2021 Updated Verified H12-722 dumps Q&As - Pass Guarantee or Full Refund [Q75-Q99]

2021 Updated Verified H12-722 dumps Q&As - Pass Guarantee or Full Refund

H12-722 PDF Questions and Testing Engine With 180 Questions

NEW QUESTION 75
Which of the following options does not belong to the security risk of the TCP/IP stack application layer?

• A. Port scanning
• B. Buffer overflow
• C. System vulnerabilities
• D. Virus

Answer: A

 

NEW QUESTION 76
Which of the following options is not a feature of Trojan horses?

• A. Trojans self-replicate and spread
• B. Not self-replicating but parasitic
• C. The ultimate intention is to steal information and implement remote monitoring
• D. Actively infectious

Answer: D

 

NEW QUESTION 77
The configuration commands for enabling the attack defense function are as follows:
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic-fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[FW] anti-ddos http-flood source-detect mode basic
Which of the following are the correct descriptions of the attack prevention configuration? (Multiple Choices)

• A. HTTP flood attack defense uses enhanced mode for defense.
• B. The threshold value enabled by HTTP Flood defense is 2000.
• C. The firewall uses the first packet discard to defense the UDP flood attacks.
• D. SYN Flood source detection and prevention function is enabled on the firewall.

Answer: B,D

 

NEW QUESTION 78
Regarding the local black and white list of anti-spam messages, which of the following statements is wrong?

• A. Black and white lists are matched by extracting the source IP address of the SMTP connection
• B. The black and white list is matched by extracting the destination IP address of the SMTP connection
• C. Block the connection if the source IP address of the SMTP connection matches the blacklist
• D. The black and white list is matched by the sender's dns suffix

Answer: D

 

NEW QUESTION 79
Intrusion detection is a kind of network security technology used to detect any damage or attempt to damage the confidentiality, integrity or availability of the system. Which of the following belongs to the intrusion detection knowledge base?

• A. Complete virus sample
• B. Security policy
• C. Complete Trojan sample
• D. Specific behavior patterns

Answer: D

 

NEW QUESTION 80
When using the misuse check technology, if the normal user behavior is successfully matched with the intrusion feature knowledge base, it will be falsely reported.

• A. True
• B. False

Answer: A

 

NEW QUESTION 81
The IPS process has the following steps:
1. Reorganize application data
2. Match signature
3. Message processing
4. Protocol identification
Which of the following is the correct ordering for the processing?

• A. 1-4-2-3
• B. 1-3-2-4
• C. 4-1-2-3
• D. 2-4-1-3

Answer: A

 

NEW QUESTION 82
In the Huawei USG6000 product, after the security profile is created or modified, the configuration does not take effect immediately. You need to click "Submit" in the upper right corner of the page to activate it.

• A. True
• B. False

Answer: A

 

NEW QUESTION 83
With regard to traditional firewalls, which of the following statements are correct? (Multiple choice)

• A. Can quickly adapt to changes in threats.
• B. It is unable to effectively resist the spread of viruses from the Internet to the internal network.
• C. Lack of effective protection against application layer threats.
• D. Cannot accurately control various applications such as P2P, online games, etc.

Answer: B,C,D

 

NEW QUESTION 84
Due to the differences in network environment and system security policies, intrusion detection systems also differ in their implementation.
In terms of system composition, what are the four major components?

• A. Event extraction, intrusion analysis, intrusion response, and remote management.
• B. Event extraction, intrusion analysis, intrusion response, and field management.
• C. Event extraction, intrusion analysis, reverse intrusion, and remote management.
• D. Event recording, intrusion analysis, intrusion response, and remote management.

Answer: A

 

NEW QUESTION 85
After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

• A. True
• B. False.

Answer: B

 

NEW QUESTION 86
In the construction of information security, the intrusion detection system plays a role as a monitor. Through monitoring the traffic of critical nodes in the information system, it conducts in-depth analysis and explores the security events that are taking place. Which of the following are its characteristics?

• A. Unable to detect malicious operations or mis-operations from insiders.
• B. IDS can be linked with firewalls and switches to become a powerful "helper" for firewalls to better and more precisely control access between domains.
• C. Malicious code that is doped in allowable application data streams cannot be correctly analyzed.
• D. Cannot perform in-depth inspection

Answer: B

 

NEW QUESTION 87
Which of the following statements is wrong about anti-spam answerback codes?

