Labour Day Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Huawei
  3. HCIE-Security
  4. H12-731_V2.0 - HCIE-Security (Written) V2.0

Huawei H12-731_V2.0 HCIE-Security (Written) V2.0 Exam Practice Test

Demo: 41 questions
Total 276 questions
Get H12-731_V2.0 Full Access Download H12-731_V2.0 PDF

HCIE-Security (Written) V2.0 Questions and Answers

Question 1

When NIP is deployed at the Internet perimeter, it is generally deployed in the egress firewall or router back, transparent access network. Which of the following features is the main focus of the summer scene

Options:

A.

Intrusion prevention

B.

App control

C.

Content filtering

D.

Anti-virus

Question 2

The target IP address information can be collected through attacks, such as distributed denial-of-service attacks to obtain the target's IP information. (single selection).

Options:

A.

TRUE

B.

B. FALSE

Question 3

The antivirus system identifies the target of attack based on the characteristics of the detected object The APT defense system identifies the attack object based on the behavior of the detected object.

Options:

A.

TRUE

B.

FALSE

Question 4

The signature filter will batch out signatures, and usually set to a uniform action for ease of management. If an app wants to treat it differently You can also use exception signatures to match O's from signature filters

Options:

A.

TRUE

B.

FALSE

Question 5

When Hisec Insight is linked with terminals, it is mainly linked with the EDR of third-party vendors with cooperative relationships.

Options:

A.

TRUE

B.

FALSE

Question 6

Nmap can only be used to scan a single host, but it cannot be used to scan a large computer network to find out which hosts and services of interest are found

Options:

A.

TRUE

B.

FALSE

Question 7

Which of the following options allows complete destruction of data, (multiple selection)

Options:

A.

Degaussing method

B.

Multiple divisions

C.

Overwriting

D.

Mashing method

Question 8

The server can set or read the information contained in the cookie This maintains state in the user's session with the server.

A5RUE

B. FALSE

Options:

Question 9

The following is a description of DNS transparent proxy Which ones are correct? (multiple selection).

Options:

A.

The DNS proxy function replaces the source address header in the DNS request packet.

B.

After enabling the DNS transparent proxy function The DNS server address to replace is determined for the outgoing interface

C.

In the case of NGFW as the exit network and the DNS server of the enterprise intranet The DNS transparent proxy function can still be implemented normally.

D.

Two DNS requests for the same user in the case of DNS transparent proxies The replaced address may be different.

Question 10

Domain name information collection is the first step in technical means information collection Domain name information can be collected through a domain name lookup website such as hois (single selection).

Options:

A.

TRUE

B.

FALSE

Question 11

When a user terminates the use of HUAWEI CLOUD services, as a service provider, we should ensure the security of user data operations.

Options:

A.

Transmission security

B.

Storage security

C.

Destroy security

D.

Collect security

Question 12

Which of the following is not a cybersecurity threat (single selection).

Options:

A.

DDOS attacks

B.

Phishing attacks

C.

IP Spoofing

D.

IP address scanning

Question 13

In general, which level of level of protection requirements does the non-secret-related information system in the county-level unit need to meet?

Options:

A.

Autonomous protection level

B.

Guidance on protection levels

C.

Mandatory protection level

D.

Supervise the level of protection

Question 14

Which of the following situational aware detection attacks can DDOS attacks, firewall bypasses, and malware outreach attacks know? (multiple selection).

Options:

A.

C&C anomaly detection

B.

Hidden channel detection

C.

Encrypted traffic detection

D.

Meteor base rod anomaly detection

Question 15

The following describes port scanning Which is wrong? (single selection).

Options:

A.

TCP port scanning uses the three-way handshake feature

B.

The purpose of port scanning is to determine what kind of services are enabled on the peer host, so as to find an entry for intrusion.

C.

When the scanner sends a Syn message If the peer does not reply, the peer port is down.

D.

For UDP port scanning It is to determine whether the port is open by sending a UDP data packet to the peer with a specific port number and observing whether the ICMP port is unreachable packet.

