H12-722 Exam Dumps - Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Go to page:

Question # 9

IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.

Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

IPS is an intrusion detection system that can block real-time intrusions when found

IPS unifies IDS and firewall

IPS must use bypass deployment in the network

Common IPS deployment modes are in-line deployment,

Full Access

Question # 10

Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?

1. The Netflow analysis device samples the current network flow;

2. Send a drainage command to the cleaning center;

3. Discover the DDoS attack stream;

4.Netior: analysis equipment sends alarms to ATIC management center

5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;

6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage

7. The cleaning log is sent to the management center to generate a report;

8. The cleaned traffic is sent to the original destination server.

1-3-4-2-5-6-7-8

1-3-2-4-6-5-7-8

1-3-4-2-6-5-8-7

1-3-24-6-5-8-7

Full Access

Question # 11

In the construction of information security, the intrusion detection system plays the role of a monitor. It monitors the flow of key nodes in the information system.

In-depth analysis to discover security incidents that are occurring. Which of the following are its characteristics?. c0O

IDS can be linked with firewalls and switches to become a powerful "assistant" of firewalls, which can better and more accurately control access between domains.

It is impossible to correctly analyze the malicious code doped in the allowed application data stream.

Unable to detect malicious operations or misoperations from internal killings.

Cannot do in-depth inspection

Full Access

Question # 12

Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

It cannot effectively prevent the virus from spreading from the Internet to the intranet.

The number of applications that NIP6000 can recognize reaches 6000+, which realizes refined application protection, saves export bandwidth, and guarantees key business services

Experience.

Protect the intranet from external attacks, and inhibit malicious flows, such as spyware, worms, etc. from flooding and spreading to the intranet.

Ability to quickly adapt to threat changes

Full Access

Question # 13

When using the two-way SSL function to decrypt HTTPS packets, the value of the reverse proxy level represents the number of times the packet can be decrypted.

True

False

Full Access

Question # 14

Which of the following options does not belong to the security risk of the application layer of the TCP/IP protocol stack?

Virus

Buffer overflow Ï

System vulnerabilities

Port scan

Full Access

Question # 15

Which of the following is the correct configuration idea for the anti-virus strategy?