H12-722 by Huawei Valid Free Exam Practice Test

Question 1

Huawei WAF products mainly consist of implementing front-end, back-end central systems and databases. The database mainly stores the front-end detection rules and black and white list configuration files.

A. False B. True

Correct Answer: B

Question 2

IPS can't detect which of the following threats?

A. Virus B. Spam C. DoS D. Worm

Correct Answer: B

Question 3

If the user's FTP operation matches the FTP filtering policy, which actions can be performed? (Multiple choice)

A. Alerts B. Execution C. Announcement D. Blocking

Correct Answer: A,D

Question 4

Huawei USG6000 product can virus scan and process certain file transfer protocols, but which of the following protocol does not include?

A. TFTP B. IMAP C. POP3 D. FTP

Correct Answer: A

Question 5

Which of the following features are supported by the Huawei NIP intrusion prevention device?

A. Mail detection B. SSL traffic detection C. Application Identification and Control D. Virtual Patch

Correct Answer: B,C,D

Question 6

Malicious code usually uses RootKit technology to hide itself. RootKit modifies the kernel of the system by loading special drivers to hide itself and specific files.

A. FALSE B. TRUE

Correct Answer: B

Question 7

What are the following descriptions of the role of content security filtering technology? (Multiple choices)

A. The application behavior control function can finely control the common HTTP behavior and FTP behavior. B. Content filtering prevents the leakage of confidential information and the transmission of non-compliant information. C. File Filtering By blocking the transmission of certain types of files, you can reduce the risk of internal networks running malicious code and viruses. You can also prevent employees from leaking corporate confidential files to the Internet. D. E-mail filtering refers to the management and control of e-mail sending and receiving activities, including the prevention of spam and the proliferation of anonymous e-mails, and the control of illegal sending and receiving.

Correct Answer: A,B,C,D

Question 8

Which of the following statements is true about the process of file filtering?

A. There are two alarms and blocking actions. B. The file filtering module will match the application type, file type, transmission direction of the file identified by the previous module and the file filter rule query table configured by the administrator from top to bottom. C. If all the parameters of the file can match all the file filtering rules, the module will perform the action of this file filtering rule. D. If the file type is a compressed file, then after file filtering detection, the file will be sent to the file decompression module for decompression and decompressing the original file. If decompression fails, the file will no longer be filtered.

Correct Answer: C

Question 9

In the deployment of Huawei NIP6000 products, traffic mirroring can only be performed using port mirroring.

A. False B. True

Correct Answer: A

Question 10

When users deploy a firewall anti-virus policy, there is no need to deploy anti-virus software.

A. FALSE B. TRUE

Correct Answer: A

Question 11

Which of the following are the possible causes for the failure to include a signature after the IPS policy is configured? (Multiple choices)

A. Severity configuration is too high B. Direction is not enabled C. Direction opened, but no specific direction was chosen D. Incorrect protocol selection

Correct Answer: A,C,D

Question 12

If you combine security defenses with big data technologies, which of the following statements is correct? (Multiple choice)

A. During the learning process, we should start with collecting samples, analyze their characteristic vectors, and then perform machine learning. B. Machine learning is only for statistics of a large number of samples, which is convenient for security administrators to view. C. The security source data can come from many places, including data flows, packets, threat events, logs, and so on. D. During the detection process, the unknown sample needs to be extracted and the corresponding model is calculated to provide a sample for subsequent static comparison.

Correct Answer: A,C,D

Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) - H12-722 Exam Practice Test