New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Huawei H12-722_V3.0 Questions Answers

HCIP-Security-CSSN V3.0 Questions and Answers

Question 13

For SYIN Flood attacks, TCP source authentication and TCP proxy can be used for defense. Which of the following descriptions is correct?

Options:

A.

TCP proxy means that the firewall is deployed between the client and the server. When the SYI packet sent by the client to the server passes through the firewall, the

The firewall replaces the server and establishes a three-way handshake with the client. Generally used in scenarios where the back and forth paths of packets are inconsistent.

B.

During the TCP proxy process, the firewall will proxy and respond to each SYN message received, and maintain a semi-connection, so when the SYN message is

When the document flow is heavy, the performance requirements of the firewall are often high.

C.

TCP source authentication has the restriction that the return path must be consistent, so the application of TCP proxy is not common. State "QQ: 9233

D.

TCP source authentication is added to the whitelist after the source authentication of the client is passed, and the SYN packet of this source still needs to be verified in the future.

Question 14

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Question 15

Which of the following statement is correct about Policy Center system client function?

Options:

A.

NAC Agent support MAC account login.

B.

Web page login for authentication and can perform checks Strategy.

C.

Web Agent login for identity certification and security certification.

D.

NAC Agent cannot be installed on Windows Vista operating system.

Question 16

Regarding HTTP behavior, which of the following statements is wrong?

Options:

A.

HTTP POST is generally used to send information to the server through a web page, such as forum posting x form submission, username I password login.

B.

When the file upload operation is allowed, the alarm threshold and blocking threshold can be configured to control the size of the uploaded file.

C.

When the size of the uploaded or downloaded file and the size of the content of the POST operation reach the alarm threshold, the system will generate log information to prompt the device management

And block behavior.

D.

When the uploaded or downloaded file size, POST operation content size reaches the blocking threshold, the system will only block the uploaded or downloaded file, POST

operate.