1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-724
  5. HCIP-Security (Fast track) V1.0 Questions and Answers

Pass the Huawei HCIP-Security H12-724 Questions and answers with CertsForce

 Huawei Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 11 pages
Viewing questions 11-20 out of questions
Questions # 11:

With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.

Generally, APT attacks can be summarized into four stages:

1. Collecting Information & Intrusion

2. Long-term lurking & mining

3. Data breach

4. Remote control and penetration

Regarding the order of these four stages, which of the following options is correct?

Options:
A.

2-3-4-1

B.

1-2-4-3

C.

1-4-2-3

D.

2-1-4-3

Expert Solution
Questions # 12:

Hardware in useSACG At the time of certification,SACG After the configuration is completed, you can seeSACG andAgile Agile Controller-Campus The linkage is successful, but the user authentication fails. This phenomenon may be caused by the following reasons? (Multiple choice)

Options:
A.

User flow has not passed SACG.

B.

SACG There is no release on the user stream.

C.

SACG There is no closed state detection on it.

D.

Agile Controller-Campus On and SACG Wrong key configuration for linkage

Expert Solution
Questions # 13:

In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed

In the high-performance engine. Which of the following is not the content security detection function supported by this product?

Options:
A.

Application recognition and perception

B.

URL classification and filtering

C.

Video content filtering

D.

Intrusion prevention

155955cc-666171a2-20fac832-0c042c048

Expert Solution
Questions # 14:

Which of the following options is not a defense against HTTP Flood attacks?

Options:
A.

HTTP Flood source authentication

B.

HTTP source statistics

C.

URI source fingerprint learning function

D.

Baseline learning

Expert Solution
Questions # 15:

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

Options:
A.

172.18.11.221 It is the server of the isolation domain.

B.

The escape route was opened.

C.

172.18.11.223 It is a post-domain server.

D.

The terminal host stream is the default ACL Blocked.

Expert Solution
Questions # 16:

The AD/LDAP account can be synchronized to the Agile Controller-Campus or not to the Agile Controller-Campus. Synchronize.

The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.

Authorization

Options:
A.

True

B.

False

Expert Solution
Questions # 17:

The following is a hardware SACG increase firewall configuration, which statement below is true?

Question # 17

Options:
A.

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

B.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

C.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

D.

Main IP is the Policy Center reaches the next-hop firewall device interface address

Expert Solution
Questions # 18:

Regarding the policy for checking account security, which of the following descriptions are correct? (Multiple choice)

Options:
A.

You can check whether there is a weak password.

B.

You can check whether the account has joined a specific group.

C.

It cannot be repaired automatically._

D.

It is not possible to check whether the password length meets the requirements.

Expert Solution
Questions # 19:

Which of the following options describes the IntelliSense engine IAE incorrectly?

Options:
A.

lAE's content security detection functions include application identification and perception, intrusion prevention, and Web application security.

B.

Full English name: intelligent Awareness Engine.

C.

The core of C.IAE is to organically centralize all content security-related detection functions.

D.

The security detection of the IAE engine is parallel, using a message-based file processing mechanism, which can receive file fragments and perform security checks.

Expert Solution
Questions # 20:

Regarding scanning and snooping attacks, which of the following descriptions is wrong?

Options:
A.

Scanning attacks include address scanning and port scanning.

B.

It is usually the network detection behavior before the attacker launches the real attack.

155955cc-666171a2-20fac832-0c042c0424

C.

The source address of the scanning attack is real, so it can be defended by adding direct assistance to the blacklist.

D.

When a worm virus breaks out, it is usually accompanied by an address scanning attack, so scanning attacks are offensive.

Expert Solution
Viewing page 2 out of 11 pages
Viewing questions 11-20 out of questions