H12-722 Questions and Answers

POP3

IMAP

FTP

TFTP

Website phishing deception

Website Trojan

SQL injection

Cross-site scripting attacks 2335

Lack of effective protection against application layer threats.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

Ability to quickly adapt to changes in threats.

Unable to accurately control various applications, such as P2P, online games, etc. .

True

False

HTTP Flood source authentication

HTTP source statistics

URI source fingerprint learning function

Baseline learning

Scanning attacks include address scanning and port scanning.

It is usually the network detection behavior before the attacker launches the real attack.

155955cc-666171a2-20fac832-0c042c0424

The source address of the scanning attack is real, so it can be defended by adding direct assistance to the blacklist.

When a worm virus breaks out, it is usually accompanied by an address scanning attack, so scanning attacks are offensive.

Single packet attack

Floating child attack

Malformed message attack

Snooping scan attack

True

False

3->1->4->2->5

3->2->4->1->5

3->2->1->4->5

3->1->2->4->5

Hacking

Weak personal safety awareness

Open company confidential files

Failure to update the virus database in time

IDS can be linked with firewalls and switches to become a powerful "assistant" of firewalls, which can better and more accurately control access between domains.

It is impossible to correctly analyze the malicious code doped in the allowed application data stream.

Unable to detect malicious operations or misoperations from internal killings.

Cannot do in-depth inspection

The main function is to prevent network attacks based on source address spoofing.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

The administrator has not set the time to vote every day from 9:00 to 18:00

The shopping website does not belong to the predefined shopping website category

The administrator did not submit the configuration after completing the configuration.

The administrator has not applied the URL pass-through configuration file to the security policy.

ID

Message length

Agreement

Direction

Viruses are triggered by computer users

Viruses can replicate themselves

Trojan horses are triggered by computer users

Trojans can replicate themselves

Address scanning

Buffer overflow p

Port scan

IP spoofing

Warning

Block and push the page

A warning dialog box pops up

All access to the client is prohibited

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

Use the newly received network packet as the data source;

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

Used to monitor network traffic, and can be deployed independently.

True

False

Prefix matching

Suffix matching

155955cc-666171a2-20fac832-0c042c043

Keyword matching

Exact match

True

False