Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

H12-722_V3.0 PDF

$38.5

$109.99

3 Months Free Update

Add to Cart
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

H12-722_V3.0 PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

Add to Cart
  • Exam Name: HCIP-Security-CSSN V3.0
  • Last Update: Apr 23, 2024
  • Questions and Answers: 196
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

H12-722_V3.0 Engine

$46.2

$131.99

3 Months Free Update

Add to Cart
  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

H12-722_V3.0 Practice Exam Questions with Answers HCIP-Security-CSSN V3.0 Certification

Question # 6

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Full Access
Question # 7

The main attack prevention technologies of Huawei USG6000 products include: source detection, fingerprint learning and associated defense.

A.

True

B.

False

Full Access
Question # 8

After enabling the IP policy, some services are found to be unavailable. Which of the following may be caused by? (multiple choice)

A.

Only packets in one direction pass through the firewall

B.

The same message passes through the firewall multiple times

C.

IPS underreporting

D.

Excessive traffic causes the Bypass function to be enabled

Full Access
Question # 9

If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses

It is the stream scanning method.

A.

True

B.

False

Full Access
Question # 10

For full encryption registered mobile storage devices must be formatted to normal use in not installed NAC client terminal host.

A.

TRUE

B.

FALSE

Full Access
Question # 11

Regarding the 3 abnormal situations of the file type recognition result, which of the following option descriptions is wrong?

A.

File extension mismatch means that the file type is inconsistent with the file extension.

B.

Unrecognized file type means that the file type cannot be recognized and there is no file extension.

C.

File damage means that the file type cannot be identified because the file is damaged.

D.

Unrecognized file type means that the file type cannot be recognized, and the file extension cannot be recognized.

Full Access
Question # 12

Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

A ICMP protocol

B. UDP protocol

C. CIP protocol

D. FTP protocol

Full Access
Question # 13

Which of the following files can the sandbox detect? (multiple choice)

A.

www file

B.

PE file

C.

Picture file

D.

Mail

Full Access
Question # 14

Regarding the sequence of the mail transmission process, which of the following is correct?

1. The sender PC sends the mail to the designated SMTP Server.

2. The sender SMTP Server encapsulates the mail information in an SMTP message and sends it to the receiver SMTP Server according to the destination address of the mail

3. The sender SMTP Server encapsulates the mail information in an SMTP message according to the destination address of the mail and sends it to the receiver POP3/MAP Senver

4. The recipient sends an email.

A.

1->2->3

B.

1->2->4,

C.

1->3->2

D.

1->4->3

Full Access
Question # 15

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Full Access
Question # 16

Which of the following statement on the scanner is wrong?

A.

When deploying NAC Agent, can use scanner to scan and assess the number of installed and non-installed agent.

B.

When the terminal NAC Agent uninstall, the scanner can send alarm information.

C.

the scanner by the SNMP protocol to obtain network equipment resources information.

D.

scanner and Policy Center controller linkage scan tasks.

Full Access
Question # 17

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

A.

The action of signing iD3000 is an alarm

B.

The action of signing ID3000 is to block

C.

Unable to determine the action of signature ID3000

D.

The signature set is not related to the coverage signature

Full Access
Question # 18

The configuration command to enable the attack prevention function is as follows; n

[FW] anti-ddos syn-flood source-detect

[FW] anti-ddos udp-flood dynamic-fingerprint-learn

[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn

[FW] anti-ddos http-flood defend alert-rate 2000

[Fwj anti-ddos htp-flood source-detect mode basic

Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

A.

The firewall has enabled the SYN Flood source detection and defense function

B.

The firewall uses the first packet drop to defend against UDP Flood attacks.

C.

HTTP Flood attack defense uses enhanced mode for defense

D.

The threshold for HTTP Flood defense activation is 2000.

Full Access
Question # 19

Regarding intrusion prevention, which of the following option descriptions is wrong

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Full Access
Question # 20

Which is correct about the following Policy Center troubleshooting process?

A.

Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

B.

connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

C.

Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

D.

hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

Full Access
Question # 21

Which of the following options is not a defense against HTTP Flood attacks?

A.

HTTP Flood source authentication

B.

HTTP source statistics

C.

URI source fingerprint learning function

D.

Baseline learning

Full Access
Question # 22

Which of the following elements does PDCA include? (Choose 3 answers)

A.

Plan

B.

Implementation

C.

termination

D.

Monitoring

Full Access
Question # 23

Which patches does Policy Center support to management?(Choose 3 answers)

A.

Microsoft Windows operating system patches

B.

Microsoft SQL Windows database patch

C.

Microsoft Internet Explorer patches

D.

android system patches

Full Access
Question # 24

Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

A.

It cannot effectively prevent the virus from spreading from the Internet to the intranet.

B.

The number of applications that NIP6000 can recognize reaches 6000+, which realizes refined application protection, saves export bandwidth, and guarantees key business services

Experience.

C.

Protect the intranet from external attacks, and inhibit malicious flows, such as spyware, worms, etc. from flooding and spreading to the intranet.

D.

Ability to quickly adapt to threat changes

Full Access
Question # 25

Which of the following are the control items of HTTP behavior?) (multiple choice)

A.

POST operation

B.

Browse the web

C.

Acting online

D.

File upload and download

Full Access
Question # 26

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

A.

True

B.

False

Full Access
Question # 27

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

A.

True

B.

False

Full Access
Question # 28

In the security protection system of the cloud era, reforms need to be carried out in the three stages before, during and after the event, and a closed-loop continuous improvement should be formed.

And development. Which of the following key points should be done in "things"? (multiple choice)

A.

Vulnerability intelligence

B.

Defense in Depth

C.

Offensive and defensive situation

D.

Fight back against hackers

155955cc-666171a2-20fac832-0c042c045

Full Access