Weekend Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Last Update 18 hours ago Total Questions : 177

The Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) content is now fully updated, with all current exam questions added 18 hours ago. Deciding to include H12-722 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our H12-722 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these H12-722 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) practice test comfortably within the allotted time.

Question # 11

Which of the following options is not a special message attack?

A.

ICMP redirect message attack) 0l

B.

Oversized ICMP packet attack

C.

Tracert packet attack

D.

IP fragment message item

Question # 12

Since the sandbox can provide a virtual execution environment to detect files in the network, the sandbox can be substituted when deploying security equipment

Anti-Virus, IPS, spam detection and other equipment.

A.

True

155955cc-666171a2-20fac832-0c042c0414

B.

False

Question # 13

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

A.

Direction is not enabled

B.

The direction is turned on, but no specific direction is selected

C.

The severity level of the configuration is too high

D.

The protocol selection technique is correct

Question # 14

UDP is a connectionless protocol. UDP Flood attacks that change sources and ports will cause performance degradation of network devices that rely on session forwarding.

Even the session table is exhausted, causing the network to be paralyzed. Which of the following options is not a preventive measure for UDP Flood attacks?

A.

UDP fingerprint learning

B.

Associated defense

C.

current limit

D.

First packet discarded

Question # 15

Which of the following options is not a cyber security threat caused by weak personal security awareness?

A.

Disclosure of personal information

B.

Threats to the internal network

C.

Leaking corporate information

D.

Increasing the cost of enterprise network operation and maintenance

Question # 16

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Question # 17

Which of the following behaviors is a false positive of the intrusion detection system?

A.

Unable to detect new types of worms

B.

The process of trying to log in to the system is recorded

C.

Use Ping to perform network detection and be alerted as an attack

D.

Web-based attacks are not detected by the system

Question # 18

Use BGP protocol to achieve diversion, the configuration command is as follows

[sysname] route-policy 1 permit node 1

[sysname-route-policy] apply community no-advertise

[sysname-route-policy] quit

[sysname]bgp100

155955cc-666171a2-20fac832-0c042c04

29

[sysname-bgp] peer

[sysname-bgp] import-route unr

[sysname- bgpl ipv4-family unicast

[sysname-bgp-af-ipv4] peer 7.7.1.2 route-policy 1 export

[sysname-bgp-af-ipv4] peer 7.7. 1.2 advertise community

[sysname-bgp-af-ipv4] quit

[sysname-bgp]quit

Which of the following options is correct for the description of BGP diversion configuration? (multiple choice)

A.

Use BGP to publish UNR routes to achieve dynamic diversion.

B.

After receiving the UNR route, the peer neighbor will not send it to any BGP neighbor.

C.

You also need to configure the firewall ddos ​​bgp-next-hop fib-filter command to implement back-injection.

D.

The management center does not need to configure protection objects. When an attack is discovered, it automatically issues a traffic diversion task.

Question # 19

The following figure shows the configuration of the URL filtering configuration file. Regarding the configuration, which of the following statements is correct?

A.

The firewall will first check the blacklist entries and then the whitelist entries.

B.

Assuming that the user visits the www.exzample.com website, which belongs to the categories of humanities and social networks at the same time, the user cannot access the

website.

C.

The user visits the website www.exzample.com, and when the black and white list is not hit, the next step is to query the predefined URL category entry.

D.

The default action means that all websites are allowed to visit. So the configuration is wrong here.

Question # 20

Which of the following options are common behavioral characteristics of viruses? (multiple choices)

A.

Download and backdoor features

B.

Information collection characteristics

C.

Self-hidden features

D.

Network attack characteristics

Go to page: