[Apr-2022] Free H12-722-ENU Exam Dumps to Improve Exam Score [Q43-Q64]

Rate this post

[Apr-2022] Free H12-722-ENU Exam Dumps to Improve Exam Score

2022 Realistic H12-722-ENU Dumps Exam Tips Test Pdf Exam Material

NEW QUESTION 43
Which two of the following options use similar attack methods and generate a large number of useless reply packets, occupying network bandwidth and consuming device resources?

Fraggle and Smurf

Land and Smurf

Fraggle andLand

Teardrop and Land

NEW QUESTION 44
Use BGP protocol to achieve diversion, the configuration command is as follows
[sysname] route-policy 1 permit node 1
[sysname-route-policy] apply community no-advertise
[sysname-route-policy] quit
[sysname]bgp10029
[sysname-bgp] peer
[sysname-bgp] import-route unr
[sysname- bgpl ipv4-family unicast
[sysname-bgp-af-ipv4] peer 7.7.1.2 route-policy 1 export
[sysname-bgp-af-ipv4] peer 7.7. 1.2 advertise community
[sysname-bgp-af-ipv4] quit
[sysname-bgp]quit
Which of the following options is correct for the description of BGP diversion configuration? (multiple choice)

Use BGP to publish UNR routes to achieve dynamic diversion.

After receiving the UNR route, the peer neighbor will not send it to any BGP neighbor.

You also need to configure the firewall ddos bgp-next-hop fib-filter command to implement back-injection.

The management center does not need to configure protection objects. When an attack is discovered, it automatically issues a traffic diversion task.

NEW QUESTION 45
Which of the following statements is wrong about the Anti-DDoS cloud cleaning solution?

Normal attacks are usually cleaned locally first.

If there is a large traffic attack in the network, send it to the cloud cleaning center to share the cleaning pressure.

Because the Cloud Cleaning Alliance will direct larger attack traffic to the cloud for cleaning, it will cause network congestion.

The cloud cleaning service that is closer to the target being attacked will be transferred first.

NEW QUESTION 46
The status code in the HTTP response message indicates the type of the response message, and there are many possible values. Which of the following status codes represents the client request The resource does not exist?

400.

404

200

503

NEW QUESTION 47
For Huawei USG600 products, which of the following statements about mail filtering configuration is correct?

Cannot control the number of received email attachments

When the spam processing action is an alert, the email will be blocked and an alert will be generated

You can control the size of the attachment of the received mail

Cannot perform keyword filtering on incoming mail

NEW QUESTION 48
The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined The shopping website in the category is selected as blocked. But employee A can still use the company’s network to shop online during lunch break. Then what are the following possible reasons some?

The administrator has not set the time to vote every day from 9:00 to 18:00

The shopping website does not belong to the predefined shopping website category

The administrator did not submit the configuration after completing the configuration.

The administrator has not applied the URL pass-through configuration file to the security policy.

NEW QUESTION 49
SQI injection attacks generally have the following steps:
1, Privilge Escalation
2, Get the data in the database
3, To determine whether there is a vulnerability in the webpage
4, Determine the database type
Which of the following options is correct for the ordering of these steps?

3, 4, 1, 2

3, 4, 2, 1

4, 1, 2, 3

4, 2, 1, 3

NEW QUESTION 50
Which of the following options will not pose a security threat to the network?

Hacking

Weak personal safety awareness

Open company confidential files

Failure to update the virus database in time

NEW QUESTION 51
After the user deploys the firewall anti-virus strategy, there is no need to deploy anti-virus software

True

False.

NEW QUESTION 52
Regarding traditional firewalls, which of the following statements are correct? (multiple choice)

Lack of effective protection against application layer threats.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

Ability to quickly adapt to changes in threats.

Unable to accurately control various applications, such as P2P, online games, etc. .

NEW QUESTION 53
The main attack prevention technologies of Huawei USG6000 products include: source detection, fingerprint learning and associated defense.

True

False

NEW QUESTION 54
The cloud sandbox refers to deploying the sandbox to the cloud and providing tenants with remote detection services. The process includes:
1. Report suspicious files
2. Backtracking attacks
3. Firewall defense linkage
4. Cloud sandbox detection
Which of the following option is correct for the sorting of this process?

1-3-4-2

1-4-2-3

1-4-3-2

3-1-4-2

NEW QUESTION 55
For compressed files, the virus detection system can directly detect.

True

False

NEW QUESTION 56
Which of the following descriptions about scanning and snooping attacks is wrong?

Scanning attacks include address scanning and port scanning.

It is usually the network detection behavior before the attacker launches a real attack.

The source address of the scanning attack is real, so you can use the method of directly adding a blacklist for defense.

When a worm breaks out, it is generally accompanied by an address scan attack, so scanning attacks are aggressive.

NEW QUESTION 57
For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.
Failed to respond to normal requests.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.
begging.

NEW QUESTION 58
The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.
Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

TCP packets

UDP packet

ICMP message

FTP message

NEW QUESTION 59
Regarding the mail content filtering configuration of Huawei USG6000 products, which of the following statements is wrong?.

Mail filtering will only take effect when the mail filtering configuration file is invoked when the security policy is allowed.

When a POP3 message is detected, if it is judged to be an illegal email, the firewall’s response action only supports sending alarm information, and will not block the email o

When an IMAP message is detected, if it is judged to be an illegal email; the firewall’s response action only supports sending alarm messages and will not block the email.

The attachment size limit is for a single attachment, not for the total size of all attachments.

NEW QUESTION 60
For the basic mode of HTTP Flood Source authentication, which of the following are the correct descriptions? (Multiple choices)

The basic mode effectively blocks access from non-browser clients.

The zombie tool does not implement a complete HTTP protocol stack and does not support automatic redirection. Therefore, the basic mode can effectively defend against HTTP flood attacks.

When there is an HTTP proxy server in the network, the firewall will add the proxy server IP address to the whitelist, but the basic source authentication of the zombie host is still valid.

The basic mode will not affect the user experience, so the defense effect is higher than the enhanced mode.

NEW QUESTION 61
In the Huawei USG6000 product, after creating or modifying the security configuration file, the configuration content will not take effect immediately: you need to click the “Prompt” in the upper right corner of the interface.
“Hand in” to activate.

True

False

NEW QUESTION 62
Which of the following options is correct for the sequence of the flow-by-stream detection of AntiDDoS?
1. The Netflow analysis device samples the current network flow;
2. Send a drainage command to the cleaning center;
3. Discover the DDoS attack stream;
4.Netior: analysis equipment sends alarms to ATIC management center
5. The abnormal flow is diverted to the cleaning center for further inspection and cleaning;
6. The cleaning center sends the host route of the attacked target IF address server to the router to achieve drainage
7. The cleaning log is sent to the management center to generate a report;
8. The cleaned traffic is sent to the original destination server.

1-3-4-2-5-6-7-8

1-3-2-4-6-5-7-8

1-3-4-2-6-5-8-7

1-3-24-6-5-8-7

NEW QUESTION 63
Which of the following is correct regarding the order of the mail transfer process?
1. The sending PC sends the mail to the specified SMTP server.
2. The sender SMTP Server encapsulates the mail information in the SMTP message and sends it to the receiver SMTP according to the destination address of the mail.
Server.
3. The sender SMTP Server encapsulates the mail information in the SMTP message and sends it to the receiver POP3/MAP Server based on the destination address of the mail.
4. Recipients send emails.

1->2->3

1->2->4

1->3->4

1->4->3

NEW QUESTION 64
The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the URL of the security center platform?

sec.huawei.com

support.huawei.com

www.huawei.com

security.huawei.com