Latest [Nov 16, 2022] H12-711_V3.0-ENU Exam with Accurate HCIA-Security V3.0 PDF Questions
Take a Leap Forward in Your Career by Earning Huawei 466 Questions
NEW QUESTION 236
Which of the following NAT technologies can implement a public network address to provide source address translation for multiple private network addresses ( )*
- A. Easy-ip
CT Jinglu - B. NAT No-PAT
- C. NAT Server
- D. NAPT
Answer: C
NEW QUESTION 237
Regarding the description of firewall dual-system hot backup, which of the following options are correct? (Multiple Choice)
- A. The firewall dual-system hot backup needs to synchronize the backup of the session table, MAC table, routing table and other information between the master device and the slave device
- B. VGMP is used to ensure the consistency of all VRRP backup group switching
- C. The state of all VRRP backup groups of the same VGMP management group on the same firewall is required to be consistent
- D. When multiple areas on the firewall need to provide dual-system backup, multiple VRRP backup groups need to be configured on the firewall
Answer: B,C,D
NEW QUESTION 238
When configuring user single sign-on, if the mode of querying the security log of the AD server is adopted, please sort the following authentication processes:
Answer:
Explanation:
NEW QUESTION 239
existL2TPconfiguration, for the commandTunnel Name, which of the following statements is true? (multiple choice)
- A. Used to specify the tunnel name of the peer
- B. Used to specify the tunnel name of the local end
- C. If not configuredTunnel Name, the tunnel name is the local system name
- D. both endsTunnel Nnamemust be consistent
Answer: B,C
NEW QUESTION 240
Please match the following malicious code classification and description one by one
Answer:
Explanation:
NEW QUESTION 241
Which of the following does not belong to the classification of cybersecurity incidents?
- A. Special cybersecurity incidents
- B. Major cybersecurity incidents
- C. Major cybersecurity incidents
- D. General cybersecurity incidents
Answer: A
NEW QUESTION 242
After the firewall detects the virus, which of the following will release the virus?
- A. Source IP hits the whitelist
- B. Protocol not supported by firewall
- C. Hit virus exception
- D. Hit application exception
Answer: C
NEW QUESTION 243
Social engineering is a kind of harmful means such as deception and harm through psychological traps such as psychological weakness, instinctual reaction, curiosity, trust, and greed of the victim.
- A. TURE
- B. FALSE
Answer: A
NEW QUESTION 244
whenUSGWhich of the following logs can be viewed when the series firewall hard disk is in place? (multiple choice)
- A. Threat log
- B. business log
- C. Operation log
- D. Alarm information
Answer: A,B,C,D
NEW QUESTION 245
In the information security system construction management cycle, which of the following behaviors is"check"What needs to be implemented in the link?
- A. Safety management system operation monitoring
- B. Risk assessment
- C. Safety management system design
- D. Safety management system implementation
Answer: B
NEW QUESTION 246
existIPSec VPNIn the transmission mode, which part of the encrypted data packet is?
- A. Network layer and upper layer data packets
- B. Transport layer and upper layer data packets
- C. newIPheader
- D. OriginalIPheader
Answer: B
NEW QUESTION 247
Regarding the description of the GRE VPN tunnel configuration, which of the following options are correct?
- A. The tunnel interface must be configured with an IP address
- B. The tunnel address must ensure that the network layer is reachable
- C. The tunnel interface must be added to the security zone
- D. The tunnel interface numbers of the devices at both ends must be the same
Answer: A,B,C,D
NEW QUESTION 248
Regarding Client-Initialized L2TP VPN, which of the following statements is wrong?
- A. LNS assigns private IP addresses to remote users
- B. Remote users do not need to install VPN client software
- C. After remote users access the Internet, they can directly initiate an L2TP tunnel connection request to the remote LNS through the client software
- D. The LNS device receives the user's L2TP connection request, and can verify the user based on the user name and password
Answer: B
NEW QUESTION 249
ASPF (Application specific Packet Filter) is a packet filtering technology based on the application layer and implements a special security mechanism through the server-map table. Regarding ASPF and server-map tables, which of the following are correct? (Multiple choice)
- A. ASPF dynamically allows multi-channel protocol data to pass through the server-map table
- B. ASPF can dynamically create server-map
- C. ASPF monitors the packets in the communication process
- D. The five-tuple server-map table entry implements a function similar to the session table
Answer: A,B,C
NEW QUESTION 250
Which of the following optionsVPNDoes technical support encrypt data packets? (multiple choice)
- A. GRE VPN
- B. L2TP VPN
- C. IPSec VPN
- D. SSL VPN
Answer: C,D
NEW QUESTION 251
aboutL2TP VPNstatement, which of the following is false?
- A. Data will not be encrypted
- B. belonging to the third floorVPNTechnology
- C. It is suitable for employees on business to dial up to access the intranet
- D. WithIPsec VPNIn conjunction with
Answer: B
NEW QUESTION 252
Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security protection? (Multiple choice)
- A. Vulnerability scanning device
- B. Anti-DDoS device
- C. Firewall
- D. IPS/IDS device
Answer: B,C,D
NEW QUESTION 253
In response to network security incidents, remote emergency response is generally taken first. If the problem cannot be solved for the customer through remote access, after the customer confirms, it will be transferred to the local emergency response process.
- A. True
- B. False
Answer: A
NEW QUESTION 254
at HuaweiUSGOn the series firewalls, the default security policy does not support modification.
- A. False
- B. True
Answer: A
NEW QUESTION 255
If internal employees access the Internet through a firewall and find that they cannot connect to the Internet normally, which view commands can be used on the firewall to troubleshoot the interface state security zone, security policy, and routing table? (Write any view command, require: command line The words must be complete and correct to score, and cannot be omitted or abbreviated)
- A. display ip routing-table display zone
Answer: A
NEW QUESTION 256
In the architecture of PKI, ______ is the window for CA to face users, and is an extension of CA's certificate issuance and management functions. He is responsible for accepting user's certificate registration and revocation applications, reviewing employee identity information, and deciding Whether to submit an application to the CA to issue or revoke a digital certificate.[fill in the blank]*
Answer:
Explanation:
RA
NEW QUESTION 257
Using a computer to store information about criminal activities is not a method of computer crime
- A. False
- B. True
Answer: A
NEW QUESTION 258
The steps of the security assessment method do not include which of the following?
- A. Manual audit
- B. Questionnaire
- C. Penetration testing
- D. data analysis
Answer: D
NEW QUESTION 259
_____ Mode: Two devices, one master and one backup. Under normal circumstances, service traffic is handled by the active device. When the active device fails, the standby device replaces the active device to process service traffic to ensure that services are not interrupted.[fill in the blank]*
Answer:
Explanation:
Dual-system hot standby active/standby backup
NEW QUESTION 260
The matching principle of the security policy is: first search for the manually configured inter-domain security policy, if it does not match, then directly discard the data packet.
- A. True
- B. False
Answer: A
NEW QUESTION 261
......
Authentic Best resources for H12-711_V3.0-ENU Online Practice Exam: https://troytec.itpassleader.com/Huawei/H12-711_V3.0-ENU-dumps-pass-exam.html