[Oct-2021] Pass Huawei H12-722 Exam in First Attempt Guaranteed! [Q15-Q40]

[Oct-2021] Pass Huawei H12-722 Exam in First Attempt Guaranteed!

Full H12-722 Practice Test and 180 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 15
In Huawei's USG6000 products, IAE provides an integrated solution. All content security detection functions are integrated in a well-designed, high-performance engine.
Which of the following is not a content security detection feature that the product supports?

A. Application identification and awareness
B. Video content filtering
C. Intrusion Prevention
D. URL classification and filtering

Answer: B

NEW QUESTION 16
Huawei NIP6000 products provide carrier-grade high-reliability mechanisms at multiple levels to ensure the stable operation of the equipment.
Which of the following options belong to the reliability of the network? (Multiple choices)

A. Link-group
B. Power 1+1 redundancy backup
C. Hardware Bypass
D. Hot Standby

Answer: A,D

NEW QUESTION 17
The Huawei USG6000 product can identify the actual types of common files and filter inspection to content. Even if the file is hidden in a zip file, or if you change the extension, you can't escape the eyes of the firewall.

A. True
B. False

Answer: A

NEW QUESTION 18
Which of the following are the common causes of IPS detection failures? (Multiple choices)

A. IPS function is not enabled
B. Policy IDs with incorrect associations between IPS policy domains
C. IPS policy is not submitted for compilation
D. Bypass function in IPS is turned off

Answer: A,B,C

NEW QUESTION 19
The administrator has the following configuration:
1. The signature set Protect, all includes the signature ID 3000, and the entire signature set action is blocked.
2. Overwriting the signature ID3000 action is an alarm.
Which of the following judgments is correct?

A. No relationship between signature set and coverage signature
B. Cannot determine the action of signature ID3000
C. The action of signature ID3000 is blocked
D. The action of the signature ID3000 is an alarm

Answer: D

NEW QUESTION 20
Viruses can damage computer systems and falsify or damage business data: Spyware collects, use and disseminate sensitive information from employees. These malicious software seriously interfere with the normal business operations of enterprises. Desktop anti-virus software can solve the problem of viruses and spyware globally.

A. False
B. True

Answer: A

NEW QUESTION 21
Which of the following statements is wrong about Huawei anti-virus technology?

A. Gateway anti-virus implementation is based on proxy scanning and flow scanning
B. The virus detection system cannot directly detect compressed files
C. Anti-virus engine can detect file type by file extension
D. The maximum number of unpacked layers of the gateway antivirus default file is 3

Answer: C

NEW QUESTION 22
Due to the differences in network environment and system security policies, intrusion detection systems also differ in their implementation.
In terms of system composition, what are the four major components?

A. Event recording, intrusion analysis, intrusion response, and remote management.
B. Event extraction, intrusion analysis, reverse intrusion, and remote management.
C. Event extraction, intrusion analysis, intrusion response, and field management.
D. Event extraction, intrusion analysis, intrusion response, and remote management.

Answer: D

NEW QUESTION 23
Anomaly detection establishes the normal behavior characteristics of the system's main body through analysis of system audit data: In the detection, if the audit data in the system is different from the normal behavior characteristics of the established subject, it is considered an intrusion behavior. Which of the following can be used as the system body? (Multiple choices)

A. A group of users
B. Single user
C. Host
D. A key program and file in the system

Answer: A,B,C,D

NEW QUESTION 24
File filtering technology can filter files based on their application, file transfer direction, file type, and file extension.

A. TRUE
B. FALSE

Answer: A

NEW QUESTION 25
For SYN flood attacks, TCP source authentication and TCP proxy can be used for defense.
Which of the following description is correct?

A. TCP proxy means that the firewall is deployed between the client and the server. When the client sends an SYII packet to the server through the firewall, the firewall instead of the server establishes a three-way handshake with the client. Generally used for scenarios where the path of the packet is inconsistent.
B. After the TCP source authentication passes the source authentication of the client, it is added to the whitelist. Then the SYN packet of this source still needs to be verified.
C. TCP source authentication has the same restriction on the path of packets, so the application is not as common as TCP proxy.
D. During the TCP proxy process, the firewall proxies and responds to every SYN packet received and maintains half-connection. Therefore, when the traffic of the SYN packet is heavy, the firewall requires very high performance.

