最新的Huawei H12-722-ENU免費考試真題

問題1

To protect the security of data transmission, more and more websites or companies choose to encrypt traffic through SSL.
Which of the following statements is true about the threat detection of SSL traffic using Huawei NIP6000?

A. NIP000 does not support SSL traffic threat detection.

B. Threat-detected traffic is sent directly to the server without encryption.

C. Processes such as "decryption," "threat detection," and "encryption."

D. NIP can directly crack and detect SSL encryption.

正確答案: C

問題2

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

A. display utm av version

B. display utm version

C. display version av-sdb

D. display av utm version

正確答案: C

問題3

Which of the following is correct about the order of the file filtering technology process?
(1) Security policy application is permit
(2) Protocol decoding
(3) File Type Identification
(4) Application identification
(5) File Filtering

A. (1) (3) (2) (4) (5)

B. (1) (2) (4) (3) (5)

C. (1) (4) (2) (3) (5)

D. (1) (2) (3) (4) (5)

正確答案: C

問題4

Which of the following statement is wrong about a network intrusion detection system (NIDS)?

A. Real-time monitoring through network adapters and analysis of all communication traffic through the network;

B. Use newly received network packets as a data source;

C. Used to monitor network traffic and can be deployed independently.

D. Mainly used for real-time monitoring of critical network path information, listening to all packets on the network, collecting data, and analyzing suspicious objects

正確答案: B

問題5

For the Huawei USG6000 product, which of the following statements about mail filtering configuration is correct?

A. You can control the size of the attachments that receive mail

B. Cannot control the number of incoming email attachments

C. Unable to filter incoming mail for keyword.

D. When the processing actions and alarms for spam emails are blocked, the emails will be blocked and an alarm will be generated.

正確答案: A

問題6

AntiDDoS 7-layer defense works from the interface-based defense, global-based defense, and defense-based defense dimension.

A. False

B. True

正確答案: B

問題7

When you suspect that the corporate network is being attacked by hackers, you have conducted technical investigations.
Which of the following options does not belong to the pre-attack behavior?

A. Planting Malware

B. Web Application attack

C. Loophole attack

D. Brute force cracking

正確答案: A

問題8

Which of the following are true about the description of keywords? (Multiple Choices)

A. Keywords are content that the device needs to recognize when content is filtered.

B. Custom keywords can only be defined in text mode.

C. Keywords include predefined keywords and custom keywords.

D. The minimum length of a keyword that a text can match is 2 bytes.

正確答案: A,C

問題9

Which of the following attack types is DDoS attack?

A. Snooping scanning attack

B. Malformed packet attack

C. Traffic attack

D. Single package attack

正確答案: C

問題10

Which of the following statements is wrong about HTTP behavior?

A. HTTP POST is generally used to send information to the server through a web page, such as forum posting, form submission, username/password login.

B. When the size of the uploaded or downloaded file or the size of the POST operation reaches the alarm threshold, the system generates log information to prompt the device administrator and block the action.

C. When the size of the uploaded or downloaded file or the size of the POST operation reaches the blocking threshold, the system will only block uploads or subsequent file and POST operations.

D. When the file upload operation is allowed, alarm thresholds and blocking thresholds can be configured to control the uploaded file size.

正確答案: C

問題11

Which of the following are the keyword matching patterns? (Multiple Choice)

A. Custom Keywords

B. Community word

C. Text

D. Regular expressions

正確答案: C,D

問題12

Which of the following is correct configuration strategy for anti-virus policy?
1. Load feature library
2. Configure security policy and reference AV profile
3. Apply and activate license
4. Configure AV Profile
5. Submit

A. 3 -> 1 -> 2 -> 4 -> 5

B. 3 -> 2 -> 1 -> 4 -> 5

C. 3 -> 1 -> 4 -> 2 -> 5

D. 3 -> 2 -> 4 -> 1 -> 5

正確答案: C

問題13

The cloud sandbox refers to deploying the sandbox to the cloud and providing tenants with remote detection services. The process includes:
1. Report suspicious files
2. Backtracking attacks
3. Firewall defense linkage
4. Cloud sandbox detection
Which of the following option is correct for the sorting of this process?

A. 1-4-2-3

B. 3-1-4-2

C. 1-3-4-2

D. 1-4-3-2

正確答案: D

問題14

Misuse detection discovers intrusion activity in system by detecting similar behaviors of user intrusions, or by detecting violations of system security rules indirectly by exploiting system flaws.
Which of the following is not misuse detection feature?

A. Easy to implement

B. Accurate detection

C. Effective detection of impersonation of legitimate users

D. Easy to upgrade

正確答案: C

問題15

Which of the following options does not belong to packet message attack?

A. Tracert packet attacks

B. Large ICMP packet attacks

C. IP fragmentation packet attacks

D. ICMP redirect packet attack

正確答案: C

最新的Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) - H12-722-ENU免費考試真題

聯系我們

站內鏈接

最新更新