Huawei HCIP-Security-CSSN(Huawei Certified ICT Professional -Constructing Service Security Network) - H12-722 Exam Practice Test
Question 1
The DDoS attack defense configuration process is as follows:
1, start the flow statistics function;
2. Set different protection thresholds for different types of attacks;
3. When the traffic exceeds the preset threshold, the system starts attack defense.
1, start the flow statistics function;
2. Set different protection thresholds for different types of attacks;
3. When the traffic exceeds the preset threshold, the system starts attack defense.
Correct Answer: A
Question 2
Viruses can damage computer systems and falsify or damage business data: Spyware collects, use and disseminate sensitive information from employees. These malicious software seriously interfere with the normal business operations of enterprises. Desktop anti-virus software can solve the problem of viruses and spyware globally.
Correct Answer: B
Question 3
Because the sandbox can provide virtual execution environment to detect files on the network, the sandbox can replace devices such as Anti-Virus, IPS and spam detection when deploying security devices.
Correct Answer: B
Question 4
The network-based intrusion detection system is mainly used for real-time monitoring of critical network path information, listening to all packets on the network, collecting data, and analyzing suspicious objects. Which of the following options are its main features? (Multiple Choice)
Correct Answer: A,D
Question 5
Anomaly detection establishes the normal behavior characteristics of the system's main body through analysis of system audit data: In the detection, if the audit data in the system is different from the normal behavior characteristics of the established subject, it is considered an intrusion behavior. Which of the following can be used as the system body? (Multiple choices)
Correct Answer: A,B,C,D
Question 6
In the security protection system of cloud era, reforms must be carried out in advance, in the event, and afterwards, and continuous improvement and development of closed loops must be formed.
Which of the following key points should be fulfilled in "in the matter"? (Multiple choices)
Which of the following key points should be fulfilled in "in the matter"? (Multiple choices)
Correct Answer: B,C
Question 7
Which of the following options does not belong to the characteristics of Trojans?
Correct Answer: A
Question 8
When you suspect that the corporate network is being attacked by hackers, you have conducted technical investigations.
Which of the following options does not belong to the pre-attack behavior?
Which of the following options does not belong to the pre-attack behavior?
Correct Answer: A
Question 9
Which of the following options is correct about the sequence-by-flow detection of AntiDDoS?
1. The Netflow analysis device samples the current network traffic.
2 Send a drainage command to the cleaning center;
3 Discover DDoS attack traffic;
4. Netflor: analysis equipment sends alarms to ATIC Management Center;
5 abnormal flow is drained to the cleaning center for further inspection and cleaning;
6 The cleaning center sends the host of the attacked object IF address server to the router to implement the drainage.
7 Cleaning logs sent to the management center to generate reports;
8 The cleaned traffic is sent to the original destination server.
1. The Netflow analysis device samples the current network traffic.
2 Send a drainage command to the cleaning center;
3 Discover DDoS attack traffic;
4. Netflor: analysis equipment sends alarms to ATIC Management Center;
5 abnormal flow is drained to the cleaning center for further inspection and cleaning;
6 The cleaning center sends the host of the attacked object IF address server to the router to implement the drainage.
7 Cleaning logs sent to the management center to generate reports;
8 The cleaned traffic is sent to the original destination server.
Correct Answer: A
Question 10
What are the following descriptions of the role of content security filtering technology? (Multiple choices)
Correct Answer: A,B,C,D
Question 11
If Huawei USG6000 product uses its own protocol stack cache for all files passing through the device and then performs virus scanning, then the device uses a flow scan mode.
Correct Answer: B
Question 12
SQI injection attacks generally have the following steps:
1, Privilge Escalation
2, Get the data in the database
3, To determine whether there is a vulnerability in the webpage
4, Determine the database type
Which of the following options is correct for the ordering of these steps?
1, Privilge Escalation
2, Get the data in the database
3, To determine whether there is a vulnerability in the webpage
4, Determine the database type
Which of the following options is correct for the ordering of these steps?
Correct Answer: D
Question 13
Analysis is the core function of intrusion detection. The analysis process of intrusion detection can be divided into three phases. The analyzer is built to analyze, feedback and refine the actual field data.
Which of these are the functions included in the first two phases?
Which of these are the functions included in the first two phases?
Correct Answer: C
Question 14
URL filtering technology can access control URLs for users according to different time objects and address objects, and achieve the purpose of accurately managing user online behavior.
Correct Answer: A
Question 15
The security management system is optional, and anti-virus software or anti-hacking technology can be very good against network threats.
Correct Answer: B
