[2018] HCNP-Security H12-722 Free Dumps| CertQueen

The followings are the real dumps for H12-722-ENU test. I just list several questions for you to check. More real dumps please go to CertQueen H12-722-ENU test page.

1. If the user’s FTP operation matches the FTP filtering policy, which actions can be performed? (Multiple choice)
A. Blocking
B. Announcement
C. Alerts
D. Execution
Answer: AC

2. About firewalls and IDS, which of the following is true?
A. Firewall is a bypass device for fine-grained detection
B. IDS is a straight-path device and can’t perform depth detection
C. Firewall is unable to detect insider malicious operation or misoperation
D. IDS can’t interact with the firewall
Answer: C

3. Which of the following attack types is DDoS attack?
A. Single package attack
B. Traffic attack
C. Malformed packet attack
D. Snooping scanning attack
Answer: B

4. Why APT attacks are difficult to defend? Part of the reason is that they use zero-day loopholes to attack. This zero-day loopholes usually takes a lot of time to research and analyze and make corresponding defense methods.
A. True
B. False
Answer: A

5. The whitelist rule of the firewall antivirus module is configured as *example*. Which of the following matches is used in this configuration?
A. Prefix matching
B. Suffix matching
C. Keyword matching
D. exact match
Answer: C

6. UDP is a connectionless protocol. A large number of UDP flood attacks cause the performance of network devices that rely on session forwarding to be degraded and even the session table is exhausted, causing network congestion.
Which of the following options does not prevent UDP flood attacks?
A. UDP fingerprint learning
B. Associated defense
C. Current limiting
D. First packet discarded
Answer: D

7. Regarding the process of file filtering, which of the following statements is wrong?
A. After the file extraction fails, the file will still be filtered.
B. The application identification module can identify the type of application hosting the file.
C. Protocol decoding is responsible for parsing the file data and file transfer directions in the data stream.
D. The file type identification module is responsible for identifying the real type of the file and the extension of the file based on the file data
Answer: A

8. Huawei WAF products mainly consist of implementing front-end, back-end central systems and databases. The database mainly stores the front-end detection rules and black and white list configuration files.
A. True
B. False
Answer: A

9. Misuse detection discovers intrusion activity in system by detecting similar behaviors of user intrusions, or by detecting violations of system security rules indirectly by exploiting system flaws.
Which of the following is not misuse detection feature?
A. Easy to implement
B. Accurate detection
C. Effective detection of impersonation of legitimate users
D. Easy to upgrade
Answer: C

10. Huawei NIP6000 products have zero-setting network parameters and plug-and-play functionality because interfaces pairs only work on Layer 2 and do not need to set IP address.
A. True
B. False
Answer: A

Leave a Reply

Your email address will not be published. Required fields are marked *