Huawei H12-722-ENU HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) Online Training
Huawei H12-722-ENU Online Training
The questions for H12-722-ENU were last updated at Feb 29,2024.
- Exam Code: H12-722-ENU
- Exam Name: HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network)
- Certification Provider: Huawei
- Latest update: Feb 29,2024
About firewalls and IDS, which of the following is true?
- A . Firewall is a bypass device for fine-grained detection
- B . IDS is a straight-path device and can’t perform depth detection
- C . Firewall is unable to detect insider malicious operation or misoperation
- D . IDS can’t interact with the firewall
The following figure shows the configuration of the URL filtering configuration file. Which of the following statements is true about this configuration?
- A . The firewall will check the blacklist first and then check the whitelist.
- B . Assume that user visit www.exzample.com, which is part of Humanities and Social Networking category. At this time, the user cannot access the site.
- C . The user visit the website www.exzample.com. When there is no black and white list of hits, the predefined URL category entry is next queried.
- D . The default action means that all websites allow access. Therefore, this configuration error.
UDP is a connectionless protocol. A large number of UDP flood attacks cause the performance of network devices that rely on session forwarding to be degraded and even the session table is exhausted, causing network congestion.
Which of the following options does not prevent UDP flood attacks?
- A . UDP fingerprint learning
- B . Associated defense
- C . Current limiting
- D . First packet discarded
Regarding the process of file filtering, which of the following statements is wrong?
- A . After the file extraction fails, the file will still be filtered.
- B . The application identification module can identify the type of application hosting the file.
- C . Protocol decoding is responsible for parsing the file data and file transfer directions in the data stream.
- D . The file type identification module is responsible for identifying the real type of the file and the extension of the file based on the file data
Misuse detection discovers intrusion activity in system by detecting similar behaviors of user intrusions, or by detecting violations of system security rules indirectly by exploiting system flaws.
Which of the following is not misuse detection feature?
- A . Easy to implement
- B . Accurate detection
- C . Effective detection of impersonation of legitimate users
- D . Easy to upgrade