Huawei H12-722-ENU 問題集

質問 1：
Which of the following options is correct about the sequence-by-flow detection of AntiDDoS?
1. The Netflow analysis device samples the current network traffic.
2 Send a drainage command to the cleaning center;
3 Discover DDoS attack traffic;
4. Netflor: analysis equipment sends alarms to ATIC Management Center;
5 abnormal flow is drained to the cleaning center for further inspection and cleaning;
6 The cleaning center sends the host of the attacked object IF address server to the router to implement the drainage.
7 Cleaning logs sent to the management center to generate reports;
8 The cleaned traffic is sent to the original destination server.
A. 1-3-2-4-6-5-7-8
B. 1-3-4-2-5-6-7-8
C. 1-3-4-2-6-5-8-7
D. 1-3-2-4-6-5-8-7
正解：C

質問 2：
For compressed files, the virus detection system can directly detect.
A. False
B. True
正解：B

質問 3：
For APT attacks, attackers often lurk for a long time and initiate formal attacks on the enterprise at key points of the incident. APT attacks can generally be summarized in four stages:
1. Collect Information & Invasion
2. Long-term latency & mining
3. Data leakage
4. Remote control and penetration
Which of the following options is correct regarding the ordering of these four phases?
A. 2-1-4-3
B. 1-4-2-3
C. 1-2-4-3
D. 2-3-4-1
正解：B

質問 4：
Due to the differences in network environment and system security policies, intrusion detection systems also differ in their implementation.
In terms of system composition, what are the four major components?
A. Event recording, intrusion analysis, intrusion response, and remote management.
B. Event extraction, intrusion analysis, intrusion response, and field management.
C. Event extraction, intrusion analysis, reverse intrusion, and remote management.
D. Event extraction, intrusion analysis, intrusion response, and remote management.
正解：D

質問 5：
With regard to traditional firewalls, which of the following statements are correct? (Multiple choice)
A. It is unable to effectively resist the spread of viruses from the Internet to the internal network.
B. Lack of effective protection against application layer threats.
C. Cannot accurately control various applications such as P2P, online games, etc.
D. Can quickly adapt to changes in threats.
正解：A,B,C

質問 6：
IPS is an intelligent intrusion detection and prevention product. It can not only detect the occurrence of intrusion, but also can stop the occurrence and development of intrusion in real time through a certain response method and protect the information system from substantive attack in real time.
Which of the following statement is wrong about the description of IPS?
A. IPS is an intrusion detection system that can block in real-time when an intrusion is discovered.
B. The common IPS deployment mode is straight-line deployment.
C. IPS makes IDS and firewalls unified.
D. IPS must be deployed in bypass mode on the network.
正解：D

質問 7：
Configure the following command on the Huawei firewall:
[USG] interface G0/0/1
[USG] ip urpf loose allow-default-route acl 3000
Which of the following options are correct? (Multiple choice)
A. If the source address of the packet does not exist in the FIB table of the firewall and the default route is configured and the allow-default-route parameter is also matched, the packet cannot pass the URPF check even if it is a loose type check.
B. If the default route is configured but the parameter allow-default-route is not configured. As long as the source address of the packet does not exist in the FIB table of the firewall, the packet will be rejected.
C. If the default route is configured and the allow-default-route parameter is also matched, if the source address of the packet does not exist in the FIB table of the firewall, but for the loose type check, the packet will pass through URPF check, and perform normal forwarding.
D. For the loose type check, if the source address of the packet exists in the FIB table of the firewall, the packet passes the check.
正解：B,C,D