Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

DumpsWrap Logo

Huawei H12-731_V2.0 Dumps

Page: 1 / 28
Total 276 questions
Get H12-731_V2.0 Full Access Download H12-731_V2.0 PDF

HCIE-Security (Written) V2.0 Questions and Answers

Question 1

Which services in HUAWEI CLOUD solutions can data encryption be applied?

Options:

A.

Cloud host security

B.

Situational awareness services

C.

Database security

D.

Vulnerability scanning service

Question 2

Which of the following services are security management services in HUAWEI CLOUD solutions?

Options:

A.

DDOS Anti-DDoS Pro IP services

B.

Situational awareness services

C.

SSL certificate management service

D.

Security Expert Services

Question 3

Which of the following options does not reflect the advanced characteristics of APT attacks? (single selection).

Options:

A.

Sending API attacks generally requires the power of large organizations

B.

API attacks follow the course of the cyber attack chain

C.

API attacks are generally more invisible Hide attacks by encrypting channels, for example

D.

Zero-day vulnerabilities are used in API attacks

Question 4

in the architecture of software-defined security Which of the following feature descriptions is correct?

Options:

A.

Security resources that can be pooled with features Security functions can be divided and combined, and elastically scalable

B.

The functional interface should provide northbound API interfaces to meet the requirements of flexible service configuration

C.

The security resource pool that carries the security business function can be a hardware resource pool or a software resource pool

D.

Need to provide rich security functions to meet the needs of the business

Question 5

To implement private network user A to access the Internet network after user B That is, which of the following source NAT modes can be configured on the exit firewall to be actively accessed by other users in the Internet network?

Options:

A.

asy-IP

B.

NAT No-PAT

C.

Port triples NAT

D.

Mouth NAPT

Question 6

Multi-factor authentication is mainly used in scenarios of login protection and operation protection.

Options:

A.

TRUE

B.

FALSE

Question 7

The sandbox cannot link the anti-virus with which of the following devices, (single selection).

Options:

A.

Firewall

B.

switchboard

C.

Router

D.

CIS

Question 8

When the Abnormal Traffic Inspection & Control System^ defense strategy of the Abnormal Traffic Monitoring System ATIC selects the anti-uninstall action, it utilizes the status code (targeted) for which of the following options GET request method redirection) to prove the true identity of the client?

Options:

A.

300

B.

301

C.

303

D.

302

Question 9

In accordance with the provisions of the National Cybersecurity Law... Private clouds need to comply with the basic requirements of classified information security protection, but do not necessarily need to comply with cloud computing scaling requirements.

Options:

A.

TRUE

B.

FALSE

Question 10

Which of the following options is a pseudonymized method for data?

Options:

A.

Tokenization

B.

hash

C.

encrypt

D . Generalization

Question 11

The SQL injection vulnerability occurs due to the lack of validation of the legitimacy of user input

Options:

A.

TRUE

B.

FALSE

Question 12

The sandbox and the firewall link anti-virus After the sandbox detects the virus file, the next information is fed back to the firewall (radio selection).

Options:

A.

Application

B.

Source IP

C.

URL

D.

File MD5

Question 13

In the following description of the principles of network trapping defense, which are correct? (multiple selection).

Options:

A.

Installing threats against network weapons, network trapping defense technology, can use deception to make the attack execute special commands in the trapping system

B.

In the face of viruses, worms, WebShell these weaponized attack methods, can use misleading methods to make the attack traffic be diverted to trap probe O

C.

For the detection behavior in the early stage of the attack, you can use deception to burst into defense. By creating various traps to mislead the attacker. Cause attackers to misunderstand the network structure, attack targets, and vulnerabilities.

D.

Network trapping technology can disguise the actual business and vulnerabilities to mislead the attacker, so that the attacker can infiltrate the trapping system.

Question 14

Which of the following authentication methods is password authentication? (single selection).

Options:

A.

What do you have

B.

What do you do

C.

What you are

D.

What do you know

Question 15

The purpose of access control is to provide access to authorized subjects and prevent any unauthorized and intentional access.

