• Home
  • Articles
  • [Nov 08, 2021] Valid H12-722-ENU Test Answers & Huawei H12-722-ENU Exam PDF [Q32-Q57]

[Nov 08, 2021] Valid H12-722-ENU Test Answers & Huawei H12-722-ENU Exam PDF [Q32-Q57]

Share

[Nov 08, 2021] Valid H12-722-ENU Test Answers & Huawei H12-722-ENU Exam PDF

Realistic H12-722-ENU Exam Dumps with Accurate & Updated Questions

NEW QUESTION 32
An enterprise administrator configures a web reputation website in the form of a domain name and configures the domain name as www.abc.example.com.
Which of the following is an entry that the firewall will match when looking for a website URL?

  • A. www.abc.example.com
  • B. example.com
  • C. www.abc.example
  • D. example

Answer: D

 

NEW QUESTION 33
Huawei WAF products mainly consist of implementing front-end, back-end central systems and databases. The database mainly stores the front-end detection rules and black and white list configuration files.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 34
Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

  • A. Infrastructure security
  • B. Tenant security
  • C. Hardware maintenance
  • D. How to do a good job in management, operation and maintenance

Answer: A,B,D

 

NEW QUESTION 35
For the description of the AntiDDoS system, which of the following option is correct?

  • A. The detection center mainly uses the control strategy of the security management center to perform traction and cleaning of the attack traffic. The normal traffic after cleaning is injected back to the customer network and sent to the real destination.
  • B. The management center mainly completes the processing of attack events, controls the flow policy and cleaning policy of the cleaning center, and classifies various attack events and attack traffic to generate reports
  • C. The main role of the cleaning center is to detect and analyze the DDoS attack traffic for the mirrored or light splitting traffic and provide the analysis data to the management center for judgment.
  • D. The firewall can only be a detection device.

Answer: B

 

NEW QUESTION 36
The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.

The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.
Which of the following statements is correct

  • A. The files obtained by users from website A and website B will be sent to the inspection node for inspection.
  • B. Assuming that website A is an unknown website, the administrator cannot detect the traffic file of this website sC
  • C. After the detection node detects the suspicious file, it not only informs the firewall in the figure of the result, but also informs other network devices connected to it.
  • D. When a user visits website B, although the firewall will extract the file and send it to the detection node, the user can still access normally during the detection process Site B.

Answer: C

 

NEW QUESTION 37
For the URL is htpt://www.abcd. com:8080/news/education. aspx?name=tom&age=20, which option is path?

  • A. htttp://www.abcd. com:8080,te
  • B. /news/education. aspx
  • C. htttp://www.abcd. com:8080/news/education. aspx
  • D. /news/education. aspx?name=tom&age=20

Answer: B

 

NEW QUESTION 38
Which descriptions about viruses and Trojans are correct? (Multiple Choice)

  • A. Trojans can self-replicate
  • B. Trojans triggered by computer users
  • C. Viruses are triggered by computer users
  • D. Virus can self-replicate

Answer: C,D

 

NEW QUESTION 39
IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.
Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

  • A. IPS is an intrusion detection system that can block real-time intrusions when found
  • B. IPS unifies IDS and firewall
  • C. IPS must use bypass deployment in the network
  • D. Common IPS deployment modes are in-line deployment,

Answer: C

 

NEW QUESTION 40
The DDoS attack defense configuration process is as follows:
1, start the flow statistics function;
2. Set different protection thresholds for different types of attacks;
3. When the traffic exceeds the preset threshold, the system starts attack defense.

  • A. FALSE
  • B. TRUE

Answer: B

 

NEW QUESTION 41
When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

  • A. Planting malware
  • B. Brute force
  • C. Vulnerability attack
  • D. Web application attacks

Answer: A

 

NEW QUESTION 42
Which of the following statements is wrong about the Anti-DDoS cloud cleaning solution?

  • A. Normal attacks are usually cleaned locally first.
  • B. If there is a large traffic attack in the network, send it to the cloud cleaning center to share the cleaning pressure.
  • C. Because the Cloud Cleaning Alliance will direct larger attack traffic to the cloud for cleaning, it will cause network congestion.
  • D. The cloud cleaning service that is closer to the target being attacked will be transferred first.

Answer: C

 

NEW QUESTION 43
Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 44
For the description of the DNS Request Flood attack, which of the following option is correct?

