Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Huawei H12-722 - Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Huawei H12-722 Premium Access     Download Demo    
Page: 2 / 6
Total 177 questions

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

A.

True

B.

False

Regarding the network intrusion detection system (NIDS), which of the following statements is wrong?

A.

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

B.

Use the newly received network packet as the data source;

C.

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

D.

Used to monitor network traffic, and can be deployed independently.

Misuse detection is through the detection of similar intrusions in user behavior, or those that use system flaws to indirectly violate system security rules

To detect intrusions in the system. Which of the following is not a feature of misuse detection 2

A.

Easy to implement

B.

Accurate detection

C.

Effective detection of impersonation detection of legitimate users

D.

Easy to upgrade

The anti-tampering technology of Huawei WAF products is based on the cache module. Suppose that when user A visits website B, website B has page tampering.

Signs: The workflow for the WAF tamper-proof module has the following steps:.

â‘  WAF uses the pages in the cache to return to the client;

â‘¡WAF compares the watermark of the server page content with the page content in the cache

â‘¢Store the content of the page in the cache after learning

â‘£ When the user accesses the Web page, the WAF obtains the page content of the server

⑤WAF starts the learning mode to learn the page content of the user's visit to the website;

For the ordering of these steps, which of the following options is correct?

A.

③④②⑤①

B.

⑤①②④③

C.

②④①⑤③

D.

⑤③④②①

The realization of content security filtering technology requires the support of the content security combination license.

A.

True

B.

False

When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

A.

True

B.

False

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

A.

Keywords contained in the content of the uploaded file

B.

Keywords contained in the downloaded file

C.

File type

D.

File upload direction 335

For special message attacks, which of the following option descriptions is correct?

A Special control packet attack is a potential attack and does not have direct destructive behavior

B. The attacker probes the network structure by sending special control messages to launch a real attack.

C. Special control message attacks do not have the ability to detect the network structure. Only scanning attacks can detect the network.

D. Special control message items can only use ICMP to construct attack messages.

An enterprise administrator configures the Web reputation system as shown in the figure. Regarding the configuration, which of the following statements is correct?

A.

The content in No. 2 must be configured.

B.

In addition to this page configuration, you also need to enable the firewall and sandbox linkage, otherwise the page configuration is invalid

C.

The content in No. 4 must be configured.

D.

After the configuration is completed, you need to submit the configuration to take effect.