H12-722 Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) exact Exam Questions

Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Last Update 21 hours ago Total Questions : 177

The Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) content is now fully updated, with all current exam questions added 21 hours ago. Deciding to include H12-722 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our H12-722 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these H12-722 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) practice test comfortably within the allotted time.

Question # 41

Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

A ICMP protocol

B. UDP protocol

C. CIP protocol

D. FTP protocol

Question # 42

Regarding the description of file reputation technology in anti-virus engines, which of the following options is correct?

Local reputation MD5 cache only has static cache, which needs to be updated regularly

File reputation database can only be upgraded by manual upgrade

File reputation is to perform virus detection by calculating the full text MD5 of the file to be tested and matching it with the local reputation MD5 cache

File reputation database update and upgrade can only be achieved through linkage with sandbox

Question # 43

Regarding worms and viruses, which of the following statements is correct?

Worms exist in a parasitic way

155955cc-666171a2-20fac832-0c042c0413

Viruses mainly rely on system vulnerabilities to spread

The target of the worm infection is other computer systems on the network.

The virus exists independently in the computer system.

Question # 44

When the Anti DDoS system finds the attack flow, the state will redirect the attack flow to the cleaning device. After the cleaning device is cleaned, it will flow back.

Note to the original link, which of the following options does not belong to the method of re-injection?

Policy routing back annotation,

GRE back note:

MPLS LSP back injection

BGP back-annotation

Question # 45

Regarding the processing process of file overwhelming, which of the following statements is correct?

The file filtering module will compare the application type, file type, and transmission direction of the file identified by the previous module with the file filtering rules configured by the administrator.

Then the lookup table performs matching from top to bottom.

If all the parameters of Wenzhu can match all file filtering rules, then the module will execute the action of this file filtering rule.

There are two types of actions: warning and blocking.

If the file type is a compressed file, then after the file filtering check, the female file will be sent to the file decompression module for decompression and decompression.

Press out the original file. If the decompression fails, the file will not be re-filed.

Question # 46

File filtering technology can filter files based on the application of the file, the file transfer direction, the file type and the file extension.

True

False

Question # 47

The user needs of a university are as follows:

1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.

2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.

3. At the same time, some pornographic websites in the student area are prohibited.

The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

155955cc-666171a2-20fac832-0c042c0415

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Question # 48

Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes:

1. Report suspicious files

2. Retrospective attack

3. Firewall linkage defense

4. Prosecution in the cloud sandbox

For the ordering of the process, which of the following options is correct?

1-3-4-2

1-4-2-3

1-4-3-2

3-1-4-2:

Question # 49

Regarding Huawei ' s anti-virus technology, which of the following statements is wrong?

The virus detection system cannot directly detect compressed files

The anti-virus engine can detect the file type through the file extension

Gateway antivirus default file maximum decompression layer is 3 layers

The implementation of gateway antivirus is based on proxy scanning and stream scanning

Question # 50

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the " Prompt " in the upper right corner of the interface.

" Hand in " to activate.

True

False