Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Huawei H12-722_V3.0 - HCIP-Security-CSSN V3.0

Huawei H12-722_V3.0 Premium Access     Download Demo    
Page: 3 / 6
Total 196 questions

Part of the reason why the APT attack becomes difficult to defend is that it uses the vulnerabilities to attack. This kind of zero-day hole usually requires flowers

A lot of time to research and analyze and produce corresponding defense methods.

A.

True

B.

False

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

A.

3->1->4->2->5

B.

3->2->4->1->5

C.

3->2->1->4->5

D.

3->1->2->4->5

In the anti-virus policy configuration of Huawei USG6000 product, what are the response methods of HTTP protocol? (multiple choice)

A.

Warning

B.

Block and push the page

C.

A warning dialog box pops up

D.

All access to the client is prohibited

The configuration command to enable the attack prevention function is as follows; n

[FW] anti-ddos syn-flood source-detect

[FW] anti-ddos udp-flood dynamic-fingerprint-learn

[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn

[FW] anti-ddos http-flood defend alert-rate 2000

[Fwj anti-ddos htp-flood source-detect mode basic

Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

A.

The firewall has enabled the SYN Flood source detection and defense function

B.

The firewall uses the first packet drop to defend against UDP Flood attacks.

C.

HTTP Flood attack defense uses enhanced mode for defense

D.

The threshold for HTTP Flood defense activation is 2000.

In the security protection system of the cloud era, reforms need to be carried out in the three stages before, during and after the event, and a closed-loop continuous improvement should be formed.

And development. Which of the following key points should be done in "things"? (multiple choice)

A.

Vulnerability intelligence

B.

Defense in Depth

C.

Offensive and defensive situation

D.

Fight back against hackers

155955cc-666171a2-20fac832-0c042c045

Which of the following is not an abnormal situation of the file type recognition result?

A.

The file extension does not match.

B.

Unrecognized file type

C.

File corruption

D.

The file is compressed

Use BGP protocol to achieve diversion, the configuration command is as follows

[sysname] route-policy 1 permit node 1

[sysname-route-policy] apply community no-advertise

[sysname-route-policy] quit

[sysname]bgp100

155955cc-666171a2-20fac832-0c042c04

29

[sysname-bgp] peer

[sysname-bgp] import-route unr

[sysname- bgpl ipv4-family unicast

[sysname-bgp-af-ipv4] peer 7.7.1.2 route-policy 1 export

[sysname-bgp-af-ipv4] peer 7.7. 1.2 advertise community

[sysname-bgp-af-ipv4] quit

[sysname-bgp]quit

Which of the following options is correct for the description of BGP diversion configuration? (multiple choice)

A.

Use BGP to publish UNR routes to achieve dynamic diversion.

B.

After receiving the UNR route, the peer neighbor will not send it to any BGP neighbor.

C.

You also need to configure the firewall ddos ​​bgp-next-hop fib-filter command to implement back-injection.

D.

The management center does not need to configure protection objects. When an attack is discovered, it automatically issues a traffic diversion task.

Regarding the description of intrusion detection technology, which of the following statements is correct?

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Which of the following is the default port number of Portal authentication service?

A.

1812

B.

1813

C.

50200

D.

50300