1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-722
  5. Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) Questions and Answers

Pass the Huawei HCIP-Security H12-722 Questions and answers with CertsForce

 Huawei Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 6 pages
Viewing questions 21-30 out of questions
Questions # 21:

If you combine security defense with big data technology, which of the following statements are correct? (multiple choice)

Options:
A.

In the learning process, you should start from collecting samples, analyze their characteristics and then perform machine learning.

B.

Machine learning only counts a large number of samples, which is convenient for security administrators to view.

C.

In the detection process, the characteristics of unknown samples need to be extracted and calculated to provide samples for subsequent static comparisons.

D.

Security source data can come from many places, including data streams, messages, threat events, logs, etc.

Expert Solution
Questions # 22:

When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

Options:
A.

Users can visit www.videobt.com website.

B.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

C.

User cannot access all the sites ending with bt com.

D.

When users visit www.bt. com, they will be blocked.

Expert Solution
Questions # 23:

Regarding the Anti-DDoS cloud cleaning solution; which of the following statements is wrong?

Options:
A.

Ordinary attacks will usually be cleaned locally first.

B.

If there is a large traffic attack on the network, send it to the cloud cleaning center to share the cleaning pressure.

C.

Since the Cloud Cleaning Alliance will direct larger attack flows to the cloud for cleaning, it will cause network congestion.

D.

The closer to the attacked self-labeled cloud cleaning service, the priority will be called.

155955cc-666171a2-20fac832-0c042c0430

Expert Solution
Questions # 24:

Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice)

Options:
A.

Local upgrade

B.

Manual upgrade

C.

Online upgrade

D.

Automatic upgrade

Expert Solution
Questions # 25:

Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)

Options:
A.

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

B.

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

C.

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

D.

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

Expert Solution
Questions # 26:

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:
A.

Configuration plane

B.

Business plane

C.

Log plane

D.

Data forwarding plane

Expert Solution
Questions # 27:

Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black

Whitelist and other configuration files.

A True

B. False

Expert Solution
Questions # 28:

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

Options:
A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Expert Solution
Questions # 29:

The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

Options:
A.

Prefix matching

B.

Suffix matching

155955cc-666171a2-20fac832-0c042c043

C.

Keyword matching

D.

Exact match

Expert Solution
Questions # 30:

Which of the following options are common behavioral characteristics of viruses? (multiple choices)

Options:
A.

Download and backdoor features

B.

Information collection characteristics

C.

Self-hidden features

D.

Network attack characteristics

Expert Solution
Viewing page 3 out of 6 pages
Viewing questions 21-30 out of questions