1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-722_V3.0
  5. HCIP-Security-CSSN V3.0 Questions and Answers

Pass the Huawei HCIP-Security H12-722_V3.0 Questions and answers with CertsForce

 Huawei Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 6 pages
Viewing questions 1-10 out of questions
Questions # 1:

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:
A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Questions # 2:

Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)

Options:
A.

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

B.

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

C.

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

D.

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

Questions # 3:

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Options:
A.

display version av-sdb

B.

display utm av version

C.

display av utm version

D.

display utm version

Questions # 4:

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

Options:
A.

True

B.

False

Questions # 5:

For the description of URPF technology, which of the following options are correct? (multiple choice)

Options:
A.

The main function is to prevent network attacks based on source address spoofing.

B.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

C.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

D.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

Questions # 6:

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:
A.

Configuration plane

B.

Business plane

C.

Log plane

D.

Data forwarding plane

Questions # 7:

Regarding the network intrusion detection system (NIDS), which of the following statements is wrong?

Options:
A.

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

B.

Use the newly received network packet as the data source;

C.

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

D.

Used to monitor network traffic, and can be deployed independently.

Questions # 8:

After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

Options:
A.

True

B.

False.

Questions # 9:

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:
A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Questions # 10:

Regarding the Anti-DDoS cloud cleaning solution; which of the following statements is wrong?

Options:
A.

Ordinary attacks will usually be cleaned locally first.

B.

If there is a large traffic attack on the network, send it to the cloud cleaning center to share the cleaning pressure.

C.

Since the Cloud Cleaning Alliance will direct larger attack flows to the cloud for cleaning, it will cause network congestion.

D.

The closer to the attacked self-labeled cloud cleaning service, the priority will be called.

155955cc-666171a2-20fac832-0c042c0430

Viewing page 1 out of 6 pages
Viewing questions 1-10 out of questions