Options:

A.

TRUE

B.

FALSE

Question 16

One of the reasons why traditional passive defense does not protect against APT attacks is that traditional defense methods cannot correlate and analyze threats.

Options:

A.

TRUE

B.

FALSE

Question 17

Which of the following options are part of the Internet Behavior? (multiple selection).

Options:

A.

Keywords that users search for using search engines

B.

Sending and receiving emails

C.

User QQ account and its online and offline time

D.

User profiles

Question 18

In 2017, hackers unveiled a slew of cyberattack tools, including Eternal Blue tools. Then • Eternal Blue exploits the vulnerability of which of the following options of the Windows system can obtain the maximum relaxation limit of the system.

Options:

A.

UMCODE vulnerability

B.

Printer vulnerability

C.

Frontpage server extension vulnerability

D.

SMB vulnerabilities

Question 19

The following describes the service identification Which item ◊ (single selection) is wrong

Options:

A.

Service identification is a reconnaissance technique that identifies the type of service provided by the server.

B.

The SSH protocol will actively inform visitors of their version information.

C.

An attacker can retrieve the relevant hole according to the service version and exploit it.

D.

The identification of all services can be achieved through port scanning technology.

Question 20

The following describes the transparent proxy deployment features of WAF Which is correct? (multiple selection).

Options:

A.

The content of the packet is not changed when it is forwarded

B.

There is no need for the network layer, and the application layer can be changed There is also no need to make configuration changes on any device

C.

Traffic needs to be redirected to the WAF device.

D.

The client does not directly establish a connection with the server, which can hide the server

Question 21

Which is the correct order for IPS to process traffic? (single selection).

Options:

A.

Data reorganization, > characteristic matching, > application identification, > corresponding processing

B.

Corresponding processing, data reorganization, > trait matching, application identification

C.

Corresponding treatment, characteristics matching. Application identification, data reorganization

D.

Data reorganization. App recognition. Trait matching. Deal accordingly

Question 22

Anonymization and pseudonymization of data While reducing the risk of data privacy leakage, it will also reduce the availability of data

Options:

A.

TRUE

B.

FALSE

Question 23

The following describes vulnerabilities and identification and assessment Which one is incorrect? (single selection).

Options:

A.

In the technical vulnerability point, identify the vulnerable point of the application system From the audit mechanism Audit storage and access control policies. Data integrity Identification Password protection and other aspects for identification.

B.

Vulnerability identification is also called vulnerability identification, and weakness is the existence of capital itself If there is no corresponding threat, the weakness itself will not cause damage to capital.

C.

Vulnerability points are divided into two types: technical vulnerabilities and management vulnerabilities. The management vulnerability identification image is only for the management part of the organization

D.

The severity of the technical vulnerability of an asset is affected by the organization's management vulnerability. Therefore, the vulnerability of assets should also be assigned with reference to the severity of technical management and organizational management vulnerabilities.

Question 24

Common means of protecting against SYN Flood political attacks are link restriction techniques and link proxy techniques Among them, connection broker technology refers to the detection of TCP connection rate Set the check alarm value to send messages and block attack traffiC.

Options:

A.

TRUE

B.

FALSE

Question 25

Which of the following is not part of the changing trend in cyberattacks? (Single selection)

Options:

A.

Physicalization of attack methods

B.

Complication of attack methods

C.

The attack method changes little

D.

Diversification of attack objectives

Question 26

The global nature of the Internet exposes Teb services to attacks of varying sizes, sizes, and sophistications So which of the following options can secure Web services?

Options:

A.

run IIS Lockdown Wizzard

B.

Install the latest operating system patches

C.

Disable default and management of web sites

D.

Disable network printing

Question 27

Which of the following standard bills is relevant to security audits? (Multiple selection)

Options:

A.

sox

B.

IS027001

C.

IS022000

D.

Graded protection

Question 28

Huawei's network security intelligence system CIS can only be linked with which of the following devices to block viruses?

Options:

A.

Firewall

B.

Agile Controller-Campus

C.

SecoManager

D.

