H12-722_V3.0 Updated Exam Dumps [2022] Practice Valid Exam Dumps Question [Q16-Q31]

QUESTION 16
What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

Keywords contained in the content of the uploaded file

Keywords contained in the downloaded file

File type

File upload direction 335

QUESTION 17
The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide Analyze the suspicious object, which of the following options are its main features? (multiple choices)

Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so Not vulnerable to attack.

The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

Need a lot of monitors.

It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.

QUESTION 18
With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident.
Generally, APT attacks can be summarized into four stages:
1. Collecting Information & Intrusion
2. Long-term lurking & mining
3. Data breach
4. Remote control and penetration
Regarding the order of these four stages, which of the following options is correct?

2-3-4-1

1-2-4-3

1-4-2-3

2-1-4-3

QUESTION 19
Malicious code usually uses RootKit technology in order to hide itself. RootKit modifies the kernel of the system by loading a special driver.
To hide itself and the role of designated files.

True

False

QUESTION 20
The configuration command to enable the attack prevention function is as follows; n
[FW] anti-ddos syn-flood source-detect
[FW] anti-ddos udp-flood dynamic-fingerprint-learn
[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn
[FW] anti-ddos http-flood defend alert-rate 2000
[Fwj anti-ddos htp-flood source-detect mode basic
Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

The firewall has enabled the SYN Flood source detection and defense function

The firewall uses the first packet drop to defend against UDP Flood attacks.

HTTP Flood attack defense uses enhanced mode for defense

The threshold for HTTP Flood defense activation is 2000.

QUESTION 21
Which of the following technology, administrators can according to business requirements, to scale to achieve load sharing of business flow?

Resource pool mechanism

weighting mechanism

load balancing

Hot Standby

QUESTION 22
Regarding the description of keywords, which of the following is correct? (multiple choice)

Keywords are the content that the device needs to recognize during content filtering.

Keywords include predefined keywords and custom keywords.

The minimum length of the keyword that the text can match is 2 bytes. ,

Custom keywords can only be defined in text mode.

QUESTION 23
Which of the following descriptions about viruses and Trojans are correct? (multiple choices)

Viruses are triggered by computer users

Viruses can replicate themselves

Trojan horses are triggered by computer users

Trojans can replicate themselves

QUESTION 24
Which of the following elements does PDCA include? (Choose 3 answers)

Plan

Implementation

termination

Monitoring

QUESTION 25
In the deployment of Huawei NIP6000 products, only port mirroring can be used for streaming replication.

True

False

QUESTION 26
The core technology of content security lies in anomaly detection, and the concept of defense lies in continuous monitoring and analysis.

True

False

QUESTION 27
Which patches does Policy Center support to management?(Choose 3 answers)

Microsoft Windows operating system patches

Microsoft SQL Windows database patch

Microsoft Internet Explorer patches

android system patches

QUESTION 28
The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.
Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

TCP packets

UDP packet

ICMP message

FTP message

QUESTION 29
Regarding the anti-spam local black and white list, which of the following statements is wrong?

The black and white list is matched by extracting the destination IP address of the SMTP connection

The black and white list is matched by the sender’s dns suffix

The black and white list is matched by extracting the source IP address of the SMTP connection

If the source IP address of the SMTP connection matches the blacklist, the connection will be blocked

QUESTION 30
What are the typical technologies of anti-virus engines (multiple choice)

First package detection technology

Heuristic detection technology

Decryption technology

File reputation detection technology 5

QUESTION 31
Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

Enhanced mode refers to the authentication method using verification code.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense Effective, enhanced mode can effectively defend.

The enhanced mode is superior to the basic mode in terms of user experience.

Enhanced mode supports all HTTP Flood source authentication fields. ” WWQQ: 922333

H12-722_V3.0 Updated Exam Dumps [2022] Practice Valid Exam Dumps Question [Q16-Q31]

Leave a Reply Cancel reply

H12-722_V3.0 Practice Tests

Related Certifications

Recent Posts

Categories

Archives