ExamGecko
Login
Home / Huawei / H12-724 / List of questions
Ask Question

Huawei H12-724 Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Rely on state detection technology and protocol analysis technology
Rely on state detection technology and protocol analysis technology
The performance is higher than the agent-based method
The performance is higher than the agent-based method
The cost is smaller than the agent-based approach
The cost is smaller than the agent-based approach
The detection rate is higher than the proxy-based scanning method
The detection rate is higher than the proxy-based scanning method
Suggested answer: D
asked 18/09/2024
Eric Jones
51 questions

Question 22

Report Export Collapse

Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source
The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source
For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify The legitimacy of the source IP.
For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify The legitimacy of the source IP.
In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process It will consume the TCP connection resources of the OINS cache server.
In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process It will consume the TCP connection resources of the OINS cache server.
Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.
Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.
Suggested answer: C
asked 18/09/2024
soliman sallam
44 questions

Question 23

Report Export Collapse

Regarding the anti-spam response code, which of the following statements is wrong?

The response code will vary depending on the RBL service provider.155955cc-666171a2-20fac832-0c042c046
The response code will vary depending on the RBL service provider.155955cc-666171a2-20fac832-0c042c046
USG treats mails that match the answer code as spam.
USG treats mails that match the answer code as spam.
If the response code is not returned or the response code is not configured on the USG, the mail is released.
If the response code is not returned or the response code is not configured on the USG, the mail is released.
The response code is specified as 127.0.0.1 in the second system.
The response code is specified as 127.0.0.1 in the second system.
Suggested answer: D
asked 18/09/2024
EVA LITA
44 questions

Question 24

Report Export Collapse

The configuration command to enable the attack prevention function is as follows; n [FW] anti-ddos syn-flood source-detect [FW] anti-ddos udp-flood dynamic-fingerprint-learn [FW] anti-ddos udp-frag-flood dynamic fingerprint-learn [FW] anti-ddos http-flood defend alert-rate 2000 [Fwj anti-ddos htp-flood source-detect mode basic Which of the following options is correct for the description of the attack prevention configuration?

(multiple choice)

The firewall has enabled the SYN Flood source detection and defense function
The firewall has enabled the SYN Flood source detection and defense function
The firewall uses the first packet drop to defend against UDP Flood attacks.
The firewall uses the first packet drop to defend against UDP Flood attacks.
HTTP Flood attack defense uses enhanced mode for defense
HTTP Flood attack defense uses enhanced mode for defense
The threshold for HTTP Flood defense activation is 2000.
The threshold for HTTP Flood defense activation is 2000.
Suggested answer: A, D
asked 18/09/2024
Radoslaw Gajewski
39 questions

Question 25

Report Export Collapse

The application behavior control configuration file takes effect immediately after being referenced, without configuration submission.

True
True
False
False
Suggested answer: A
asked 18/09/2024
Jay Chua
48 questions

Question 26

Report Export Collapse

Regarding the description of keywords, which of the following is correct? (multiple choice)

Keywords are the content that the device needs to recognize during content filtering.
Keywords are the content that the device needs to recognize during content filtering.
Keywords include predefined keywords and custom keywords.
Keywords include predefined keywords and custom keywords.
The minimum length of the keyword that the text can match is 2 bytes. ,
The minimum length of the keyword that the text can match is 2 bytes. ,
Custom keywords can only be defined in text mode.
Custom keywords can only be defined in text mode.
Suggested answer: A, B
asked 18/09/2024
Bogdan Paun
37 questions

Question 27

Report Export Collapse

IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods.

Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?

IPS is an intrusion detection system that can block real-time intrusions when found
IPS is an intrusion detection system that can block real-time intrusions when found
IPS unifies IDS and firewall
IPS unifies IDS and firewall
IPS must use bypass deployment in the network
IPS must use bypass deployment in the network
Common IPS deployment modes are in-line deployment,
Common IPS deployment modes are in-line deployment,
Suggested answer: C
asked 18/09/2024
Ahmed Otmani Amaoui
38 questions

Question 28

Report Export Collapse

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0, 155955cc-666171a2-20fac832-0c042c047
DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0, 155955cc-666171a2-20fac832-0c042c047
DF bit is 023, MF bit is 1 or Fragment Offset is not 0,
DF bit is 023, MF bit is 1 or Fragment Offset is not 0,
DF bit is 0, and Fragment Offset + Length> 65535.
DF bit is 0, and Fragment Offset + Length> 65535.
The DF bit is 1, and Fragment Ofset + Length <65535.
The DF bit is 1, and Fragment Ofset + Length <65535.
Suggested answer: A, C
asked 18/09/2024
Juan Pablo Mateos Ornelas
52 questions

Question 29

Report Export Collapse

Huawei's USG000 product can identify the true type of common files and over-check the content.

Even if the file is hidden in a compressed file, or change the extension The name of the exhibition can't escape the fiery eyes of the firewall.

True
True
False
False
Suggested answer: A
asked 18/09/2024
Sweet Don
42 questions

Question 30

Report Export Collapse

For the description of the Anti DDOS system, which of the following options is correct? C

The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.User network, send to the real destination.
The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.User network, send to the real destination.
The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.View in categories and generate reports.
The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.View in categories and generate reports.
The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to The management center makes a judgment.
The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to The management center makes a judgment.
The firewall can only be used for inspection equipment
The firewall can only be used for inspection equipment
Suggested answer: B
asked 18/09/2024
Moinuddin Mohammed
49 questions
Total 367 questions
Go to page: of 37
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

View on the switch Agile Controller-Campus The policy issued by the server is as follows: For this strategy, which of the following options are correct? (Multiple choice)
Which of the following statements about IPS is wrong?
What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)
Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.
Agile Controller-Campus All components are supported Windows System and Linux system.
IPS is an intelligent intrusion detection and defense product. It can not only detect the occurrence of intrusions, but also can respond in real time through certain response methods. Stop the occurrence and development of intrusions, and protect the information system from substantial attacks in real time. According to the description of PS, the following items are wrong?
Huawei NIP6000 products have zero-setting network parameters and plug-and-play functions, because the interfaces and interface pairs only work on layer 2 without Set the IP address.
If the self-determined meter function is enabled on the Agile Controller-Campus and the account PMAC address is bound, Within a period of time, the number of incorrect cipher input by the end user during authentication exceeds the limit. Which of the following descriptions is correct? (multiple choice)
Regarding the principle of MAC authentication, which of the following descriptions is wrong?
The relationship between user groups and accounts in user management is stored in a tree on the Agile Controller-Campus. An account belongs to only one user group. Consistent with the corporate organizational structure: If the OU (OnizbonUnit) structure stored in the AD/LDAP server is consistent with the corporate organizational structure, users are stored Under 0OU, when the Agile Controller-Campus synchronizes AD/LDAP server accounts, which synchronization method can be used?