HCIP-Security (Fast track) V1.0
Last Update May 1, 2024
Total Questions : 367
We are offering FREE H12-724 Huawei exam questions. All you do is to just go and sign up. Give your details, prepare H12-724 free exam questions and then go for complete pool of HCIP-Security (Fast track) V1.0 test questions that will help you more.
Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system
If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)
Regarding the way SACG devices connect to the network, which of the following descriptions are correct? (multiple choice)
Portal The second-level authentication method of authentication refers to the direct connection between the client and the access device(Or only layer devices exist in between),The device can learn the user’s MAC Address and can be used IP with MAC Address to identify the user.
In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed
In the high-performance engine. Which of the following is not the content security detection function supported by this product?
If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses
It is the stream scanning method.
In the visitor reception hall of a company, there are many temporary terminal users, and the administrator hopes that users do not need to provide any account numbers and passwords. access Internet. Which of the following authentication methods can be used for access?
Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.
In the park, users frequently enter and leave the wireless signal coverage area due to office needs. If you need to ensure the user's Internet experience, after the user passes an authentication, when he accesses the network again, no important authentication is required:Which of the following authentication methods is recommended?
The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined
The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons
some?
According to different reliability requirements, centralized networking can provide different reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)
Visitors can access the network through their registered account. Which of the following is not an account approval method?
Agile Controller-Campus The system can manage the software installed on the terminal, define the black and white list of software, and assist the terminal to install necessary software and uninstall the software that is not allowed to be installed by linking with the access control equipment,Regarding the definition of black and white lists, which of the following statements is correct?
About in WLAN User isolation technology is used in the networking environment. Which of the following statements is wrong?
Regarding the description of the account blacklist, which of the following options is wrong?
For compressed files, the virus detection system can directly detect them.
Network attacks are mainly divided into two categories: single-packet attacks and streaming attacks. Single-packet attacks include scanning and snooping attacks, malformed packet attacks, and special reports.
Wen attack.
USG6000V software logic architecture is divided into three planes: management plane, control plane and
Which of the following options is correct for the description of the Anti DDoS system configuration?
Which of the following is the correct configuration idea for the anti-virus strategy?
1. Load the feature library
2. Configure security policy and reference AV Profile
3. Apply and activate the license
4. Configure AV Profile
5. Submit
The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.
Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?
The traditional campus network is based on IP As the core network, if there are mobile office users, which of the following options is not the problem that mobile office users face when deploying access authentication?
Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?
What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)
The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the website of the security center platform?
Regarding the anti-spam response code, which of the following statements is wrong?
Regarding the basic principles of user access security, it is wrong not to list any description?
There are two types of accounts on the Agile Controller-Campus: one is a local account and the other is an external account.
Which of the following is not a local account?
The results of the RBL black and white list query on the firewall are as follows:
Based on the above information only, which of the following statements is correct? (multiple choice)
MAC Certification refers to 802.1x In the protocol authentication environment, the terminal does not respond to the connection control device after accessing the network 802.1x When protocol authentication is requested, the access control does not automatically obtain the terminal’s MAC The address is sent as a credential to access the network RADIUS The server performs verification.
Regarding intrusion prevention, which of the following option descriptions is wrong
The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.
The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.
Which of the following statements is correct
SQI Server2005 may not be properly installed, which of the following may be the possible reasons?
The administrator has made the following configuration:
1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.
2. The action of overwriting signature ID3000 is an alarm.
SACG query right-manager information as follows, which options are correct? (Select 2 answers)
The following commands are configured on the Huawei firewall:
[USG] firewall defend ip-fragment enable
Which of the following situations will be recorded as an offensive behavior? (multiple choice)
How to check whether the SM and SC silverware start normally after installing the Agile Controller-Campus) (multiple delivery)
There are three roles in the XMPP protocol: server, gateway, and client. Corresponding to the free mobility solution: Agile Controller-Campus as For the server, Huawei USG6000 series firewall acts as the gateway; the agile switch acts as the client.
Single-packet attacks are divided into scanning and snooping attacks, malformed packet attacks, and special packet attacks. Ping of death is a special packet attack.
Portal authentication on the Agile Controller-Campus has been configured and is correct.
Configure the following commands on the access control switch:
[S5720] authentication free-rule 1 destination ip 10.1.31.78 mask 255.255. 255.255
Which of the following options are correct? (multiple choice)
The use of the 802.1X authentication scheme generally requires the terminal to install specific client software. For large-scale deployment of client software, the methods that can be taken. What are the cases? (multiple choices)
If the regular expression is "abc. de", which of the following will not match the regular expression?
Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?
In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.
do. Which of the following options does not belong to the action that needs to be completed in the data processing part?
155955cc-666171a2-20fac832-0c042c0422
The administrator has defined two key words that need to be recognized on the firewall: the weight of the keyword x is 2, and the weight of the key y is 3: defined
The alarm interval value from the content is 5, and the blocking threshold value is 10. If the device detects that there is a secondary key space x in the webpage created by the user, the two keywords are
Y; Regarding the weight value and monthly household visits to Heshun Street, is the following statement correct?
Which of the following is not an abnormal situation of the file type recognition result?
Portal At the time of certification, pass Web After the browser enters the account password for authentication, it prompts"Authenticating.."The status lasts for a long time before it shows that the authentication is successful. Which of the following reasons may cause this phenomenon?
Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black
Whitelist and other configuration files.
A True
B. False
Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)
When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?
The IPS function of Huawei USG6000 supports two response methods: blocking and alarming.
When configuring the antivirus software policy, if you set"The required antivirus software violation level is not installed or running"for"generally"And check"out Now serious violation of the rules prohibits access to the network"Options. When the user uses Any office Certify, The certification is passed, but the result of the security check Can the user access the network when the virus software is not turned on?
Which of the following options is about SACG The description of the online process is wrong?