Massive Halloween Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

H12-722 Questions and Answers

Question # 4

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

A.

display version av-sdb

B.

display utm av version

C.

display av utm version

D.

display utm version

Full Access
Question # 5

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

A.

Planting malware

B.

Vulnerability attack"

C.

We6 Application Click

D.

Brute force

Full Access
Question # 6

Which of the following options is not a cyber security threat caused by weak personal security awareness?

A.

Disclosure of personal information

B.

Threats to the internal network

C.

Leaking corporate information

D.

Increasing the cost of enterprise network operation and maintenance

Full Access
Question # 7

Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

A.

Infrastructure security

B.

Tenant security

C.

How to do a good job in management, operation and maintenance

D.

Hardware maintenance

Full Access
Question # 8

Which of the following options does not belong to the security risk of the application layer of the TCP/IP protocol stack?

A.

Virus

B.

Buffer overflow ρ

C.

System vulnerabilities

D.

Port scan

Full Access
Question # 9

After enabling the IP policy, some services are found to be unavailable. Which of the following may be caused by? (multiple choice)

A.

Only packets in one direction pass through the firewall

B.

The same message passes through the firewall multiple times

C.

IPS underreporting

D.

Excessive traffic causes the Bypass function to be enabled

Full Access
Question # 10

The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the website of the security center platform?

A.

sec. huawei. com.

B.

support.huaver: com

C.

www. huawei. com

D.

security.. huawei. com

Full Access
Question # 11

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Full Access
Question # 12

Regarding the anti-spam response code, which of the following statements is wrong?

A.

The response code will vary depending on the RBL service provider.

155955cc-666171a2-20fac832-0c042c046

B.

USG treats mails that match the answer code as spam.

C.

If the response code is not returned or the response code is not configured on the USG, the mail is released.

D.

The response code is specified as 127.0.0.1 in the second system.

Full Access
Question # 13

The administrator has configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not allowed Can the reason?

A.

The file filtering configuration file is not referenced in the security policy

B.

File filtering configuration file is incorrect

C.

License is not activated.

D.

The action configuration of the file extension does not match is incorrect

Full Access
Question # 14

Which of the following options does not belong to the basic DDoS attack prevention configuration process?

A.

The system starts traffic statistics.

B.

System related configuration application, fingerprint learning.

C.

The system starts attack prevention.

D.

The system performs preventive actions.

Full Access
Question # 15

In the following options, which of the two attacks use similar attack methods, they will generate a large number of useless response packets, occupying network bandwidth,

Consume equipment resources?

A.

Fraggle and Smurt

B.

Land and Smurf

C.

Fraggle and Land

155955cc-666171a2-20fac832-0c042c0423

D.

Teardrop and Land35

Full Access
Question # 16

If a company wants to detect image files, Shellcode code files and PDF files, which of the following types of sandboxes can be used? (More

155955cc-666171a2-20fac832-0c042c0420

select)

A.

PDF heuristic sandbox

ja$

B.

PE heuristic sandbox

C.

Web heuristic sandbox

D.

Heavyweight sandbox (virtual execution)

Full Access
Question # 17

The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

A.

Prefix matching

B.

Suffix matching

155955cc-666171a2-20fac832-0c042c043

C.

Keyword matching

D.

Exact match

Full Access
Question # 18

In the construction of information security, the intrusion detection system plays the role of a monitor. It monitors the flow of key nodes in the information system.

In-depth analysis to discover security incidents that are occurring. Which of the following are its characteristics?. c0O

A.

IDS can be linked with firewalls and switches to become a powerful "assistant" of firewalls, which can better and more accurately control access between domains.

B.

It is impossible to correctly analyze the malicious code doped in the allowed application data stream.

C.

Unable to detect malicious operations or misoperations from internal killings.

D.

Cannot do in-depth inspection

Full Access
Question # 19

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

A.

True

B.

False

Full Access
Question # 20

Network attacks are mainly divided into two categories: single-packet attacks and streaming attacks. Single-packet attacks include scanning and snooping attacks, malformed packet attacks, and special reports.

Wen attack.

A.

True

B.

False

Full Access
Question # 21

Which aspects of information security will be caused by unauthorized access? (multiple choice)

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Recoverability

Full Access
Question # 22

​​SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

A.

③④①②

B.

③④②①

C.

④①②③

D.

④②①③

Full Access
Question # 23

For the basic mode of HTTP Flood source authentication, which of the following options are correct? (multiple choice)

A.

The basic mode can effectively block the access from the Feng Explor client.

B.

The bot tool does not implement a complete HTTP protocol stack and does not support automatic redirection, so the basic mode can effectively defend against HTTP Flood attacks.

hit.

C.

When there is an HTTP proxy server in the network, the firewall will add the IP address of the proxy server to the whitelist, but it will recognize the basic source of the zombie host.

The certificate is still valid.

D.

The basic mode will not affect the user experience, so the defense effect is higher than the enhanced mode.

Full Access
Question # 24

Regarding the processing flow of file filtering, which of the following statements is wrong?

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Full Access
Question # 25

File filtering technology can filter files based on the application of the file, the file transfer direction, the file type and the file extension.

A.

True

B.

False

Full Access
Question # 26

Regarding the anti-spam local black and white list, which of the following statements is wrong?

A.

The black and white list is matched by extracting the destination IP address of the SMTP connection

B.

The black and white list is matched by the sender's dns suffix

C.

The black and white list is matched by extracting the source IP address of the SMTP connection

155955cc-666171a2-20fac832-0c042c0419

D.

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 27 Oct 2021