New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-722 - Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

H12-722 Exam Dumps - Huawei Certified ICT Professional - Constructing Service Security Network (HCIP-Security-CSSN V3.0)

Go to page:
Question # 4

If the user's FTP operation matches the FTP filtering policy, what actions can be performed? (multiple choice)

A.

Block

B.

Declare

C.

Alarm

D.

Execution

Full Access
Question # 5

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Full Access
Question # 6

Regarding firewall and IDS, which of the following statements is correct?

A.

The firewall is a bypass device, used for fine-grained detection

B.

IDS is a straight line equipment and cannot be used for in-depth inspection

C.

The firewall cannot detect malicious operations or misoperations by insiders

D.

IDS cannot be linked with firewall

Full Access
Question # 7

Which of the following files can the sandbox detect? (multiple choice)

A.

www file

B.

PE file

C.

Picture file

D.

Mail

Full Access
Question # 8

Configure the following commands on the Huawei firewall:

[USG] interface G0/0/1

[USG] ip urpf loose allow-defult-route acl 3000

Which of the following options are correct? (multiple choice)

A.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

B.

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

C.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

D.

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps