Weekend Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65percent

Welcome To DumpsPedia
  1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-722
  5. Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0) Questions and Answers

H12-722 Sample Questions Answers

Questions 4

For compressed files, the virus detection system can directly detect them.

Options:

A.

True

B.

False

Buy Now
Questions 5

Which of the following descriptions about viruses and Trojans are correct? (multiple choices)

Options:

A.

Viruses are triggered by computer users

B.

Viruses can replicate themselves

C.

Trojan horses are triggered by computer users

D.

Trojans can replicate themselves

Buy Now
Questions 6

In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.

do. Which of the following options does not belong to the action that needs to be completed in the data processing part?

155955cc-666171a2-20fac832-0c042c0422

Options:

A.

Data preprocessing

B.

Threat determination

C.

Distributed storage

D.

Distributed index

Buy Now
Questions 7

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Options:

A.

display version av-sdb

B.

display utm av version

C.

display av utm version

D.

display utm version

Buy Now
Questions 8

Network attacks are mainly divided into two categories: single-packet attacks and streaming attacks. Single-packet attacks include scanning and snooping attacks, malformed packet attacks, and special reports.

Wen attack.

Options:

A.

True

B.

False

Buy Now
Questions 9

Which of the following files can the sandbox detect? (multiple choice)

Options:

A.

www file

B.

PE file

C.

Picture file

D.

Mail

Buy Now
Questions 10

Due to differences in network environment and system security strategies, intrusion detection systems are also different in specific implementation. From the perspective of system composition, the main

Which four major components are included?

Options:

A.

Event extraction, intrusion analysis, reverse intrusion and remote management.

B.

Incident extraction, intrusion analysis, intrusion response and on-site management.

C.

Incident recording, intrusion analysis, intrusion response and remote management.

D.

Incident extraction, intrusion analysis, intrusion response and remote management.

Buy Now
Questions 11

Which of the following attacks are attacks against web servers? (multiple choices)

Options:

A.

Website phishing deception

B.

Website Trojan

C.

SQL injection

D.

Cross-site scripting attacks 2335

Buy Now
Questions 12

Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

Options:

A.

The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source

B.

For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify

The legitimacy of the source IP.

C.

In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process

It will consume the TCP connection resources of the OINS cache server.

D.

Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.

Buy Now
Questions 13

Misuse detection is through the detection of similar intrusions in user behavior, or those that use system flaws to indirectly violate system security rules

To detect intrusions in the system. Which of the following is not a feature of misuse detection 2

Options:

A.

Easy to implement

B.

Accurate detection

C.

Effective detection of impersonation detection of legitimate users

D.

Easy to upgrade

Buy Now
Questions 14

Which of the following options does not belong to the security risk of the application layer of the TCP/IP protocol stack?

Options:

A.

Virus

B.

Buffer overflow ρ

C.

System vulnerabilities

D.

Port scan

Buy Now
Questions 15

Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes:

1. Report suspicious files

2. Retrospective attack

3. Firewall linkage defense

4. Prosecution in the cloud sandbox

For the ordering of the process, which of the following options is correct?

Options:

A.

1-3-4-2

B.

1-4-2-3

C.

1-4-3-2

D.

3-1-4-2:

Buy Now
Questions 16

Which of the following options will not pose a security threat to the network?

Options:

A.

Hacking

B.

Weak personal safety awareness

C.

Open company confidential files

D.

Failure to update the virus database in time

Buy Now
Questions 17

Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice)

Options:

A.

Local upgrade

B.

Manual upgrade

C.

Online upgrade

D.

Automatic upgrade

Buy Now
Questions 18

Which of the following options are common reasons for IPS detection failure? (multiple choices)

Options:

A.

IPS policy is not submitted for compilation

B.

False Policy IDs are associated with IPS policy domains

C.

The IPS function is not turned on

D.

Bypass function is closed in IPS

Buy Now
Questions 19

Threats detected by the big data intelligent security analysis platform will be synchronized to each network device at the same time C and then collected from the network device

Collect it in the log for continuous learning and optimization.

Options:

A.

True

155955cc-666171a2-20fac832-0c042c0433

B.

False

Buy Now
Questions 20

Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

Options:

A.

True

B.

False

Buy Now
Questions 21

In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the "Prompt" in the upper right corner of the interface.