  • A. Redirection can be implemented not only for the source IP address of the attacked domain name, but also for the destination IP address of the attacked domain name.
  • B. In the process of source authentication, the firewall triggers the client to send a DNS request with TCP packets to verify the validity of the source IP, but it will consume the TCP connection resources of the DNS cache server to some extent.
  • C. For the DNS request flood attack of the authorization server, you can trigger the client to send a DNS request with a TCP packet to verify the validity of the source IP address.
  • D. DNS request flood attack on the cache server can use the redirection mode to verify the validity of the source.

Answer: B

 

NEW QUESTION 45
Regarding intrusion prevention, which of the following option descriptions is wrong

  • A. Intrusion prevention is a new security defense technology that can detect and prevent intrusions.
  • B. Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion
  • C. Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic
  • D. Intrusion prevention can block attacks in real time.

Answer: B

 

NEW QUESTION 46
Which of the following options are correct for the description of URPF technology? (Multiple Choices)

  • A. The main function is to prevent network attacks based on source address spoofing.
  • B. Use the loose mode of URPF in an environment where route symmetry is not guaranteed.
  • C. Does not check whether the interfaces match in the strict mode. As long as there is a route to the source address, the packets can pass.
  • D. In loose mode, not only the corresponding entries in the forwarding table are required, but also the interfaces must match to pass the URPF check.

Answer: A,B

 

NEW QUESTION 47
Which of the following are typical intrusions? "Multiple choice)

  • A. Computer is infected by U disk virus
  • B. Abnormal power interruption in the computer room
  • C. Copy/view sensitive data
  • D. Tampering with Web pages

Answer: C,D

 

NEW QUESTION 48
Threat after the big data intelligent security analysis platform detect will be synchronized to each network device, and then continue to learn and optimize by collecting to the logs from the network device.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 49
Anti-DDoS defense system includes: management center, inspection center and cleaning center.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 50
Which of the following types of attacks are DDoS attacks? 2I

  • A. Floating child attack
  • B. Malformed message attack
  • C. Snooping scan attack
  • D. Single packet attack

Answer: A

 

NEW QUESTION 51
Which of the following options does not belong to the security risk of the application layer of the TCP/IP protocol stack?

  • A. Virus
  • B. System vulnerabilities
  • C. Buffer overflow
  • D. Port scan

Answer: D

 

NEW QUESTION 52
The most common form of traffic-based attacks is flooding a large number of seemingly legitimate messages to the target host, eventually resulting in the exhaustion of network bandwidth or device resources.
Traffic attack packets do not include which of the following options?

  • A. UDP packets
  • B. FTP packets
  • C. TCP packets
  • D. ICMP packets

Answer: B

 

NEW QUESTION 53
The anti-tampering technology of Huawei WAF products is based on the cache module. Assuming that user A accesses website B, website B has signs of page tampering. The workflow of the WAF tamper-resistant module has the following steps:
1, WAF uses the cached page to return to the client
2, WAF compares the server page content with the cached page content
3, After the learning is completed, the page content is stored in the cache
4, When the user accesses the web page, the WAF obtains the page content of the server
5, WAF initiates learning mode to learn the page content of the user visiting the website
Which of the following options is correct for the ordering of these steps?

  • A. 5, 1, 2, 4, 3
  • B. 3, 4, 2, 5, 1
  • C. 5, 3, 4, 2, 1
  • D. 2, 4, 1, 5, 3

Answer: C

 

NEW QUESTION 54
The configuration commands for enabling the attack defense function are as follows:
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic-fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[FW] anti-ddos http-flood source-detect mode basic
Which of the following are the correct descriptions of the attack prevention configuration? (Multiple Choices)

  • A. The firewall uses the first packet discard to defense the UDP flood attacks.
  • B. SYN Flood source detection and prevention function is enabled on the firewall.
  • C. The threshold value enabled by HTTP Flood defense is 2000.
  • D. HTTP flood attack defense uses enhanced mode for defense.

Answer: B,C

 

NEW QUESTION 55
Which of the following threats cannot be detected by IPS?

  • A. Worms
  • B. Virus
  • C. DoS
  • D. Spam

Answer: D

 

NEW QUESTION 56
Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

  • A. The attachment size limit is for a single attachment, not for the total size of all attachments.
  • B. When an IMAP message is detected, if it is judged to be an illegal email; the firewall's response action only supports sending alarm messages and will not block the email.
  • C. Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.
  • D. When a POP3 message is detected, if it is judged to be an illegal email, the firewall's response action only supports sending alarm information, and will not block the email o

Answer: D

 

NEW QUESTION 57
......

H12-722-ENU Exam Dumps - PDF Questions and Testing Engine: https://www.testpdf.com/H12-722-ENU-exam-braindumps.html

Related Articles

more
Huawei H12-722-ENU Certification Practice Exam