Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Huawei
  5. H12-724

Huawei H12-724 Exam Questions
HCIP Security (Fast track) V1.0 (Page 31 )

Updated On: 31-Mar-2026
Page 15 of 75
PDF with 367 Questions

The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth. Or the equipment resources are exhausted.
Which of the following options is not included in traffic attack packets?

  1. TCP packets
  2. UDP packet
  3. ICMP message
  4. FTP message

Answer(s): D



Buffer overflows, Trojan horses, and backdoor attacks are all attacks at the application layer.

  1. True
  2. False

Answer(s): A



The user needs of a university are as follows:
1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.
2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.
3. At the same time, some pornographic websites in the student area are prohibited. The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

  1. You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements
  2. To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server
  3. In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server
  4. Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Answer(s): A,C,D



For special message attacks, which of the following option descriptions is correct?

  1. Special control packet attack is a potential attack and does not have direct destructive behavior
  2. The attacker probes the network structure by sending special control messages to launch a real attack.
  3. Special control message attacks do not have the ability to detect the network structure. Only scanning attacks can detect the network.
  4. Special control message items can only use ICMP to construct attack messages.

Answer(s): A



When the Anti DDoS system finds the attack flow, the state will redirect the attack flow to the cleaning device. After the cleaning device is cleaned, it will flow back. Note to the original link, which of the following options does not belong to the method of re- injection?

  1. Policy routing back annotation,
  2. GRE back note:
  3. MPLS LSP back injection
  4. BGP back-annotation

Answer(s): D



Viewing page 31 of 75
Viewing questions 151 - 155 out of 367 questions



Post your Comments and Discuss Huawei H12-724 exam dumps with other Community members:

H12-724 Exam Discussions & Posts

AI Tutor 👋 I’m here to help!