Massive Halloween Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

H12-722_V3.0 Questions and Answers

Question # 4

The realization of content security filtering technology requires the support of the content security combination license.

A.

True

B.

False

Full Access
Question # 5

The main attack prevention technologies of Huawei USG6000 products include: source detection, fingerprint learning and associated defense.

A.

True

B.

False

Full Access
Question # 6

Which of the following options is not a defense against HTTP Flood attacks?

A.

HTTP Flood source authentication

B.

HTTP source statistics

C.

URI source fingerprint learning function

D.

Baseline learning

Full Access
Question # 7

Huawei's USG000 product can identify the true type of common files and over-check the content. Even if the file is hidden in a compressed file, or change the extension

The name of the exhibition can't escape the fiery eyes of the firewall.

A.

True

B.

False

Full Access
Question # 8

Which of the following technology, administrators can according to business requirements, to scale to achieve load sharing of business flow?

A.

Resource pool mechanism

B.

weighting mechanism

C.

load balancing

D.

Hot Standby

Full Access
Question # 9

Which of the following options is not a feature of Trojan horses?

A.

Not self-replicating but parasitic

B.

Trojans self-replicate and spread

C.

Actively infectious

D.

The ultimate intention is to steal information and implement remote monitoring

Full Access
Question # 10

Which of the following options will not pose a security threat to the network?

A.

Hacking

B.

Weak personal safety awareness

C.

Open company confidential files

D.

Failure to update the virus database in time

Full Access
Question # 11

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

A.

Direction is not enabled

B.

The direction is turned on, but no specific direction is selected

C.

The severity level of the configuration is too high

D.

The protocol selection technique is correct

Full Access
Question # 12

Which of the following descriptions are correct for proxy-based anti-virus gateways? (multiple choice)

A.

The detection rate is higher than the flow scanning method

B.

System overhead will be relatively small

C.

Cache all files through the gateway's own protocol stack

D.

More advanced operations such as decompression, shelling, etc. can be performed

Full Access
Question # 13

Which of the following statement is correct about Policy Center system client function?

A.

NAC Agent support MAC account login.

B.

Web page login for authentication and can perform checks Strategy.

C.

Web Agent login for identity certification and security certification.

D.

NAC Agent cannot be installed on Windows Vista operating system.

Full Access
Question # 14

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

A.

True

B.

False

Full Access
Question # 15

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Full Access
Question # 16

Which of the following behaviors is a false positive of the intrusion detection system?

A.

Unable to detect new types of worms

B.

The process of trying to log in to the system is recorded

C.

Use Ping to perform network detection and be alerted as an attack

D.

Web-based attacks are not detected by the system

Full Access
Question # 17

In the following options, which of the two attacks use similar attack methods, they will generate a large number of useless response packets, occupying network bandwidth,

Consume equipment resources?

A.

Fraggle and Smurt

B.

Land and Smurf

C.

Fraggle and Land

155955cc-666171a2-20fac832-0c042c0423

D.

Teardrop and Land35

Full Access
Question # 18

Which of the following is not an abnormal situation of the file type recognition result?

A.

The file extension does not match.

B.

Unrecognized file type

C.

File corruption

D.

The file is compressed

Full Access
Question # 19

In the Policy Center strategy configuration, how many violations rating of definition are there?

A.

2

B.

3

C.

4

D.

5

Full Access
Question # 20

The configuration command to enable the attack prevention function is as follows; n

[FW] anti-ddos syn-flood source-detect

[FW] anti-ddos udp-flood dynamic-fingerprint-learn

[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn

[FW] anti-ddos http-flood defend alert-rate 2000

[Fwj anti-ddos htp-flood source-detect mode basic

Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

A.

The firewall has enabled the SYN Flood source detection and defense function

B.

The firewall uses the first packet drop to defend against UDP Flood attacks.

C.

HTTP Flood attack defense uses enhanced mode for defense

D.

The threshold for HTTP Flood defense activation is 2000.

Full Access
Question # 21

For the URL is htpt://www.abcd. com:8080/news/education. aspx?name=tom &age=20, which option is path?

A.

htttp://www.abcd. com:8080/news/education. aspx

B.

htttp://www.abcd. com:8080,te

C.

/news/education. aspx

D.

/news/education. aspx?name=tom&age=20

Full Access
Question # 22

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

A.

True

B.

False

Full Access
Question # 23

Which of the following options belong to the keyword matching mode? (multiple choice)

A.

Text

B.

Regular expressions

C.

Community word

D.

Custom keywords

Full Access
Question # 24

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Full Access
Question # 25

Regarding HTTP behavior, which of the following statements is wrong?

A.

HTTP POST is generally used to send information to the server through a web page, such as forum posting x form submission, username I password login.

B.

When the file upload operation is allowed, the alarm threshold and blocking threshold can be configured to control the size of the uploaded file.

C.

When the size of the uploaded or downloaded file and the size of the content of the POST operation reach the alarm threshold, the system will generate log information to prompt the device management

And block behavior.

D.

When the uploaded or downloaded file size, POST operation content size reaches the blocking threshold, the system will only block the uploaded or downloaded file, POST

operate.

Full Access
Question # 26

Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes:

1. Report suspicious files

2. Retrospective attack

3. Firewall linkage defense

4. Prosecution in the cloud sandbox

For the ordering of the process, which of the following options is correct?

A.

1-3-4-2

B.

1-4-2-3

C.

1-4-3-2

D.

3-1-4-2:

Full Access
Question # 27

Huawei NIP6000 products have zero-setting network parameters and plug-and-play functions, because the interfaces and interface pairs only work on layer 2 without

Set the IP address.

A True

B. False

Full Access
Question # 28

Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

A ICMP protocol

B. UDP protocol

C. CIP protocol

D. FTP protocol

Full Access
Question # 29

Regarding the network intrusion detection system (NIDS), which of the following statements is wrong?

A.

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

B.

Use the newly received network packet as the data source;

C.

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

D.

Used to monitor network traffic, and can be deployed independently.

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 27 Oct 2021