"Hand in" to activate.

Options:

A.

True

B.

False

Buy Now
Questions 22

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

Options:

A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Buy Now
Questions 23

When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

Options:

A.

Users can visit www.videobt.com website.

B.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

C.

User cannot access all the sites ending with bt com.

D.

When users visit www.bt. com, they will be blocked.

Buy Now
Questions 24

Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?

1. The Netflow analysis device samples the current network flow;

2. Send a drainage command to the cleaning center;

3. Discover the DDoS attack stream;

4.Netior: analysis equipment sends alarms to ATIC management center

5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;

6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage

7. The cleaning log is sent to the management center to generate a report;

8. The cleaned traffic is sent to the original destination server.

Options:

A.

1-3-4-2-5-6-7-8

B.

1-3-2-4-6-5-7-8

C.

1-3-4-2-6-5-8-7

D.

1-3-24-6-5-8-7

Buy Now
Questions 25

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

Options:

A.

The action of signing iD3000 is an alarm

B.

The action of signing ID3000 is to block

C.

Unable to determine the action of signature ID3000

D.

The signature set is not related to the coverage signature

Buy Now
Questions 26

Which of the following threats cannot be detected by IPS?

Options:

A.

Virus

B.

Worms

C.

Spam

D.

DoS

Buy Now
Questions 27

The user needs of a university are as follows:

1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.

2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.

3. At the same time, some pornographic websites in the student area are prohibited.

The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

155955cc-666171a2-20fac832-0c042c0415

Options:

A.

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

B.

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

C.

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

D.

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Buy Now
Questions 28

Regarding the anti-spam local black and white list, which of the following statements is wrong?

Options:

A.

The black and white list is matched by extracting the destination IP address of the SMTP connection

B.

The black and white list is matched by the sender's dns suffix

C.

The black and white list is matched by extracting the source IP address of the SMTP connection

155955cc-666171a2-20fac832-0c042c0419

D.

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

Buy Now
Questions 29

The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the website of the security center platform?

Options:

A.

sec. huawei. com.

B.

support.huaver: com

C.

www. huawei. com

D.

security.. huawei. com

Buy Now
Questions 30

Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black

Whitelist and other configuration files.

A True

B. False

Options:

Buy Now
Questions 31

Which of the following options describes the IntelliSense engine IAE incorrectly?

Options:

A.

lAE's content security detection functions include application identification and perception, intrusion prevention, and Web application security.

B.

Full English name: intelligent Awareness Engine.

C.

The core of C.IAE is to organically centralize all content security-related detection functions.

D.

The security detection of the IAE engine is parallel, using a message-based file processing mechanism, which can receive file fragments and perform security checks.

Buy Now
Questions 32

Which of the following options belong to the network layer attack of the TCP/IP protocol stack? (multiple choice)

Options:

A.

Address scanning

B.

Buffer overflow p

C.

Port scan

D.

IP spoofing

Buy Now
Questions 33

In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed

In the high-performance engine. Which of the following is not the content security detection function supported by this product?

Options:

A.

Application recognition and perception

B.

URL classification and filtering

C.

Video content filtering

D.

Intrusion prevention

155955cc-666171a2-20fac832-0c042c048

Buy Now
Questions 34

Regarding the 3 abnormal situations of the file type recognition result, which of the following option descriptions is wrong?

Options:

A.

File extension mismatch means that the file type is inconsistent with the file extension.

B.

Unrecognized file type means that the file type cannot be recognized and there is no file extension.

C.

File damage means that the file type cannot be identified because the file is damaged.

D.

Unrecognized file type means that the file type cannot be recognized, and the file extension cannot be recognized.

Buy Now
Questions 35

Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Options:

A.

Rely on state detection technology and protocol analysis technology

B.

The performance is higher than the agent-based method

C.

The cost is smaller than the agent-based approach

D.

The detection rate is higher than the proxy-based scanning method

Buy Now
Questions 36

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

Options:

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Buy Now
Questions 37

Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

Options:

A.

True

B.

False

Buy Now
Questions 38

The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide

Analyze the suspicious object, which of the following options are its main features? (multiple choices)

Options:

A.

Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so

Not vulnerable to attack.

B.

The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

C.

Need a lot of monitors.

D.

It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.

