New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

H12-722_V3.0 HCIP-Security-CSSN V3.0 Questions and Answers

Questions 4

After enabling the IP policy, some services are found to be unavailable. Which of the following may be caused by? (multiple choice)

Options:

A.

Only packets in one direction pass through the firewall

B.

The same message passes through the firewall multiple times

C.

IPS underreporting

D.

Excessive traffic causes the Bypass function to be enabled

Buy Now
Questions 5

Fage attack means that the original address and target address of TOP are both set to the IP address of a certain victim. This behavior will cause the victim to report to it.

SYN-ACK message is sent from the address, and this address sends back an ACK message and creates an empty connection, which causes the system resource board to occupy or target

The host crashed.

Options:

A.

True

B.

False

Buy Now
Questions 6

The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

Options:

A.

True

B.

False

Buy Now
Questions 7

Which of the following options are common reasons for IPS detection failure? (multiple choices)

Options:

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Buy Now
Questions 8

Which of the following attacks are attacks against web servers? (multiple choices)

Options:

A.

Website phishing deception

B.

Website Trojan

C.

SQL injection

D.

Cross-site scripting attacks 2335

Buy Now
Questions 9

Regarding intrusion prevention, which of the following option descriptions is wrong

Options:

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Buy Now
Questions 10

The analysis and processing capabilities of traditional firewalls at the application layer are weak, and they cannot correctly analyze malicious codes that are mixed in the flow of allowed application teaching: many Attacks or malicious behaviors often use the firewall's open application data flow to cause damage, causing application layer threats to penetrate the firewall

A True

B. False

Options:

Buy Now
Questions 11

Which of the following options is not a feature of Trojan horses?

Options:

A.

Not self-replicating but parasitic

B.

Trojans self-replicate and spread

C.

Actively infectious

D.

The ultimate intention is to steal information and implement remote monitoring

Buy Now
Questions 12

Information security is the protection of information and information systems to prevent unauthorized access, use, leakage, interruption, modification, damage, and to improve

For confidentiality, integrity and availability. ,

Options:

A.

True

B.

False

Buy Now
Questions 13

Which of the following iterations is correct for the description of the management center?

Options:

A.

The management server of the management center is responsible for the cleaning of abnormal flow, as well as the collection and analysis of business data, and storage, and is responsible for the summary

The stream is reported to the management server for report presentation.

B.

The data coking device is responsible for the cleaning of abnormal flow, the centralized management and configuration of equipment, and the presentation of business reports.

C.

The data collector and management server support distributed deployment and centralized deployment. Centralized deployment has good scalability.

D.

The management center is divided into two parts: management server and teaching data collector.

Buy Now
Questions 14

Regarding scanning and snooping attacks, which of the following descriptions is wrong?

Options:

A.

Scanning attacks include address scanning and port scanning.

B.

It is usually the network detection behavior before the attacker launches the real attack.

155955cc-666171a2-20fac832-0c042c0424

C.

The source address of the scanning attack is real, so it can be defended by adding direct assistance to the blacklist.

D.

When a worm virus breaks out, it is usually accompanied by an address scanning attack, so scanning attacks are offensive.

Buy Now
Questions 15

The application behavior control configuration file takes effect immediately after being referenced, without configuration submission.

Options:

A.

True

B.

False

Buy Now
Questions 16

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:

A.

Configuration plane

B.

Business plane

C.

Log plane

D.

Data forwarding plane

Buy Now
Questions 17

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

Options:

A.

SACG and IP address 2.1.1.1 server linkage is not successful

B.

SACG linkage success with controller.

C.

master controller IP address is 1.1.1.2.

D.

master controller IP address is 2.1.1.1.

Buy Now
Questions 18

What content can be filtered by the content filtering technology of Huawei USG6000 products?

Options:

A.

File content filtering

B.

Voice content filtering

C.

Apply content filtering..

D.

The source of the video content

Buy Now
Questions 19

Regarding the processing process of file overwhelming, which of the following statements is correct?

Options:

A.

The file filtering module will compare the application type, file type, and transmission direction of the file identified by the previous module with the file filtering rules configured by the administrator.

Then the lookup table performs matching from top to bottom.

B.

If all the parameters of Wenzhu can match all file filtering rules, then the module will execute the action of this file filtering rule.

C.

There are two types of actions: warning and blocking.

D.

If the file type is a compressed file, then after the file filtering check, the female file will be sent to the file decompression module for decompression and decompression.

Press out the original file. If the decompression fails, the file will not be re-filed.

Buy Now
Questions 20

Viruses can damage computer systems. v Change and damage business data: spyware collects, uses, and disperses sensitive information of corporate employees.

These malicious pastoral software seriously disturb the normal business of the enterprise. Desktop anti-disease software can solve the problem of central virus and indirect software from the overall situation.

Options:

A.

True

B.

False

Buy Now
Questions 21

The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.

Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

Options:

A.

TCP packets

B.

UDP packet

C.

ICMP message

D.

FTP message

Buy Now
Questions 22

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Options:

A.

True

B.

False

Buy Now
Questions 23

Which aspects of information security will be caused by unauthorized access? (multiple choice)

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Recoverability

Buy Now
Questions 24

If the processing strategy for SMTP virus files is set to alert, which of the following options is correct?

Options:

A.

Generate logs and discard

B.

Generate logs and forward them

C.

Delete the content of the email attachment

D.

Add announcement and generate log

Buy Now
Questions 25

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Buy Now
Questions 26

Which of the following options will not pose a security threat to the network?

Options:

A.

Hacking

B.

Weak personal safety awareness

C.

Open company confidential files

D.

Failure to update the virus database in time

Buy Now
Questions 27

Regarding the description of intrusion detection technology, which of the following statements is correct?

Options:

A.

It is impossible to detect violations of security policies.

B.

It can detect all kinds of authorized and unauthorized intrusions.

C.

Unable to find traces of the system being attacked.

D.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

Buy Now
Questions 28

An enterprise has 3 server, which is the most reasonable plan when deploy Policy Center system

planning?

Options:

A.

manager + controller + FTP + witness database, controller + master database + FTP, controller + mirror database+ FTP

B.

manager + controller + FTP + master database, controller + FTP + witness database, controller + FTP

+ mirror database

C.

manager + controller + FTP + mirror database, controller + FTP + witness database, controller + FTP +

master database

D.

manager + controller + FTP, controller + FTP + witness databases, controller + FTP + master database

Buy Now
Questions 29

In the security protection system of the cloud era, reforms need to be carried out in the three stages before, during and after the event, and a closed-loop continuous improvement should be formed.

And development. Which of the following key points should be done in "things"? (multiple choice)

Options:

A.

Vulnerability intelligence

B.

Defense in Depth

C.

Offensive and defensive situation

D.

Fight back against hackers

155955cc-666171a2-20fac832-0c042c045

Buy Now
Exam Code: H12-722_V3.0
Exam Name: HCIP-Security-CSSN V3.0
Last Update: Dec 27, 2024
Questions: 196
H12-722_V3.0 pdf

H12-722_V3.0 PDF

$25.5  $84.99
H12-722_V3.0 Engine

H12-722_V3.0 Testing Engine

$30  $99.99
H12-722_V3.0 PDF + Engine

H12-722_V3.0 PDF + Testing Engine

$40.5  $134.99