H12-722 Exam Dumps - Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Go to page:

Question # 25

For SYIN Flood attacks, TCP source authentication and TCP proxy can be used for defense. Which of the following descriptions is correct?

TCP proxy means that the firewall is deployed between the client and the server. When the SYI packet sent by the client to the server passes through the firewall, the

The firewall replaces the server and establishes a three-way handshake with the client. Generally used in scenarios where the back and forth paths of packets are inconsistent.

During the TCP proxy process, the firewall will proxy and respond to each SYN message received, and maintain a semi-connection, so when the SYN message is

When the document flow is heavy, the performance requirements of the firewall are often high.

TCP source authentication has the restriction that the return path must be consistent, so the application of TCP proxy is not common. State "QQ: 9233

TCP source authentication is added to the whitelist after the source authentication of the client is passed, and the SYN packet of this source still needs to be verified in the future.

Full Access

Question # 26

When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

Users can visit www.videobt.com website.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

User cannot access all the sites ending with bt com.

When users visit www.bt. com, they will be blocked.

Full Access

Go to page: