HCIP-Security-CSSN V3.0 (H12-722_V3.0) Free Practice Test

Question 1

The configuration command to enable the attack prevention function is as follows; n
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[Fwj anti-ddos htp-flood source-detect mode basic
Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

A. HTTP Flood attack defense uses enhanced mode for defense

B. The firewall has enabled the SYN Flood source detection and defense function

C. The firewall uses the first packet drop to defend against UDP Flood attacks.

D. The threshold for HTTP Flood defense activation is 2000.

Correct Answer: B,D

Question 2

Which patches does Policy Center support to management?(Choose 3 answers)

A. Microsoft SQL Windows database patch

B. Microsoft Windows operating system patches

C. Microsoft Internet Explorer patches

D. android system patches

Correct Answer: A,B,C

Question 3

Which aspects of information security will be caused by unauthorized access? (multiple choice)

A. Recoverability

B. Availability

C. Confidentiality

D. Integrity

Correct Answer: C,D

Question 4

An enterprise administrator configures a Web reputation website in the form of a domain name, and configures the domain name as www. abc; example. com. .
Which of the following is the entry that the firewall will match when looking up the website URL?

A. example. com

B. www.abc. example

C. example

D. www. abc. example. com

Correct Answer: C

Question 5

Which way can NAC Agent upgrade package be deployed?

A. By account

B. By IP addresses

C. By user information

D. By terminal type

Correct Answer: B

Question 6

The IPS function of Huawei USG6000 supports two response methods: blocking and alarming.

A. False

B. True

Correct Answer: B

Question 7

In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed In the high-performance engine. Which of the following is not the content security detection function supported by this product?

A. Intrusion prevention

B. Application recognition and perception

C. URL classification and filtering

D. Video content filtering

Correct Answer: D

Question 8

For full encryption registered mobile storage devices must be formatted to normal use in not installed NAC client terminal host.

A. FALSE

B. TRUE

Correct Answer: B

Question 9

Which is correct about the following Policy Center troubleshooting process?

A. connection fault-> Hardware fault-> NAC client fault-> Policy Center server fault

B. hardware fault-> NAC client fault-> connection fault-> Policy Center server fault

C. Hardware fault-> connection fault-> Policy Center server fault-> NAC client fault

D. Hardware fault-> connection fault-> NAC client fault-> Policy Center server fault

Correct Answer: D

Question 10

Regarding the anti-spam response code, which of the following statements is wrong?

A. USG treats mails that match the answer code as spam.

B. The response code will vary depending on the RBL service provider.

C. If the response code is not returned or the response code is not configured on the USG, the mail is released.

D. The response code is specified as 127.0.0.1 in the second system.

Correct Answer: D

Welcome to TestSimulate

Huawei HCIP-Security-CSSN V3.0 (H12-722_V3.0) Free Practice Test