Question 16

Which of the following parameters is included in the DNS request routing method in the firewall DNS transparent proxy?

A global traffic steering strategy

B. Normal static or dynamic routing routing is selected

C. Policy routing routing is routed

D. The intelligent traffic steering mode configured by the DNS transparent proxy itself

Options:

Question 17

Figure 1 shows the raw data table Figure 2 shows the data processed by K•anonymization technology, what is the K value of the processing? (Selection).

Options:

A.

1

B.

2

C.

3

D.

D. 4

Question 18

As shown in the following figure, you use the bypass method to deploy the Anti-DDoS system 8GP drainage UN route is used. The port numbers of the P1-P5 devices in the figure, what happens if a routing policy is not configured on R1 to direct cleansed traffic to P5? (single selection).

Options:

A.

After the inspection equipment is cleaned, it will be sent to the cleaning equipment again

B.

The flow to be detected is discarded by the cleaning equipment

C.

The detection flow cannot be cleaned by Wang Chang

D.

The traffic to be detected cannot reach the detection equipment

Question 19

in the architecture of software-defined security Which of the following feature descriptions is correct?

Options:

A.

Security resources that can be pooled with features Security functions can be divided and combined, and elastically scalable

B.

The functional interface should provide northbound API interfaces to meet the requirements of flexible service configuration

C.

The security resource pool that carries the security business function can be a hardware resource pool or a software resource pool

D.

Need to provide rich security functions to meet the needs of the business

Question 20

USG firewall's DDoS attack prevention techniques include which of the following?

Options:

A.

Current limiting technology

B.

Cryptography

C.

Fingerprint technology

D.

Source detection technology

Question 21

Which of the following devices can be used to sense the intranet situation in conjunction with situational awareness technology? (Multiple selection)

Options:

A.

Agile-controller DCN

B.

FireHunter

C.

VSCAN

D.

SecoManager

Question 22

Zombie networks are used to spread viruses and cannot launch DDos attacks

Options:

A.

TRUE

B.

FALSE

Question 23

The intensity of a system security threat is only related to the vulnerability of the system, and a well-protected system is basically immune to attack.

Options:

A.

TRUE

B.

FALSE

Question 24

Verify user-provided data in the form of whitelists or blacklists, and construct SQL sentences So that user-supplied data cannot affect the logic of the statement This protects against SQL injection attacks.

Options:

A.

TRUE

B・ FALSE

Question 25

To implement private network user A to access the Internet network after user B That is, which of the following source NAT modes can be configured on the exit firewall to be actively accessed by other users in the Internet network?

Options:

A.

asy-IP

B.

NAT No-PAT

C.

Port triples NAT

D.

Mouth NAPT

Question 26

The following describes FW's application behavior control features Which one is correct? (single selection).

Options:

A.

For FTP behavior, application behavior control can limit the size of upload/download files, but cannot control the upload/download line separately

B.

For IM behavior You can set a black whitelist The priority relationship between the black and white list and the provincial action is: blacklist, white list, default action.

C.

When creating a security strategy Application behavior control and yellow files can be combined with users, time periods, and other objects to achieve the purpose of application control for different users and different time periods.

D.

D. For HTTP behavior The application behavior control function can be controlled by DET operation in POST.

Question 27

The following describes vulnerabilities and identification and assessment Which one is incorrect? (single selection).

Options:

A.

In the technical vulnerability point, identify the vulnerable point of the application system From the audit mechanism Audit storage and access control policies. Data integrity Identification Password protection and other aspects for identification.

B.

Vulnerability identification is also called vulnerability identification, and weakness is the existence of capital itself If there is no corresponding threat, the weakness itself will not cause damage to capital.

C.

Vulnerability points are divided into two types: technical vulnerabilities and management vulnerabilities. The management vulnerability identification image is only for the management part of the organization

D.

The severity of the technical vulnerability of an asset is affected by the organization's management vulnerability. Therefore, the vulnerability of assets should also be assigned with reference to the severity of technical management and organizational management vulnerabilities.