AgileController-DCN

Question 29

As a network administrator, if you want to understand the security events of web attacks by viewing the logs on the WAF. What kind of logs do I need to see? (single selection).

Options:

A.

Operation log

B.

System logs

C.

Anti-tamper log

D.

Application protection logs

Question 30

The server can set or read the information contained in the cookie This maintains state in the user's session with the server.

A5RUE

B. FALSE

Options:

Question 31

Which of the following describes the business process of the network trapping scheme wrong? (single selection).

Options:

A.

The attacker initiates a network scanning attack The purpose is to probe the network structure.

B.

The business that the attacker eventually attacks is a deliberately constructed counterfeit food business. Therefore, all the actions of the attacker are monitored and reported to the CIS platform

C.

When the access traffic reaches the trapping probe A collision between the probe needle and the trap will be used to send the access flow to the trap

D.

Trapping probes can analyze the frequency of scanning different destination IPs or ports for the same source address Then a virtual MAC responds to the attacker.

Question 32

Verify user-provided data in the form of whitelists or blacklists, and construct SQL sentences So that user-supplied data cannot affect the logic of the statement This protects against SQL injection attacks.

Options:

A.

TRUE

B・ FALSE

Question 33

Which of the following options protects against SMRF attacks?

Options:

A.

If the source address of an ICMP request packet is a broadcast address, the packet is discarded

B.

If the destination address of an ICMP request packet is a network address, the packet is discarded

C.

If the destination address of an ICMP request packet is a broadcast address, the packet is discarded

D.

If the source address of the ICMP request packet is the host address The message is discarded

Question 34

Digital certificates can ensure the credibility of the public key of the communicating partner in the process of data transmission.

Options:

A.

TRUE

B.

FALSE

Question 35

Requirements for physical facilities in the computer room in Class Protection 2.0

Options:

A.

Intrusion prevention

B.

Electromagnetic protection

C.

Personnel authorization

Question 36

Which of the following health check descriptions is correct? (Selection)

Options:

A.

You do not need to configure a security policy to allow health check packets.

B.

The outbound interface of the probe message does not need to be fixed

C.

After specifying the junction of the link health check The outgoing interface of the health probe packet can be consistent with the incoming interface of the response packet.

D.

When configuring the protocol and port of the health check, check whether the corresponding protocol and port are enabled on the peer side.

Question 37

In the following description of IPv6 security features, which one is wrong? (single selection).

As IPv6 DNS and other related protocols are designed for security

B. IPv6 addresses can be generated by encryption However, privacy headers are not supported

C. AH, and ES can be used as extension headers for IPv6 IPsec is used for additional security.

D. The IPv6 address is 128 bits to ensure that the source address is trusted

Options:

Question 38

Each element of the audit policy can be flexibly configured, which is convenient for users to classify, classify audit and response, so how many elements the audit strategy includes

Options:

A.

3

B.

1

C.

2

D.

4

Question 39

The USG firewall is connected to the corporate intranet through a router After the firewall is configured with the cross-Layer 3 MAC identification feature, then the security policy of the firewall can configure the MAC address as a match condition o

Options:

A.

TRUE

B.

FALSE

Question 40

In the WAF defense-in-depth system, which of the following security checks is used to protect against CC attacks? (single selection).

Options:

A.

Content security check

B.

Access behavior security check

C.

Security checks for sensitive information

D.

Network security inspection

Question 41

Determine the goal, 2 Intranet forwarding' 3 Intranet penetration, 4 Trace removal, 5 Information Collection, 6 Vulnerability detection, 7 Exploit vulnerabilities, 8 Write test reports. The following is the correct understanding of the penetration test process' (single selection).

Options:

A.

1-5-6-7-4-2-3-8

B.

1-5-6-7-2-3-4-8

C.

1 -5-6-7-3-2-4-8

D.

D. ・5・2・3・4・6・7・8

Load More H12-731_V2.0 Questions
Page: 1 / 28
Total 276 questions
Get H12-731_V2.0 Full Access Download H12-731_V2.0 PDF