

Options:

A.

True

B.

False

Question 21

Which of the following threats cannot be detected by IPS?

Options:

A.

Virus

B.

Worms

C.

Spam

D.

DoS

Question 22

The anti-tampering technology of Huawei WAF products is based on the cache module. Suppose that when user A visits website B, website B has page tampering.

Signs: The workflow for the WAF tamper-proof module has the following steps:.

① WAF uses the pages in the cache to return to the client;

②WAF compares the watermark of the server page content with the page content in the cache

③Store the content of the page in the cache after learning

④ When the user accesses the Web page, the WAF obtains the page content of the server

⑤WAF starts the learning mode to learn the page content of the user's visit to the website;

For the ordering of these steps, which of the following options is correct?

Options:

A.

③④②⑤①

B.

⑤①②④③

C.

②④①⑤③

D.

⑤③④②①

Question 23

The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide

Analyze the suspicious object, which of the following options are its main features? (multiple choices)

Options:

A.

Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so

Not vulnerable to attack.

B.

The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

C.

Need a lot of monitors.

D.

It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.

Question 24

Which of the following are typical intrusions? "Multiple choice)

Options:

A.

Computer is infected by U disk virus

B.

Abnormal power interruption in the computer room

C.

Tampering with Web pages

D.

Copy/view sensitive data

Question 25

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Question 26

The anti-virus feature configured on the Huawei USG6000 product does not take effect. Which of the following are the possible reasons? (multiple choice)

Options:

A.

The security policy does not reference the anti-virus configuration file.

B.

The anti-virus configuration file is configured incorrectly.

C.

The virus signature database version is older.

D.

No virus exceptions are configured.

Page: 1 / 7
Total 177 questions