Buy Now
Questions 39

The processing flow of IPS has the following steps;

1. Reorganize application data

2. Match the signature

3. Message processing

4. Protocol identification

Which of the following is the correct order of the processing flow?

Options:

A.

4-1-2-3

B.

1-4-2-3

C.

1-3-2-4

D.

2-4-1-3:

Buy Now
Questions 40

Which three aspects should be considered in the design of cloud platform security solutions? (multiple choice)

Options:

A.

Infrastructure security

B.

Tenant security

C.

How to do a good job in management, operation and maintenance

D.

Hardware maintenance

Buy Now
Questions 41

If you combine security defense with big data technology, which of the following statements are correct? (multiple choice)

Options:

A.

In the learning process, you should start from collecting samples, analyze their characteristics and then perform machine learning.

B.

Machine learning only counts a large number of samples, which is convenient for security administrators to view.

C.

In the detection process, the characteristics of unknown samples need to be extracted and calculated to provide samples for subsequent static comparisons.

D.

Security source data can come from many places, including data streams, messages, threat events, logs, etc.

Buy Now
Questions 42

What content can be filtered by the content filtering technology of Huawei USG6000 products?

Options:

A.

File content filtering

B.

Voice content filtering

C.

Apply content filtering..

D.

The source of the video content

Buy Now
Questions 43

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:

A.

Configuration plane

B.

Business plane

C.

Log plane

D.

Data forwarding plane

Buy Now
Questions 44

When the device recognizes a keyword during content filtering detection, which response actions can the device perform? (multiple choice)

Options:

A.

Warning

B.

Block

C.

Declare

D.

Operate by weight

Buy Now
Questions 45

The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

Options:

A.

Prefix matching

B.

Suffix matching

155955cc-666171a2-20fac832-0c042c043

C.

Keyword matching

D.

Exact match

Buy Now
Questions 46

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

Options:

A.

3->1->4->2->5

B.

3->2->4->1->5

C.

3->2->1->4->5

D.

3->1->2->4->5

Buy Now
Questions 47

Regarding the global configuration of file filtering configuration files for Huawei USG6000 products, which of the following descriptions is correct?

Options:

A.

File filtering, content filtering and anti-virus detection cannot be performed when the file is damaged. At this time, the documents can be released or blocked according to business requirements.

B.

When the file extension does not match, if the action is "Allow" or "Alarm", file filtering, content filtering and anti-virus are performed according to the file type

Detection.

C.

When the number of compression layers of a file is greater than the configured "Maximum Decompression Layers", the firewall cannot filter the file.

D.

When the file type cannot be recognized, file filtering, content filtering and anti-virus detection are not performed.

Buy Now
Questions 48

If a company wants to detect image files, Shellcode code files and PDF files, which of the following types of sandboxes can be used? (More

155955cc-666171a2-20fac832-0c042c0420

select)

Options:

A.

PDF heuristic sandbox

ja$

B.

PE heuristic sandbox

C.

Web heuristic sandbox

D.

Heavyweight sandbox (virtual execution)

Buy Now
Questions 49

When a data file hits the whitelist of the firewall's anti-virus module, the firewall will no longer perform virus detection on the file.

Options:

A.

True

B.

False

Buy Now
Questions 50

Which of the following protocols can be used to construct attack messages for special control message attacks? (multiple choice)

A ICMP protocol

B. UDP protocol

C. CIP protocol

D. FTP protocol

Options:

Buy Now
Questions 51

For the description of URPF technology, which of the following options are correct? (multiple choice)

Options:

A.

The main function is to prevent network attacks based on source address spoofing.

B.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

C.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

D.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

Buy Now
Questions 52

Viruses can damage computer systems. v Change and damage business data: spyware collects, uses, and disperses sensitive information of corporate employees.

These malicious pastoral software seriously disturb the normal business of the enterprise. Desktop anti-disease software can solve the problem of central virus and indirect software from the overall situation.

Options:

A.

True

B.

False

Buy Now
Questions 53

The core technology of content security lies in anomaly detection, and the concept of defense lies in continuous monitoring and analysis.

Options:

A.

True

B.

False

Buy Now
Exam Code: H12-722
Exam Name: Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)
Last Update: Oct 5, 2025
Questions: 177
$57.75  $164.99
$43.75  $124.99
$36.75  $104.99
buy now H12-722