HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) (H12-722) Free Practice Test

Question 1

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

A. display version av-sdb

B. display utm av version

C. display utm version

D. display av utm version

Correct Answer: A

Question 2

Huawei WAF products mainly consist of implementing front-end, back-end central systems and databases. The database mainly stores the front-end detection rules and black and white list configuration files.

A. False

B. True

Correct Answer: B

Question 3

IPS is an intelligent intrusion detection and prevention product. It can not only detect the occurrence of intrusion, but also can stop the occurrence and development of intrusion in real time through a certain response method and protect the information system from substantive attack in real time.
Which of the following statement is wrong about the description of IPS?

A. IPS makes IDS and firewalls unified.

B. IPS is an intrusion detection system that can block in real-time when an intrusion is discovered.

C. IPS must be deployed in bypass mode on the network.

D. The common IPS deployment mode is straight-line deployment.

Correct Answer: C

Question 4

When users deploy a firewall anti-virus policy, there is no need to deploy anti-virus software.

A. FALSE

B. TRUE

Correct Answer: A

Question 5

In the anti-virus policy configuration of Huawei USG6000 products, which are the HTTP response methods? (Multiple choices)

A. Blocking and pushing pages

B. Alarms

C. Popup warning dialog

D. Disable all access for this client

Correct Answer: A,B

Question 6

An enterprise administrator configures the Web reputation system as shown in the figure.
Which of the following statements is true about this configuration?

A. The content of number 4 is mandatory.

B. In addition to this page configuration, you need to enable the linkage between the firewall and the sandbox. Otherwise, the page configuration is invalid.

C. The content of number 2 is mandatory.

D. After the configuration is complete, you need to submit the configuration for it to take effect.

Correct Answer: B

Question 7

Regarding the file filtering configuration file global configuration of the Huawei USG6000 product, which of the following is correct?

A. When the file type is not recognized, file filtering, content filtering, and anti-virus detection are not performed.

B. File filtering, content filtering and anti-virus detection are not available when the file is corrupted. At this time, the file can be released or blocked according to business requirements.

C. When the number of the file compressed layers is greater than the configured maximum number of uncompressed layers, the firewall cannot filter the file.

D. When the file extension does not match, if the action is "Allow" or "Alert", file filtering, content filtering, and anti-virus detection are performed according to the file type.

Correct Answer: C

Question 8

For the description of the DNS Request Flood attack, which of the following option is correct?

A. DNS request flood attack on the cache server can use the redirection mode to verify the validity of the source.

B. For the DNS request flood attack of the authorization server, you can trigger the client to send a DNS request with a TCP packet to verify the validity of the source IP address.

C. Redirection can be implemented not only for the source IP address of the attacked domain name, but also for the destination IP address of the attacked domain name.

D. In the process of source authentication, the firewall triggers the client to send a DNS request with TCP packets to verify the validity of the source IP, but it will consume the TCP connection resources of the DNS cache server to some extent.

Correct Answer: D

Question 9

Fraggle attack means that both the source address and the destination address of TCP are set to the IP address of a victim. This behavior will cause the victim to send a SYN-ACK message to its own address, which in turn sends back an ACK message and creates an empty connection, causing the system resources to be occupied or the destination host to crash.

A. False

B. True

Correct Answer: A

Question 10

Attacks against the Web can be divided into three attacks on the client, server or communication channel.

A. False

B. True

Correct Answer: B

Question 11

Which of the following options are not part of the PDRR security model?

A. Response

B. Protection

C. Request

D. Testing

Correct Answer: C

Welcome to TestSimulate

Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) (H12-722) Free Practice Test