• ホーム
  • ブログ
  • PDF問題(2022年最新)実際のHuawei H12-722-ENU試験問題 [Q61-Q82]

PDF問題(2022年最新)実際のHuawei H12-722-ENU試験問題 [Q61-Q82]

Share

PDF問題(2022年最新)実際のHuawei H12-722-ENU試験問題

問題集返金保証付きのH12-722-ENU問題集には90%オフされます

質問 61
Which of the following are the keyword matching patterns? (Multiple Choice)

  • A. Text
  • B. Regular expressions
  • C. Community word
  • D. Custom Keywords

正解: A,B

 

質問 62
The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.
Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

  • A. ICMP message
  • B. UDP packet
  • C. TCP packets
  • D. FTP message

正解: D

 

質問 63
The RBL black and white list query result on the firewall is as follows:

Based on the above information, which of the following statements is correct? (Multiple choices)

  • A. Mail with source address 10.18.1.0/24 will be released
  • B. Mail with source address 10.17.1.0/24 will be blocked
  • C. Mail with source address 10.18.1.0/24 will be blocked
  • D. Mail with source address 10.17.1.0/24 will be released

正解: A,D

 

質問 64
Anti-DDoS defense system includes: management center, inspection center and cleaning center.

  • A. True
  • B. False

正解: A

 

質問 65
Which of the following statement about IPS is wrong?

  • A. The covering signature has a higher priority than the signature in a centralized signature.
  • B. The signature set can contain both pre-defined and custom signatures.
  • C. Changes to the IPS policy do not take effect immediately. You need to submit a compilation to update the configuration of the IPS policy.
  • D. When the source security zone is the same as the destination security zone, the IPS policy is applied in the domain.

正解: B

 

質問 66
In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.
do. Which of the following options does not belong to the action that needs to be completed in the data processing part?

  • A. Data preprocessing
  • B. Distributed index
  • C. Distributed storage
  • D. Threat determination

正解: D

 

質問 67
If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses It is the stream scanning method.

  • A. False
  • B. True

正解: A

 

質問 68
Fage attack means that the original address and target address of TOP are both set to the IP address of a certain victim. This behavior will cause the victim to report to it.
SYN-ACK message is sent from the address, and this address sends back an ACK message and creates an empty connection, which causes the system resource board to occupy or target The host crashed.

  • A. False
  • B. True

正解: A

 

質問 69
With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.
Generally, APT attacks can be summarized into four stages:
1. Collecting Information & Intrusion
2. Long-term lurking & mining
3. Data breach
4. Remote control and penetration
Regarding the order of these four stages, which of the following options is correct?

  • A. 2-3-4-1
  • B. 1-2-4-3
  • C. 2-1-4-3
  • D. 1-4-2-3

正解: D

 

質問 70
With regard to traditional firewalls, which of the following statements are correct? (Multiple choice)

  • A. It is unable to effectively resist the spread of viruses from the Internet to the internal network.
  • B. Lack of effective protection against application layer threats.
  • C. Can quickly adapt to changes in threats.
  • D. Cannot accurately control various applications such as P2P, online games, etc.

正解: A,B,D

 

質問 71
Which of the following options does not belong to packet message attack?

  • A. Tracert packet attacks
  • B. IP fragmentation packet attacks
  • C. Large ICMP packet attacks
  • D. ICMP redirect packet attack

正解: B

 

質問 72
Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

  • A. For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify The legitimacy of the source IP.
  • B. In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process It will consume the TCP connection resources of the OINS cache server.
  • C. The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source
  • D. Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.

正解: B

 

質問 73
Which of the following is correct about special packets attack?

  • A. Attacks on special control packets can only use ICMP to construct attack packets.
  • B. The attacker probes the network structure by sending special control packets to launch real attack.
  • C. Attacks on special control packets do not have the ability to detect network structures. Only scanning-type attacks can detect the network.
  • D. The special control packets attack is a potential attack and does not have direct destruction.

正解: D

 

質問 74
Which of the following statement is wrong about a network intrusion detection system (NIDS)?

  • A. Used to monitor network traffic and can be deployed independently.
  • B. Real-time monitoring through network adapters and analysis of all communication traffic through the network;
  • C. Mainly used for real-time monitoring of critical network path information, listening to all packets on the network, collecting data, and analyzing suspicious objects
  • D. Use newly received network packets as a data source;

正解: D

 

質問 75
Which of the following protocols can be used to construct attack packets for special control packet attacks? (Multiple choices)

  • A. UDP protocol
  • B. IP protocol
  • C. FTP protocol
  • D. ICMP protocol

正解: A,B,D

 

質問 76
The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

  • A. False
  • B. True

正解: A

 

質問 77
Which of the following options describes the IntelliSense engine IAE incorrectly?

  • A. The core of C.IAE is to organically centralize all content security-related detection functions.
  • B. lAE's content security detection functions include application identification and perception, intrusion prevention, and Web application security.
  • C. Full English name: intelligent Awareness Engine.
  • D. The security detection of the IAE engine is parallel, using a message-based file processing mechanism, which can receive file fragments and perform security checks.

正解: D

 

質問 78
Single-packet attacks are classified into scanning and snooping attacks, malformed packet attacks, and special packet attacks. Ping of death belongs to special packet attacks.

  • A. False
  • B. True

正解: A

 

質問 79
The whitelist rule of the firewall anti-virus module is configured as ("*example*, which of the following matching methods is used in this configuration?

  • A. Keyword matching
  • B. Prefix matching
  • C. Exact match
  • D. Suffix matching

正解: A

 

質問 80
In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed In the high-performance engine. Which of the following is not the content security detection function supported by this product?

  • A. Intrusion prevention
  • B. URL classification and filtering
  • C. Application recognition and perception
  • D. Video content filtering

正解: D

 

質問 81
Which of the following options is incorrect for the IntelliSense engine IAE?

  • A. The core of IAE is to organically integrate all content security related detection functions.
  • B. IAE engine's security detection is parallel and uses a message-based file processing mechanism that can receive file fragments and perform security checks.
  • C. English full name: Intelligent Awareness Engine.
  • D. IAE's content security detection capabilities include application identification and awareness, intrusion prevention, and Web application security.

正解: B

 

質問 82
......

更新された2022年02月合格させるH12-722-ENU試験リアル練習テスト問題:https://www.goshiken.com/Huawei/H12-722-ENU-mondaishu.html

関するブログ

もっと
H12-722-ENU無料問題集