Answer: D

NEW QUESTION 26
The anti-tampering technology of Huawei WAF products is based on the cache module. Assuming that user A accesses website B, website B has signs of page tampering. The workflow of the WAF tamper-resistant module has the following steps:
1, WAF uses the cached page to return to the client
2, WAF compares the server page content with the cached page content
3, After the learning is completed, the page content is stored in the cache
4, When the user accesses the web page, the WAF obtains the page content of the server
5, WAF initiates learning mode to learn the page content of the user visiting the website
Which of the following options is correct for the ordering of these steps?

A. 5, 1, 2, 4, 3
B. 2, 4, 1, 5, 3
C. 3, 4, 2, 5, 1
D. 5, 3, 4, 2, 1

Answer: D

NEW QUESTION 27
UDP is a connectionless protocol. A large number of UDP flood attacks cause the performance of network devices that rely on session forwarding to be degraded and even the session table is exhausted, causing network congestion.
Which of the following options does not prevent UDP flood attacks?

A. First packet discarded
B. Current limiting
C. UDP fingerprint learning
D. Associated defense

Answer: A

NEW QUESTION 28
After the Huawei USG6000 product license expires, the RBL function is unavailable.
Users can only use local black and white lists to filter spam.

A. TRUE
B. FALSE

Answer: A

NEW QUESTION 29
The whitelist rule of the firewall antivirus module is configured as *example*. Which of the following matches is used in this configuration?

A. Suffix matching
B. Keyword matching
C. Prefix matching
D. exact match

Answer: B

NEW QUESTION 30
Which of the following is correct configuration strategy for anti-virus policy?
1. Load feature library
2. Configure security policy and reference AV profile
3. Apply and activate license
4. Configure AV Profile
5. Submit

A. 3 -> 1 -> 2 -> 4 -> 5
B. 3 -> 2 -> 1 -> 4 -> 5
C. 3 -> 1 -> 4 -> 2 -> 5
D. 3 -> 2 -> 4 -> 1 -> 5

Answer: C

NEW QUESTION 31
In the big data intelligent security analysis platform, it is necessary to collect data from the data source, and then complete a series of actions such as data processing, detection and analysis.
Which of the following options does not belong to the data processing part that needs to be completed?

A. Threat assessment
B. Data preprocessing
C. Distributed Index
D. Distributed storage

Answer: A

NEW QUESTION 32
Which of the following is not detected action when detecting a virus in a message?

A. Delete the attachment
B. Alarms
C. Blocking
D. Announcement

Answer: C

NEW QUESTION 33
The RBL black and white list query result on the firewall is as follows:

Based on the above information, which of the following statements is correct? (Multiple choices)

A. Mail with source address 10.17.1.0/24 will be released
B. Mail with source address 10.18.1.0/24 will be released
C. Mail with source address 10.17.1.0/24 will be blocked
D. Mail with source address 10.18.1.0/24 will be blocked

Answer: A,B

NEW QUESTION 34
If the user's FTP operation matches the FTP filtering policy, which actions can be performed? (Multiple choice)

A. Alerts
B. Execution
C. Blocking
D. Announcement

Answer: A,C

NEW QUESTION 35
Information security is the protection of information and information systems against unauthorized access, use, disclosure, interruption, modification, destruction and thereby providing confidentiality, integrity and availability.

A. True
B. False

Answer: A

NEW QUESTION 36
Regarding the local black and white list of anti-spam messages, which of the following statements is wrong?

A. The black and white list is matched by the sender's dns suffix
B. Black and white lists are matched by extracting the source IP address of the SMTP connection
C. The black and white list is matched by extracting the destination IP address of the SMTP connection
D. Block the connection if the source IP address of the SMTP connection matches the blacklist

Answer: A

NEW QUESTION 37
USG6000V software logical architecture is divided into three planes: the management plane, control plane, and _______.

A. service plane
B. log plane
C. data forwarding plane
D. configuration plane

Answer: C

NEW QUESTION 38
Because the sandbox can provide virtual execution environment to detect files on the network, the sandbox can replace devices such as Anti-Virus, IPS and spam detection when deploying security devices.

A. False
B. True

Answer: A

NEW QUESTION 39
The process of a browser carrying a cookie to request a resource from a server is as shown in the following figure. Which of the following steps have the session ID information in the message?