Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Huawei H12-724 - HCIP-Security (Fast track) V1.0

Huawei H12-724 Premium Access     Download Demo    
Page: 10 / 11
Total 367 questions

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

A.

True

B.

False

Which of the following options are common reasons for IPS detection failure? (multiple choices)

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Agile Controller-Campus All components are supported Windows System and Linux system.

A.

True

B.

False

When the license of Huawei USG6000 product expires, the RBL function will be unavailable, and users can only use the local black and white list to filter junk mail.

155955cc-666171a2-20fac832-0c042c0435

A.

True

B.

False

Regarding the network intrusion detection system (NIDS), which of the following statements is wrong?

A.

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

B.

Use the newly received network packet as the data source;

C.

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

D.

Used to monitor network traffic, and can be deployed independently.

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

A.

The action of signing iD3000 is an alarm

B.

The action of signing ID3000 is to block

C.

Unable to determine the action of signature ID3000

D.

The signature set is not related to the coverage signature

Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

A ICMP protocol

B. UDP protocol

C. CIP protocol

D. FTP protocol

Regarding CAPWAP encryption, which of the following statements is wrong?

A.

CAPWAP The data tunnel can be used DTLS Encrypted.

B.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Which of the following options is not a feature of big data technology?

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Regarding intrusion prevention, which of the following option descriptions is wrong

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion