New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Huawei H12-724 HCIP-Security (Fast track) V1.0 Exam Practice Test

Page: 1 / 37
Total 367 questions

HCIP-Security (Fast track) V1.0 Questions and Answers

Question 1

If the regular expression is "abc. de", which of the following will not match the regular expression?

Options:

A.

abcde

B.

abcdde

C.

abclde

D.

abc+de

Question 2

Regarding traditional firewalls, which of the following statements are correct? (multiple choice)

Options:

A.

Lack of effective protection against application layer threats.

B.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

C.

Ability to quickly adapt to changes in threats.

D.

Unable to accurately control various applications, such as P2P, online games, etc. .

Question 3

Which of the following technology, administrators can according to business requirements, to scale to achieve load sharing of business flow?

Options:

A.

Resource pool mechanism

B.

weighting mechanism

C.

load balancing

D.

Hot Standby

Question 4

An enterprise administrator configures the Web reputation system as shown in the figure. Regarding the configuration, which of the following statements is correct?

Question # 4

Options:

A.

The content in No. 2 must be configured.

B.

In addition to this page configuration, you also need to enable the firewall and sandbox linkage, otherwise the page configuration is invalid

C.

The content in No. 4 must be configured.

D.

After the configuration is completed, you need to submit the configuration to take effect.

Question 5

Regarding the basic principles of user access security, it is wrong not to list any description?

Options:

A.

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates with the authentication server to complete the user Authentication.

B.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, and terminal Information such as the patch version installed on the device.

C.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

D.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Question 6

Anti DDoS seven-layer defense can work from the dimensions of interface-based defense, global defense and defense object-based defense.

Options:

A.

True

B.

False

Question 7

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

Options:

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Question 8

The following is a hardware SACG increase firewall configuration, which statement below is true?

Question # 8

Options:

A.

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

B.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

C.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

D.

Main IP is the Policy Center reaches the next-hop firewall device interface address

Question 9

Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Options:

A.

Different places can have different security policies.

B.

The location has nothing to do with safety.

C.

There can only be one place in the company.

D.

Place and location have nothing to do.

Question 10

Regarding the file filtering technology in the USG6000 product, which of the following options is wrong?

Options:

A.

It can identify the application that carries the file, the file transfer direction, the file type and the file extension.

B.

Even if the file type is modified, it can also identify the true type of the file

C.

It can identify the type of files transmitted by itself, and can block, alert and announce specific types of files.

D.

It supports filtering the contents of compressed files after decompression. "

Question 11

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

Options:

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Question 12

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

Options:

A.

True

B.

False

Question 13

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

Options:

A.

3->1->4->2->5

B.

3->2->4->1->5

C.

3->2->1->4->5

D.

3->1->2->4->5

Question 14

For the terminal Wi-Fi The order of the push, which of the following is correct?

1. Any Office Mobile office system push Wi-Fi Configuration

2. Any Office The mobile office department automatically applies for a certificate.

3. The administrator configures the enterprise Wi-Fi Push.

4. The terminal automatically connects to the enterprise Wi-Fi.

Options:

A.

1-2-3-4

B.

4-2-3-1

C.

3-2-1-4

D.

2-3-1-4

Question 15

Regarding intrusion prevention, which of the following option descriptions is wrong

Options:

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Question 16

If a company wants to detect image files, Shellcode code files and PDF files, which of the following types of sandboxes can be used? (More

155955cc-666171a2-20fac832-0c042c0420

select)

Options:

A.

PDF heuristic sandbox

ja$

B.

PE heuristic sandbox

C.

Web heuristic sandbox

D.

Heavyweight sandbox (virtual execution)

Question 17

The anti-virus feature configured on the Huawei USG6000 product does not take effect. Which of the following are the possible reasons? (multiple choice)

Options:

A.

The security policy does not reference the anti-virus configuration file.

B.

The anti-virus configuration file is configured incorrectly.

C.

The virus signature database version is older.

D.

No virus exceptions are configured.

Question 18

The relationship between user groups and accounts in user management is stored in a tree on the Agile Controller-Campus. An account belongs to only one user group.

Consistent with the corporate organizational structure: If the OU (OnizbonUnit) structure stored in the AD/LDAP server is consistent with the corporate organizational structure, users are stored Under 0OU, when the Agile Controller-Campus synchronizes AD/LDAP server accounts, which synchronization method can be used?

Options:

A.

Press "0U" to synchronize

B.

AO Synchronize by "group", "0U describes the organizational structure

C.

AO Press "Group" "Synchronize," "Group" Jida organization structure

D.

LDAP synchronization by "group"

Question 19

Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Options:

A.

True

B.

False

Question 20

Analysis is the core function of intrusion detection. The analysis and processing process of intrusion detection can be divided into three phases; build an analyzer to perform analysis on actual field data.

Which of the analysis, feedback and refinement is the function included in the first two stages?

Options:

A.

Data analysis, data classification, post-processing

B.

Data processing, data classification, post-processing

C.

Data processing, attack classification, post-processing

D.

Data processing, data classification, attack playback

Question 21

An enterprise administrator configures a Web reputation website in the form of a domain name, and configures the domain name as www. abc; example. com. .

Which of the following is the entry that the firewall will match when looking up the website URL?

Options:

A.

example

B.

www. abc. example. com

C.

www.abc. example

D.

example. com

Question 22

Regarding WLAN, which of the following descriptions is correct?

Options:

A.

WLAN Is to adopt 80211 Technical WiFi

B.

WLAN There are two basic architectures: FAT AP with AC+FIT AP

C.

AC+FATAP The architecture is suitable for medium and large use scenarios

D.

AC+FITAP Autonomous network architecture

Question 23

According to the user’s access5W1H Conditions determine access rights andQoS Strategy for5W1Ho[Which of the following descriptions are correct? (Multiple choice)

Options:

A.

WhoTo determine the ownership of the access device(Company standard,BYOD Wait)

B.

WhoseTo determine the identity of the access person(member I, Visitors, etc.)

C.

How Determine the access method(Wired, wireless, etc.)

D.

WhatTo determine the access device(PC,iOS Wait)

Question 24

Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)

Options:

A.

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

B.

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

C.

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

D.

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

Question 25

An account can only belong to one user group, that is, a user can only belong to one department.

Options:

A.

True

B.

False

Question 26

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

Options:

A.

True

B.

False

Question 27

In some scenarios, an anonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

Options:

A.

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

B.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

C.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

D.

Administrators cannot delete anonymous accounts"~anonymous*.

Question 28

Free mobility is a special access control method, according to the user’s access location, access time, access method and terminal authorization instructions. Set permissions, as long as the user’s access conditions remain unchanged, the permissions and network experience after accessing the network--To q

Options:

A.

True

B.

False

Question 29

Among the following options, which attack is a malformed packet attack based on the TCR protocol?

Options:

A.

Teardrop attack

B.

Ping of Death attack

C.

IP Spoofng attack

D.

Land attack

Question 30

Install Agile Controller-Campus Which of the following steps do not need to be completed before?

Options:

A.

Install the operating system

B.

Install the database

C.

Install antivirus software

D.

Import License

Question 31

Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice)

Options:

A.

File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent

Prevent employees from leaking company confidential documents to the Internet.

B.

Content filtering can prevent the disclosure of confidential information and the transmission of illegal information

C.

The application behavior control function can finely control common HTTP behaviors and FTP behaviors.

D.

Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails.

Question 32

There are several steps in a stored XSS attack

①The attacker hijacks the user session

②The attacker submits an issue containing known JavaScript

③User login

④The user requests the attacker's question 5

⑤The server responds to the attacker’s JavaScript

⑥ The user's browser sends a session token to the attacker

⑦The attacker's JavaScript is executed in the user's browser

For the ordering of these steps, which of the following options is correct?

Options:

A.

③②⑦⑥④⑤①

B.

③②④⑤⑦⑥①

C.

③②④⑥⑤⑦①

155955cc-666171a2-20fac832-0c042c0428

D.

⑧②⑤⑦④⑥①

Question 33

Viruses can damage computer systems. v Change and damage business data: spyware collects, uses, and disperses sensitive information of corporate employees.

These malicious pastoral software seriously disturb the normal business of the enterprise. Desktop anti-disease software can solve the problem of central virus and indirect software from the overall situation.

Options:

A.

True

B.

False

Question 34

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

Options:

A.

True

B.

False

Question 35

Which of the following law items is the most blessed for safety? This should be true?

Options:

A.

Checking strategies are mainly used to check some static settings of the terminal, such as whether the screen saver is set, whether the antivirus software is installed; whether there is illegal Outreach etc. z00

B.

Monitoring strategies are mainly used for real-time monitoring of events that occur in the system, such as whether anti-virus software is installed and whether PPPOE dial-up access is used Network, etc.-Once an incident is detected, some control can be taken.

C.

The security check strategy only includes two types of end-host check-type strategies and end-user behavior check-type strategies.

D.

Terminal host security management is mainly implemented by inspection strategies, and end user behavior management is mainly implemented by monitoring strategies.

Question 36

Which of the following descriptions about the black and white lists in spam filtering is wrong? c

Options:

A.

Set local blacklist and whitelist: Both blacklist and whitelist can be configured at the same time, or only one of them can be configured.

B.

In the "Whitelist" text box, enter the P address and mask of the SMTP Server to be added to the whitelist. You can enter multiple IP addresses, one IP address

Address one line. v

C.

Enter the IP address and mask of the SMITP Server to be added to the blacklist in the "Blacklist" text box, you can enter multiple IP addresses, one IP

Address one line.

D.

The priority of the blacklist is higher than that of the whitelist.

Question 37

What are the three main steps of business free deployment? (Multiple choice)

Options:

A.

Define security group

B.

Define and deploy group policies

C.

The system runs automatically

D.

Security group reported by the system

E.

Define user groups

Question 38

An account can belong to multiple roles, that is, a user may hold multiple positions.

Options:

A.

True

B.

False

Question 39

Which of the following elements does PDCA include? (Choose 3 answers)

Options:

A.

Plan

B.

Implementation

C.

termination

D.

Monitoring

Question 40

In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.

do. Which of the following options does not belong to the action that needs to be completed in the data processing part?

155955cc-666171a2-20fac832-0c042c0422

Options:

A.

Data preprocessing

B.

Threat determination

C.

Distributed storage

D.

Distributed index

Question 41

After enabling the IP policy, some services are found to be unavailable. Which of the following may be caused by? (multiple choice)

Options:

A.

Only packets in one direction pass through the firewall

B.

The same message passes through the firewall multiple times

C.

IPS underreporting

D.

Excessive traffic causes the Bypass function to be enabled

Question 42

For the basic mode of HTTP Flood source authentication, which of the following options are correct? (multiple choice)

Options:

A.

The basic mode can effectively block the access from the Feng Explor client.

B.

The bot tool does not implement a complete HTTP protocol stack and does not support automatic redirection, so the basic mode can effectively defend against HTTP Flood attacks.

hit.

C.

When there is an HTTP proxy server in the network, the firewall will add the IP address of the proxy server to the whitelist, but it will recognize the basic source of the zombie host.

The certificate is still valid.

D.

The basic mode will not affect the user experience, so the defense effect is higher than the enhanced mode.

Question 43

According to the different user name format and content used by the access device to verify user identity, the user name format used for MAC authentication can be changed.

There are three types. Which of the following formats is not included?

Options:

A.

MAC Address format

B.

Fixed username form

C.

DHCP Option format

D.

ARP Option format

Question 44

Regarding the description of intrusion detection technology, which of the following statements is correct?

Options:

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

Question 45

Regarding the role of each role in the Portal authentication framework, which of the following descriptions are correct? (multiple choice)

Options:

A.

The AAA server saves information such as usernames and passwords for authentication of access users.

B.

The Web server saves information such as user names and passwords for authentication of access users.

C.

The AAA server is used to push the Portal authentication page to the user.

D.

The web server is used to push the Portal authentication page to the user.

Question 46

Which of the following iterations is correct for the description of the management center?

Options:

A.

The management server of the management center is responsible for the cleaning of abnormal flow, as well as the collection and analysis of business data, and storage, and is responsible for the summary

The stream is reported to the management server for report presentation.

B.

The data coking device is responsible for the cleaning of abnormal flow, the centralized management and configuration of equipment, and the presentation of business reports.

C.

The data collector and management server support distributed deployment and centralized deployment. Centralized deployment has good scalability.

D.

The management center is divided into two parts: management server and teaching data collector.

Question 47

In the process of establishing CAPWAP channel between AP and AC, AP and AC negotiate to establish CAPWAP tunnel. In this process, CAPWAP tunnel is established.

Use DTLS to encrypt and transmit UDP packets. What are the encryption methods supported by DTLS? (multiple choice)

Options:

A.

Certificate encryption

B.

AES encryption

C.

PSK encryption

D.

Plaintext encryption

Question 48

Windows in environment,Agile Controller-Campus After the installation is successful, how to manually start the management center(MC)? (Multiple choice)

Options:

A.

Double click on the desktop"Start Server"The shortcut starts.

B.

choose"Start>all programs> Huawei> MCServer> StartServer.

C.

choose"Start>all programs> Huawei> Agile Controller> Server Startup Config"To manually start the required components.

D.

choose"Start 3 all programs> Huawei> MCServer> Sever Startup Conig",Manually start the required components

Question 49

VIP Experience guarantee, from which two aspects are the main guarantees VIP User experience? (Multiple choice)

Options:

A.

bandwidth

B.

Forwarding priority

C.

Authority

D.

Strategy

Question 50

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

Options:

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Question 51

Which of the following options is not a challenge brought by mobile office?

Options:

A.

The mobile office platform is safe and reliable and goes online quickly.

B.

Users can access the network safely and quickly.

C.

Unified terminal management and fine control.

D.

Network gateway deployment

Question 52

Agile Controller-Campus As RADIUS When the server performs authentication, how many ends need to be configured for authentication on the admission control device?

Options:

A.

1812

B.

1813

C.

8443

D.

8080

Question 53

Which of the following options is not a feature of big data technology?

Options:

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Question 54

Server Fault information collection tool Server Collector, which of the following does collected information items not include?

Options:

A.

Software and Patch

B.

sharing information and system account information

C.

System Log

D.

processes, services and startup

Question 55

The process of a browser carrying a cookie to request resources from a server is shown in the following figure. Which of the following steps contains SessionID information in the message?

Question # 55

Options:

A.

③④

B.

①③④

C.

⑤⑥

D.

②④

Page: 1 / 37
Total 367 questions