New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Huawei H12-722_V3.0 HCIP-Security-CSSN V3.0 Exam Practice Test

Page: 1 / 20
Total 196 questions

HCIP-Security-CSSN V3.0 Questions and Answers

Question 1

Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

Options:

A.

It cannot effectively prevent the virus from spreading from the Internet to the intranet.

B.

The number of applications that NIP6000 can recognize reaches 6000+, which realizes refined application protection, saves export bandwidth, and guarantees key business services

Experience.

C.

Protect the intranet from external attacks, and inhibit malicious flows, such as spyware, worms, etc. from flooding and spreading to the intranet.

D.

Ability to quickly adapt to threat changes

Question 2

Which aspects of information security will be caused by unauthorized access? (multiple choice)

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Recoverability

Question 3

Which is correct about the following Policy Center troubleshooting process?

Options:

A.

Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

B.

connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

C.

Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

D.

hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

Question 4

Place refers to the terminal environment when end-user use strategy management center access to

controlled network office, which options are correct about place? (Choose 2 answers)

Options:

A.

strategy management center only support the default place

B.

The default place only support by way of cable access network scenario

C.

can be customized places

D.

when allocation strategy template for the end user, need to select the corresponding places

Question 5

Regarding intrusion prevention, which of the following option descriptions is wrong

Options:

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Question 6

The core technology of content security lies in anomaly detection, and the concept of defense lies in continuous monitoring and analysis.

Options:

A.

True

B.

False

Question 7

The user needs of a university are as follows:

1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.

2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.

3. At the same time, some pornographic websites in the student area are prohibited.

The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

155955cc-666171a2-20fac832-0c042c0415

Options:

A.

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

B.

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

C.

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

D.

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Question 8

Which of the following technologies can achieve content security? (multiple choice)

Options:

A.

Web security protection

B.

Global environment awareness

C.

Sandbox and big data analysis

D.

Intrusion prevention

Question 9

Analysis is the core function of intrusion detection. The analysis and processing process of intrusion detection can be divided into three phases; build an analyzer to perform analysis on actual field data.

Which of the analysis, feedback and refinement is the function included in the first two stages?

Options:

A.

Data analysis, data classification, post-processing

B.

Data processing, data classification, post-processing

C.

Data processing, attack classification, post-processing

D.

Data processing, data classification, attack playback

Question 10

Which of the following options is not a special message attack?

Options:

A.

ICMP redirect message attack) 0l

B.

Oversized ICMP packet attack

C.

Tracert packet attack

D.

IP fragment message item

Question 11

Which of the following statement is correct about Policy Center system client function?

Options:

A.

NAC Agent support MAC account login.

B.

Web page login for authentication and can perform checks Strategy.

C.

Web Agent login for identity certification and security certification.

D.

NAC Agent cannot be installed on Windows Vista operating system.

Question 12

The processing flow of IPS has the following steps;

1. Reorganize application data

2. Match the signature

3. Message processing

4. Protocol identification

Which of the following is the correct order of the processing flow?

Options:

A.

4-1-2-3

B.

1-4-2-3

C.

1-3-2-4

D.

2-4-1-3:

Question 13

When a virus is detected in an email, which of the following is not the corresponding action for detection?

Options:

A.

Warning

B.

Block

C.

Declare

D.

Delete attachments

Question 14

Which of the following behaviors is a false positive of the intrusion detection system?

Options:

A.

Unable to detect new types of worms

B.

The process of trying to log in to the system is recorded

C.

Use Ping to perform network detection and be alerted as an attack

D.

Web-based attacks are not detected by the system

Question 15

In the deployment of Huawei NIP6000 products, only port mirroring can be used for streaming replication.

Options:

A.

True

B.

False

Question 16

Malicious code usually uses RootKit technology in order to hide itself. RootKit modifies the kernel of the system by loading a special driver.

To hide itself and the role of designated files.

Options:

A.

True

B.

False

Question 17

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Options:

A.

True

B.

False

Question 18

Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?

1. The Netflow analysis device samples the current network flow;

2. Send a drainage command to the cleaning center;

3. Discover the DDoS attack stream;

4.Netior: analysis equipment sends alarms to ATIC management center

5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;

6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage

7. The cleaning log is sent to the management center to generate a report;

8. The cleaned traffic is sent to the original destination server.

Options:

A.

1-3-4-2-5-6-7-8

B.

1-3-2-4-6-5-7-8

C.

1-3-4-2-6-5-8-7

D.

1-3-24-6-5-8-7

Question 19

If the regular expression is "abc. de", which of the following will not match the regular expression?

Options:

A.

abcde

B.

abcdde

C.

abclde

D.

abc+de

Question 20

For special message attacks, which of the following option descriptions is correct?

A Special control packet attack is a potential attack and does not have direct destructive behavior

B. The attacker probes the network structure by sending special control messages to launch a real attack.

C. Special control message attacks do not have the ability to detect the network structure. Only scanning attacks can detect the network.

D. Special control message items can only use ICMP to construct attack messages.

Options:

Question 21

Which of the following technology, administrators can according to business requirements, to scale to achieve load sharing of business flow?

Options:

A.

Resource pool mechanism

B.

weighting mechanism

C.

load balancing

D.

Hot Standby

Question 22

If you combine security defense with big data technology, which of the following statements are correct? (multiple choice)

Options:

A.

In the learning process, you should start from collecting samples, analyze their characteristics and then perform machine learning.

B.

Machine learning only counts a large number of samples, which is convenient for security administrators to view.

C.

In the detection process, the characteristics of unknown samples need to be extracted and calculated to provide samples for subsequent static comparisons.

D.

Security source data can come from many places, including data streams, messages, threat events, logs, etc.

Question 23

Which of the following signature attributes cannot be configured for IP custom signature?

Options:

A.

ID

B.

Message length

C.

Agreement

D.

Direction

Question 24

Part of the reason why the APT attack becomes difficult to defend is that it uses the vulnerabilities to attack. This kind of zero-day hole usually requires flowers

A lot of time to research and analyze and produce corresponding defense methods.

Options:

A.

True

B.

False

Question 25

For the description of the Anti DDOS system, which of the following options is correct? C

Options:

A.

The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.

User network, send to the real destination.

B.

The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.

View in categories and generate reports.

C.

The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to

The management center makes a judgment.

D.

The firewall can only be used for inspection equipment

Question 26

Which of the following options is not a cyber security threat caused by weak personal security awareness?

Options:

A.

Disclosure of personal information

B.

Threats to the internal network

C.

Leaking corporate information

D.

Increasing the cost of enterprise network operation and maintenance

Question 27

When configuring the terminal visits, we put some equipment configured exception equipment ,which of the following statements are true about the exception equipment?

Options:

A.

the exception equipment IP is not in controlled network segment.

B.

terminal in isolation domain can not access exception equipment .

C.

only through security authentication terminals can access exception equipment.

D.

through identity authentication terminals can access exception equipment.

Question 28

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

Options:

A.

True

B.

False

Question 29

Regarding computer viruses, which of the following options is correct?

Options:

A.

Patching the system can completely solve the virus intrusion problem

B.

Computer viruses are latent, they may be latent for a long time, and only when they encounter certain conditions will they begin to carry out sabotage activities

C.

Computer viruses are contagious. They can spread through floppy disks and CDs, but they will not spread through the Internet.

D.

All computer viruses must be parasitic in files and cannot exist independently

Page: 1 / 20
Total 196 questions