Free Access Huawei.H12-722.v2022-04-23.q110 Practice Test (Page 9)

Question 36

The user needs of a university are as follows:
1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.
2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.
3. At the same time, some pornographic websites in the student area are prohibited.
The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

A.You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

B.In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

C.Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

D.To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

Question 37

The network-based intrusion detection system is mainly used to monitor the information of the critical path of the network in real time, listen to all packets on the network, collect data, and divide Analyze the suspicious object, which of the following options are its main features? (multiple choices)

A.The monitoring speed is fast (the problem can be found in microseconds or seconds, and the host-based DS needs to take an analysis of the audit transcripts in the last few minutes

B.Need a lot of monitors.

C.It can detect the source address and destination address, identify whether the address is illegal, and locate the real intruder.

D.Good concealment, the network-based monitor does not run other applications, does not provide network services, and may not respond to other computers, so Not vulnerable to attack.

Question 38

Which of the following is correct about enhanced mode in HTTP Flood Source authentication? (Multiple selection)

A.The enhanced mode support all HTTP flood source authentication scenarios.

B.The enhanced mode is better than the basic mode in the user experience.

C.Some bots have redirection function, or the free agent used during the attack supports the redirection function, resulting in the failure of defense of the basic mode. The enhanced mode can effectively defend.

D.Enhanced mode refers to the use of verification code authentication.

Question 39

Traditional firewalls have weak application layer analysis and processing capabilities, and cannot correctly analyze malicious code that is doped in the allowable application data stream. Many attacks or malicious behavior often use firewall open application data streams to cause damage, resulting in application layers threat can penetrate the firewall.

A.FALSE

B.TRUE

Question 40

Attacks against the Web can be divided into three attacks on the client, server or communication channel.

A.True

B.False

Other Version: 2421Huawei.H12-722.v2022-06-03.q124; 72Huawei.Pass4surecert.H12-722.v2021-10-01.by.erica.61q.pdf

Latest Upload: 111Oracle.1z0-1196-25.v2025-09-12.q18; 110NetworkAppliance.NS0-162.v2025-09-12.q86; 151OCEG.GRCP.v2025-09-11.q211; 110HP.HPE0-V27.v2025-09-11.q78; 126Oracle.1Z0-1057-23.v2025-09-10.q47; 169Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 140SAP.C-S4EWM-2023.v2025-09-08.q83; 186TheSecOpsGroup.CNSP.v2025-09-08.q20; 283CFAInstitute.ESG-Investing.v2025-09-08.q173; 279PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 36

Question 37

Question 38

Question 39

Question 40

Download PDF File