• A. The answerback code is uniformly set as 127.0.0.1.
• B. Release the message if the answerback code does not reply to or the replied answerback code is not configured on the USG.
• C. The answerback code will be different for different RBL service providers.
• D. USG treats the mail that matches the answerback code as spam.

Answer: A

 

NEW QUESTION 88
Content filtering is a security mechanism for filtering the content of files or applications through Huawei USCG00 products. Focus on the flow through deep recognition Contains content, the device can block or alert traffic containing specific keywords.

• A. True
• B. False

Answer: A

 

NEW QUESTION 89
File filtering technology can filter files based on their application, file transfer direction, file type, and file extension.

• A. TRUE
• B. FALSE

Answer: A

 

NEW QUESTION 90
Which of the following is not detected action when detecting a virus in a message?

• A. Announcement
• B. Alarms
• C. Delete the attachment
• D. Blocking

Answer: D

 

NEW QUESTION 91
When you suspect that the corporate network is being attacked by hackers, you have conducted technical investigations.
Which of the following options does not belong to the pre-attack behavior?

• A. Web Application attack
• B. Brute force cracking
• C. Loophole attack
• D. Planting Malware

Answer: D

 

NEW QUESTION 92
Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

• A. Protect the intranet from external attacks, and inhibit malicious flows, such as spyware, worms, etc.
  from flooding and spreading to the intranet.
• B. Ability to quickly adapt to threat changes
• C. It cannot effectively prevent the virus from spreading from the Internet to the intranet.
• D. The number of applications that NIP6000 can recognize reaches 6000+, which realizes refined application protection, saves export bandwidth, and guarantees key business services Experience.

Answer: A,B,D

 

NEW QUESTION 93
Which of the following options is not a cyber security threat caused by weak personal security awareness?

• A. Leaking corporate information
• B. Disclosure of personal information
• C. Threats to the internal network
• D. Increasing the cost of enterprise network operation and maintenance

Answer: D

 

NEW QUESTION 94
Use BGP protocol to achieve diversion, the configuration command is as follows
[sysname] route-policy 1 permit node 1
[sysname-route-policy] apply community no-advertise
[sysname-route-policy] quit
[sysname]bgp10029
[sysname-bgp] peer
[sysname-bgp] import-route unr
[sysname- bgpl ipv4-family unicast
[sysname-bgp-af-ipv4] peer 7.7.1.2 route-policy 1 export
[sysname-bgp-af-ipv4] peer 7.7. 1.2 advertise community
[sysname-bgp-af-ipv4] quit
[sysname-bgp]quit
Which of the following options is correct for the description of BGP diversion configuration? (multiple choice)

• A. The management center does not need to configure protection objects. When an attack is discovered, it automatically issues a traffic diversion task.
• B. Use BGP to publish UNR routes to achieve dynamic diversion.
• C. After receiving the UNR route, the peer neighbor will not send it to any BGP neighbor.
• D. You also need to configure the firewall ddos bgp-next-hop fib-filter command to implement back-injection.

Answer: B,C

 

NEW QUESTION 95
Which descriptions about viruses and Trojans are correct? (Multiple Choice)

• A. Virus can self-replicate
• B. Trojans triggered by computer users
• C. Trojans can self-replicate
• D. Viruses are triggered by computer users

Answer: A,D

 

NEW QUESTION 96
Among the following options, which attack is a malformed packet attack based on the TCR protocol?

• A. Land attack
• B. Teardrop attack
• C. IP Spoofng attack
• D. Ping of Death attack

Answer: A

 

NEW QUESTION 97
The status code in the HTTP response message indicates the type of the response message, and there are many possible values. Which of the following status codes represents the client request The resource does not exist?

• A. 0
• B. 400.
• C. 1
• D. 2

Answer: C

 

NEW QUESTION 98
Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

• A. When a POP3 message is detected, if it is judged to be an illegal email, the firewall's response action only supports sending alarm information, and will not block the email o
• B. Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.
• C. When an IMAP message is detected, if it is judged to be an illegal email; the firewall's response action only supports sending alarm messages and will not block the email.
• D. The attachment size limit is for a single attachment, not for the total size of all attachments.

Answer: A

 

NEW QUESTION 99
......

Exam Engine for H12-722 Exam Free Demo & 365 Day Updates: https://www.verifieddumps.com/H12-722-valid-exam-braindumps.html