Question 28

The following describes the service identification Which item ◊ (single selection) is wrong

Options:

A.

Service identification is a reconnaissance technique that identifies the type of service provided by the server.

B.

The SSH protocol will actively inform visitors of their version information.

C.

An attacker can retrieve the relevant hole according to the service version and exploit it.

D.

The identification of all services can be achieved through port scanning technology.

Question 29

In the Anti-DDos system, the function of cleaning devices is to detect anomalous traffic in the network and escalate to the management centre (single selection).

Options:

A.

TRUE

B.

FALSE

Question 30

About Huawei's firewall defense technology against SYN Flood Which of the following options is correctly described?

Options:

A.

The limiting method of limiting the number of TCP half-open connections can prevent SYN Flood political attacks

B.

Through SYN Cookie technology, SYN Flood can be prevented

C.

By purchasing inter-domain security policies, SYN Flood attacks can be prevented

D.

The TCP new connection rate limiting method protects against SYN Flood attacks

Question 31

If you can successfully access www.huawei.com network resources, which of the following protocols is not involved? (single selection).

Options:

A.

HTTP

B.

TCP

C.

DNS

D.

Telnet

Question 32

A description of the following IPv6 Secure Neighbor Discovery feature information for one of the interfaces Which one is wrong?

Options:

A.

The minimum key length that the interface can accept is 512

B.

The maximum key length that the interface can accept is 2048

C.

The interface does not have strict security mode enabled

D.

The security level of the CGA address is 1

Question 33

With the following description of the difference between stored XSS and reflected XSS, what are the correct items? (multiple selection).

Options:

A.

Attacks caused by stored XSS are persistent

B.

The attack code of stored XSS is stored on the target server

C.

The attack code of the reflected XSS is stored on the target server

D.

Attacks caused by reflective XSS are persistent

Question 34

SA-SDB and SAEngine are used to identify the traffic in the network, and the device analyzes the network traffic according to the identification results, and can generate traffic reports or carry out corresponding control strategies for traffic, such as release, throttling and redirection.

Options:

A.

TRUE

B.

FALSE

Question 35

Which of the following are important to the corporate network?

Options:

A.

Prevent DOS attacks by hackers

B.

Provide security

C.

System stability

D.

Network serviceability

Question 36

Which options below are the main changes in Equal Protection 2.0 compared to Equal Protection 1.0' (multiple choices).

Options:

A.

The classification of general safety requirements is more detailed.

B.

The workflow of equal protection assessment is more detailed.

C.

Added expansion requirements.

D.

The security requirements of each level are more detailed.

Question 37

By default, the firewall authenticates traffic that passes through itself.

Options:

A.

TRUE

B.

FALSE

Question 38

As shown in the following figure The headquarters network is deployed with dual machines, and the L2TPoverlPSec is configured separately to access the headquarters network. Below is a description of the configuration of interest in IPSec Which one is correct? (single selection).

As ad number 3000

rule 10 permit udp souce-port eq 1701

B. acl number 3000

rule 10 permit tcp souce-port eq 1701

C. ad number 3000

rule 10 permit tcp destingation-poa eq 1701

D. acl number 3000

rule 10 permit udp destingation-port eq 1701

Options:

Question 39

The SQL injection vulnerability occurs due to the lack of validation of the legitimacy of user input

Options:

A.

TRUE

B.

FALSE

Question 40

When using server authentication Before visiting the business, the visitor first logs in through the client or potal authentication page The firewall then proactively obtains the user's login information (including the username and IP address used by the visitor) from the server (single selection).

Options:

A.

TRUE

B.

FALSE

Question 41

In the cyber attack chain... Each stage may use multiple attack methods, or one attack method can be used in multiple stages. (single selection).

Options:

A.

TRUE

B.

FALSE

Load More H12-731_V2.0 Questions
Demo: 41 questions
Total 276 questions
Get H12-731_V2.0 Full Access Download H12-731_V2.0 PDF