최신Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) - H12-722무료샘플문제
문제1
UDP is a connectionless protocol. A large number of UDP flood attacks cause the performance of network devices that rely on session forwarding to be degraded and even the session table is exhausted, causing network congestion.
Which of the following options does not prevent UDP flood attacks?
UDP is a connectionless protocol. A large number of UDP flood attacks cause the performance of network devices that rely on session forwarding to be degraded and even the session table is exhausted, causing network congestion.
Which of the following options does not prevent UDP flood attacks?
정답: B
문제2
Which of the following statements is wrong about Huawei anti-virus technology?
Which of the following statements is wrong about Huawei anti-virus technology?
정답: C
문제3
About the description of the file filtering technology in the USG6000, which statement is wrong?
About the description of the file filtering technology in the USG6000, which statement is wrong?
정답: A
문제4
The anti-tampering technology of Huawei WAF products is based on the cache module. Assuming that user A accesses website B, website B has signs of page tampering. The workflow of the WAF tamper-resistant module has the following steps:
1, WAF uses the cached page to return to the client
2, WAF compares the server page content with the cached page content
3, After the learning is completed, the page content is stored in the cache
4, When the user accesses the web page, the WAF obtains the page content of the server
5, WAF initiates learning mode to learn the page content of the user visiting the website
Which of the following options is correct for the ordering of these steps?
The anti-tampering technology of Huawei WAF products is based on the cache module. Assuming that user A accesses website B, website B has signs of page tampering. The workflow of the WAF tamper-resistant module has the following steps:
1, WAF uses the cached page to return to the client
2, WAF compares the server page content with the cached page content
3, After the learning is completed, the page content is stored in the cache
4, When the user accesses the web page, the WAF obtains the page content of the server
5, WAF initiates learning mode to learn the page content of the user visiting the website
Which of the following options is correct for the ordering of these steps?
정답: A
문제5
The administrator configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not possible?
The administrator configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not possible?
정답: B
문제6
Huawei USG6000 product can virus scan and process certain file transfer protocols, but which of the following protocol does not include?
Huawei USG6000 product can virus scan and process certain file transfer protocols, but which of the following protocol does not include?
정답: C
문제7
Misuse detection discovers intrusion activity in system by detecting similar behaviors of user intrusions, or by detecting violations of system security rules indirectly by exploiting system flaws.
Which of the following is not misuse detection feature?
Misuse detection discovers intrusion activity in system by detecting similar behaviors of user intrusions, or by detecting violations of system security rules indirectly by exploiting system flaws.
Which of the following is not misuse detection feature?
정답: A
문제8
The configuration commands for enabling the attack defense function are as follows:
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic-fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[FW] anti-ddos http-flood source-detect mode basic
Which of the following are the correct descriptions of the attack prevention configuration? (Multiple Choices)
The configuration commands for enabling the attack defense function are as follows:
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic-fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[FW] anti-ddos http-flood source-detect mode basic
Which of the following are the correct descriptions of the attack prevention configuration? (Multiple Choices)
정답: B,D
문제9
The RBL black and white list query result on the firewall is as follows:

Based on the above information, which of the following statements is correct? (Multiple choices)
The RBL black and white list query result on the firewall is as follows:

Based on the above information, which of the following statements is correct? (Multiple choices)
정답: B,C
문제10
Which of the following are the possible causes for the failure to include a signature after the IPS policy is configured? (Multiple choices)
Which of the following are the possible causes for the failure to include a signature after the IPS policy is configured? (Multiple choices)
정답: B,C,D
문제11
The process of a browser carrying a cookie to request a resource from a server is as shown in the following figure. Which of the following steps have the session ID information in the message?

The process of a browser carrying a cookie to request a resource from a server is as shown in the following figure. Which of the following steps have the session ID information in the message?

정답: B
문제12
Which of the following is correct configuration strategy for anti-virus policy?
1. Load feature library
2. Configure security policy and reference AV profile
3. Apply and activate license
4. Configure AV Profile
5. Submit
Which of the following is correct configuration strategy for anti-virus policy?
1. Load feature library
2. Configure security policy and reference AV profile
3. Apply and activate license
4. Configure AV Profile
5. Submit
정답: A
문제13
Which of the following options does not belong to the defense against HTTP flood attacks?
Which of the following options does not belong to the defense against HTTP flood attacks?
정답: D
문제14
Huawei NIP6000 products provide carrier-grade high-reliability mechanisms at multiple levels to ensure the stable operation of the equipment.
Which of the following options belong to the reliability of the network? (Multiple choices)
Huawei NIP6000 products provide carrier-grade high-reliability mechanisms at multiple levels to ensure the stable operation of the equipment.
Which of the following options belong to the reliability of the network? (Multiple choices)
정답: A,C