Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

H12-722_V3.0 HCIP-Security-CSSN V3.0 Questions and Answers

Questions 4

The application behavior control configuration file takes effect immediately after being referenced, without configuration submission.

Options:

A.

True

B.

False

Buy Now
Questions 5

The following figure shows the configuration of the URL filtering configuration file. Regarding the configuration, which of the following statements is correct?

Options:

A.

The firewall will first check the blacklist entries and then the whitelist entries.

B.

Assuming that the user visits the www.exzample.com website, which belongs to the categories of humanities and social networks at the same time, the user cannot access the

website.

C.

The user visits the website www.exzample.com, and when the black and white list is not hit, the next step is to query the predefined URL category entry.

D.

The default action means that all websites are allowed to visit. So the configuration is wrong here.

Buy Now
Questions 6

Which is correct about the following Policy Center troubleshooting process?

Options:

A.

Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

B.

connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

C.

Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

D.

hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

Buy Now
Questions 7

Regarding the network intrusion detection system (NIDS), which of the following statements is wrong?

Options:

A.

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

B.

Use the newly received network packet as the data source;

C.

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

D.

Used to monitor network traffic, and can be deployed independently.

Buy Now
Questions 8

Regarding the sequence of file filtering technology processing flow, which of the following is correct?

(1) The security policy is applied as permit

(2) Protocol decoding

(3) File type recognition

(4) Application recognition

(5) File filtering

Options:

A.

(1)(2)(3)(4)(5)

155955cc-666171a2-20fac832-0c042c049

B.

(1)(4)(2)(3)(5)

C.

(1)(2)(4)(3)(5)

D.

(1)(3)(2)(4)(5)

Buy Now
Questions 9

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Options:

A.

Planting malware

B.

Vulnerability attack"

C.

We6 Application Click

D.

Brute force

Buy Now
Questions 10

If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses

It is the stream scanning method.

Options:

A.

True

B.

False

Buy Now
Questions 11

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Options:

A.

display version av-sdb

B.

display utm av version

C.

display av utm version

D.

display utm version

Buy Now
Questions 12

The core technology of content security lies in anomaly detection, and the concept of defense lies in continuous monitoring and analysis.

Options:

A.

True

B.

False

Buy Now
Questions 13

Which of the following options are common reasons for IPS detection failure? (multiple choices)

Options:

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Buy Now
Questions 14

Analysis is the core function of intrusion detection. The analysis and processing process of intrusion detection can be divided into three phases; build an analyzer to perform analysis on actual field data.

Which of the analysis, feedback and refinement is the function included in the first two stages?

Options:

A.

Data analysis, data classification, post-processing

B.

Data processing, data classification, post-processing

C.

Data processing, attack classification, post-processing

D.

Data processing, data classification, attack playback

Buy Now
Questions 15

Which of the following statement on the scanner is wrong?

Options:

A.

When deploying NAC Agent, can use scanner to scan and assess the number of installed and non-installed agent.

B.

When the terminal NAC Agent uninstall, the scanner can send alarm information.

C.

the scanner by the SNMP protocol to obtain network equipment resources information.

D.

scanner and Policy Center controller linkage scan tasks.

Buy Now
Questions 16

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

Options:

A.

True

B.

False

Buy Now
Questions 17

Regarding the anti-spam local black and white list, which of the following statements is wrong?

Options:

A.

The black and white list is matched by extracting the destination IP address of the SMTP connection

B.

The black and white list is matched by the sender's dns suffix

C.

The black and white list is matched by extracting the source IP address of the SMTP connection

155955cc-666171a2-20fac832-0c042c0419

D.

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

Buy Now
Questions 18

In the deployment of Huawei NIP6000 products, only port mirroring can be used for streaming replication.

Options:

A.

True

B.

False

Buy Now
Questions 19

With the continuous development of the network and the rapid development of applications, companies are making users more and more frequently start to transfer files on the network.

Virus threats are becoming more and more serious. Only by rejecting the virus outside the network can data security and system stability be guaranteed. So, which of the following are

What harm might be caused by illness? (multiple choices)

Options:

A.

Threaten the security of the user's host and network.

B.

Some viruses can be used as intrusion tools, such as Trojan horse viruses,

C.

Control the host computer's accumulated limit and the user's data, and some viruses may even cause damage to the host's hardware.

D.

Can easily pass the defense of Huawei USG6000 products

Buy Now
Questions 20

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:

A.

Configuration plane

B.

Business plane

C.

Log plane

D.

Data forwarding plane

Buy Now
Questions 21

Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes:

1. Report suspicious files

2. Retrospective attack

3. Firewall linkage defense

4. Prosecution in the cloud sandbox

For the ordering of the process, which of the following options is correct?

Options:

A.

1-3-4-2

B.

1-4-2-3

C.

1-4-3-2

D.

3-1-4-2:

Buy Now
Questions 22

Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice)

Options:

A.

Local upgrade

B.

Manual upgrade

C.

Online upgrade

D.

Automatic upgrade

Buy Now
Questions 23

Among the following options, which attack is a malformed packet attack based on the TCR protocol?

Options:

A.

Teardrop attack

B.

Ping of Death attack

C.

IP Spoofng attack

D.

Land attack

Buy Now
Questions 24

When using the misuse check technology, if the normal user behavior is successfully matched with the intrusion feature knowledge base, it will be falsely reported.

Options:

A.

True

B.

False

Buy Now
Questions 25

Which of the following options is wrong for the description of the cleaning center?

Options:

A.

The cleaning center completes the functions of drainage, cleaning, and re-injection of the flow after cleaning in the abnormal flow.

B.

There are two types of drainage methods: static drainage and dynamic drainage.

C.

Re-injection methods include: policy route re-injection, static route re-injection, VVPN back-injection and layer 2 same.

D.

The cleaning equipment supports rich and flexible attack prevention technologies, but it is ineffective against cc attacks and ICMP Flood attacks.

Buy Now
Questions 26

Which of the following options belong to the keyword matching mode? (multiple choice)

Options:

A.

Text

B.

Regular expressions

C.

Community word

D.

Custom keywords

Buy Now
Questions 27

Regarding traditional firewalls, which of the following statements are correct? (multiple choice)

Options:

A.

Lack of effective protection against application layer threats.

B.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

C.

Ability to quickly adapt to changes in threats.

D.

Unable to accurately control various applications, such as P2P, online games, etc. .

Buy Now
Questions 28

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:

A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Buy Now
Questions 29

Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

Options:

A.

Infrastructure security

B.

Tenant security

C.

How to do a good job in management, operation and maintenance

D.

Hardware maintenance

Buy Now
Exam Code: H12-722_V3.0
Exam Name: HCIP-Security-CSSN V3.0
Last Update: Nov 21, 2024
Questions: 196
H12-722_V3.0 pdf

H12-722_V3.0 PDF

$28  $80
 Add to Cart
H12-722_V3.0 Engine

H12-722_V3.0 Testing Engine

$33.25  $95
 Add to Cart
H12-722_V3.0 PDF + Engine

H12-722_V3.0 PDF + Testing Engine

$45.5  $130
 Add to Cart