H12-722 by Huawei Actual Free Exam Questions And Answers

Question 1

Which of the following description are correct about the principles of HTTP Flood and HTTPS flood attack defense? (Multiple Choice)

A. The principle of HTTPS Flood attack is to use the URI that involves database operations or other URIs that consume system resources, causing server resources to become exhausted and unable to respond to normal requests.

B. HTTPS flood defense mode includes basic mode, enhanced mode, and 302 redirects.

C. The principle of HTTPS flood attack is to initiate a large number of HTTPS connections to the target server, resulting in exhaustion of server resources and failure to respond to normal requests.

D. HTTPS flood defense can perform source authentication by limiting the packet request rate.

Discussion 0

Correct Answer: A,C,D Vote an answer

Question 2

In Huawei's USG6000 products, IAE provides an integrated solution. All content security detection functions are integrated in a well-designed, high-performance engine.
Which of the following is not a content security detection feature that the product supports?

A. Video content filtering

B. Application identification and awareness

C. Intrusion Prevention

D. URL classification and filtering

Discussion 0

Correct Answer: A Vote an answer

Question 3

The DDoS attack defense configuration process is as follows:
1, start the flow statistics function;
2. Set different protection thresholds for different types of attacks;
3. When the traffic exceeds the preset threshold, the system starts attack defense.

A. FALSE

B. TRUE

Discussion 0

Correct Answer: B Vote an answer

Question 4

The following commands are configured on the Huawei firewall:
[USG] firewall defend ip-fragment enable
Which of the following situations will be recorded as an attack? (Multiple Choices)

A. DF bit is 1 and the MF bit is also 1 or the Fragment Offset is not 0.

B. DF bit is 0 and Fragment Offset + Length > 65535.

C. DF bit is 1 and Fragment Offset + Length < 65535.

D. DF bit is 0, the MF bit is 1 or the Fragment Offset is not 0.

Discussion 0

Correct Answer: A,B Vote an answer

Question 5

Malicious code usually uses RootKit technology to hide itself. RootKit modifies the kernel of the system by loading special drivers to hide itself and specific files.

A. FALSE

B. TRUE

Discussion 0

Correct Answer: B Vote an answer

Question 6

Which of the following attacks are belong to attacks against Web servers? (Multiple choices)

A. Cross-site scripting attacks

B. Website fishing fraud

C. SQL injection

D. Website Trojan

Discussion 0

Correct Answer: A,C Vote an answer

Question 7

The security management system is optional, and anti-virus software or anti-hacking technology can be very good against network threats.

A. False

B. True

Discussion 0

Correct Answer: A Vote an answer

Question 8

Which of the following options is a malformed packet attack based on the TCP protocol?

A. Teardrop attack

B. Land attack

C. IP Spoofing attack

D. Ping of Death attack

Discussion 0

Correct Answer: B Vote an answer

Question 9

Which of the following is correct configuration strategy for anti-virus policy?
1. Load feature library
2. Configure security policy and reference AV profile
3. Apply and activate license
4. Configure AV Profile
5. Submit

A. 3 -> 1 -> 2 -> 4 -> 5

B. 3 -> 2 -> 1 -> 4 -> 5

C. 3 -> 1 -> 4 -> 2 -> 5

D. 3 -> 2 -> 4 -> 1 -> 5

Discussion 0

Correct Answer: C Vote an answer

Question 10

Which of the following descriptions are correct based on proxy-based anti-virus gateways?

A. All files are cached through the gateway own protocol stack

B. The detection rate is higher than the flow scan mode

C. System overhead will be small

D. More advanced operations such as decompression and shelling can be performed

Discussion 0

Correct Answer: A,B,D Vote an answer

Question 11

What content can be filtered by the content filtering technology of Huawei USG6000? (Multiple Choices)

A. Keywords contained in the download file

B. File types

C. Keywords contained in the uploaded file contents

D. Direction of file upload

Discussion 0

Correct Answer: A,C Vote an answer

Question 12

If the user's FTP operation matches the FTP filtering policy, which actions can be performed? (Multiple choice)

A. Execution

B. Announcement

C. Blocking

D. Alerts

Discussion 0

Correct Answer: C,D Vote an answer

Question 13

When the AntiDDoS system detects attack traffic, the attack traffic is directed to the cleaning device. After the cleaning device completes cleaning, the traffic is re-injected to the original link. Which of the following options does not belong to the injection method?

A. Policy Routing injection

B. MPLS LSP injection

C. BGP injection

D. GRE injection

Discussion 0

Correct Answer: C Vote an answer

Question 14

Which of the following are the upgrade methods for the anti-virus feature database of Huawei USG6000 product? (Multiple Choices)

A. Local upgrade

B. Online upgrade

C. Automatic upgrade

D. Manual upgrade

Discussion 0

Correct Answer: A,B Vote an answer

Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) - H12-722 Exam Practice Test

Contact Us

Useful Links

Latest Updated