H12-711 by Huawei Actual Free Exam Questions And Answers

Question 1

Security technology has different approaches at different technical levels and areas. Which of the following devices can be used for network layer security protection? (Multiple choice)

A. Vulnerability scanning device

B. Anti-DDoS equipment

C. Firewall

D. IPS/IDS equipment

Discussion 0

Correct Answer: B,C,D Vote an answer

Question 2

Which level is the corresponding warning for major network security incidents that occur?

A. Red warning

B. Blue warning

C. Orange warning

D. Yellow warning

Discussion 0

Correct Answer: C Vote an answer

Question 3

In the security assessment method, the purpose of the security scan is to scan the target system with a scan analysis evaluation tool to discover related vulnerabilities and prepare for the attack.

A. False

B. True

Discussion 0

Correct Answer: A Vote an answer

Question 4

In IPSEC VPN, which of the following scenarios can be applied by tunnel mode?

A. between the host and the host

B. between security gateways

C. between hosts and security gateways

D. Between tunnel mode and transport mode

Discussion 0

Correct Answer: B Vote an answer

Question 5

Which of the following is not included in the design principles of the questionnaire?

A. Specificity

B. Openness

C. Consistency

D. Integrity

Discussion 0

Correct Answer: C Vote an answer

Question 6

Which of the following is true about the description of the firewall?

A. In order to avoid single point of failure, the firewall only supports side-by-side deployment.

B. Adding a firewall to the network will inevitably change the topology of the network.

C. The firewall cannot transparently access the network.

D. Depending on the usage scenario, the firewall can be deployed in transparent mode or deployed in a three-bedroom mode.

Discussion 0

Correct Answer: D Vote an answer

Question 7

Which of the following options can be used in the advanced settings of windows firewall? (Multiple Choice)

A. Restore defaults

B. Set connection security rules

C. Set out inbound rules

D. Change notification rules

Discussion 0

Correct Answer: A,B,C,D Vote an answer

Question 8

About the contents of HRP standby configuration consistency check, which of the following is not included?

A. If the heartbeat interface with the same serial number configured

B. NAT policy

C. Next hop and outbound interface of static route

D. Certification strategy

Discussion 0

Correct Answer: C Vote an answer

Question 9

NAPT technology can implement a public network IP address for multiple private network hosts.

A. False

B. True

Discussion 0

Correct Answer: B Vote an answer

Question 10

When the session authentication mode is used to trigger the firewall's built-in Portal authentication, the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page.

A. False

B. True

Discussion 0

Correct Answer: B Vote an answer

Question 11

Information security level protection is the basic system of national information security work

A. False

B. True

Discussion 0

Correct Answer: B Vote an answer

Question 12

Common scanning attacks include: port scanning tools, vulnerability scanning tools, application scanning tools, database scanning tools, etc.

A. False

B. True

Discussion 0

Correct Answer: B Vote an answer

Question 13

For the description of ARP spoofing attacks, which the following statements is wrong?

A. The ARP implementation mechanism only considers the normal interaction of the service and does not verify any abnormal business interactions or malicious behaviors.

B. ARP static binding is a solution to ARP spoofing attacks. It is mainly applied to scenarios where the network size is small.

C. ARP spoofing attacks can only be implemented through ARP replies and cannot be implemented through ARP requests.

D. When a host sends a normal ARP request, the attacker will respond preemptively, causing the host to establish an incorrect IP and MAC mapping relationship.

Discussion 0

Correct Answer: C Vote an answer

Question 14

Which of the following attacks is not a malformed message attack?

A. ICMP unreachable packet attack

B. Smurf attack

C. Teardrop attack

D. TCP fragment attack

Discussion 0

Correct Answer: A Vote an answer

Question 15

When the following conditions occur in the VGMP group, the VGMP message will not be sent to the peer end actively?

A. Firewall service interface failure

B. Manually switch the active and standby status of the firewall.

C. Session table entry changes

D. Dual hot backup function enabled

Discussion 0

Correct Answer: C Vote an answer

Huawei HCIA-Security V3.0 - H12-711 Exam Practice Test

Contact Us

Useful Links

Latest Updated