A fully updated 2021 H12-711-ENU Exam Dumps exam guide from training expert Fast2test [Q79-Q102]

Share

A fully updated 2021 H12-711-ENU Exam Dumps exam guide from training expert Fast2test

Provides complete coverage of every objective on exam and exam preparation H12-711-ENU

NEW QUESTION 79
Regarding the firewall security policy, which of the following options are wrong?

  • A. When configuring the security policy name, you cannot reuse the same name.
  • B. If the security policy is permit, the discarded message will not accumulate the number of hits.
  • C. Adjust the order of security policies without saving the configuration file.
  • D. The number of security policy entries of Huawei USG series firewalls cannot exceed 128.

Answer: B

 

NEW QUESTION 80
Which of the following is wrong about the management of Internet users?

  • A. Each user group can belong to multiple user groups
  • B. The system has a default user group by default, which is also the system default authentication domain.
  • C. Each user group can include multiple users and user groups
  • D. Each user belongs to at least one user group, also can belong to multiple user groups

Answer: A

 

NEW QUESTION 81
Typical remote authentication modes are: (Multiple Choice)

  • A. LLDP
  • B. Local
  • C. RADIUS
  • D. HWTACACS

Answer: C,D

 

NEW QUESTION 82
Which of the following description are correct about the security policy action and security configuration file? (Multiple Choice)

  • A. The security configuration file can be applied without being applied to the security policy allowed by the action.
  • B. If the action of the security policy is "prohibited", the device will discard this traffic and will not perform content security check later.
  • C. The security configuration file must be applied to the security policy that is allowed to take effect.
  • D. If the security policy action is "Allow", the traffic will not match the security configuration file.

Answer: B,C

 

NEW QUESTION 83
Which of the following are the status information that can be backed up by the HRP (Huawei Redundancy Protocol) protocol? (Multiple choice)

  • A. Dynamic blacklist
  • B. ServerMap entry
  • C. Routing table
  • D. Session table

Answer: A,B,D

 

NEW QUESTION 84
Which description about disconnect the TCP connection 4 times-handshake is wrong?

  • A. passive closing party end need to send a file to the application, the application will close it connection and lead to send a FIN
  • B. in passive close the sender after the FIN, initiative to close must send back a confirmation, and will confirm the serial number is set to receive serial number 1
  • C. when passive close receipt the first FIN, it will send back an ACK, and randomly generated to confirm the serial number
  • D. initiative to shut down the sender first FIN active closed, while the other received this FIN perform passive shut down

Answer: C

 

NEW QUESTION 85
Which of the following statement about the L2TP VPN of Client-initialized is wrong?

  • A. remote users do not need to install VPN client software
  • B. LNS assign a private IP address for remote users
  • C. LNS device receives user L2TPconnection request, can verify based on user name and password.
  • D. After the remote user access to internet, can initiate L2TP tunneling request to the remote LNS directly through the client software

Answer: A

 

NEW QUESTION 86
On the USG series firewalls, the default security policy does not support modification.

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 87
When the session authentication mode is used to trigger the firewall's built-in Portal authentication, the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 88
In IPSEC VPN, which of the following scenarios can be applied by tunnel mode?

  • A. between hosts and security gateways
  • B. Between tunnel mode and transport mode
  • C. between security gateways
  • D. between the host and the host

Answer: C

 

NEW QUESTION 89
Which of the following behaviors is relatively safer when connecting to Wi-Fi in public places?

  • A. Connect unencrypted free Wi-Fi for online shopping
  • B. Connect encrypted free Wi-Fi for online transfer operations
  • C. Connect to the paid Wi-Fi hotspot provided by the operator and only browse the web
  • D. Connect Wi-Fi hotspots that are not encrypted

Answer: C

 

NEW QUESTION 90
Which of the following is true about the description of SSL VPN?

  • A. Can be used without a client
  • B. No authentication required
  • C. There is a NAT traversal problem
  • D. May encrypt to IP layer

Answer: A

 

NEW QUESTION 91
The repair of anti-virus software only needs to be able to repair some system files that were accidentally deleted when killing the virus to prevent the system from crashing.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 92
The world's first worm "Morris worm" made people realize that as people become more dependent on computers, the possibility of computer networks being attacked increases, and it is necessary to establish a comprehensive emergency response system.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 93
On Huawei USG series devices, the administrator wants to erase the configuration file. Which of the following commands is correct?

  • A. clear saved-configuration
  • B. reset current-configuration
  • C. reset running-configuration
  • D. reset saved-configuration

Answer: D

 

NEW QUESTION 94
Which of the following are malicious programs? (Multiple choice)

  • A. Trojan horse
  • B. Virus
  • C. worm
  • D. Vulnerabilities

Answer: A,B,C

 

NEW QUESTION 95
Which of the following are the default security zones of Huawei firewall? (Multiple Choice)

  • A. Untrust area
  • B. Trust area
  • C. Zone area
  • D. Security area

Answer: A,B

 

NEW QUESTION 96
Which of the following is wrong about the scanning of vulnerabilities?

  • A. Vulnerabilities can be avoided
  • B. The vulnerability was discovered beforehand and discovered afterwards.
  • C. Vulnerabilities are generally repairable
  • D. Vulnerabilities are security risks that can expose computers to hackers

Answer: A

 

NEW QUESTION 97
Which of the following are the necessary configurations of IPSec VPN? (Multiple Choice)

  • A. Configure IKE SA related parameters
  • B. Configure the stream of interest
  • C. Configuring IPSec SA related parameters
  • D. Configuring IKE neighbors

Answer: A,B,C,D

 

NEW QUESTION 98
In information security prevention, commonly used security products are firewalls, Anti-DDos devices and IPS/IDS devices.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 99
In the USG system firewall, the ________ function can be used to provide well-known application services for non-known ports.

  • A. Port mapping
  • B. MAC and IP address binding
  • C. Long connection
  • D. Packet filtering

Answer: A

 

NEW QUESTION 100
Use iptables to write a rule that does not allow the network segment of 172.16.0.0/16 to access the device. Which of the following rules is correct?

  • A. iptables -t filter -A INPUT -s 172.16.0.0/16 -p all -j DROP
  • B. iptables -t filter -P INPUT -d 172.16.0.0/16 -p all -j ACCEPT
  • C. iptables -t filter -P INPUT -s 172.16.0.0/16 -p all -j DROP
  • D. iptables -t filter -P INPUT -s 172.16.0.0/16 -p all -j ACCEPT

Answer: A

 

NEW QUESTION 101
Which of the following does not include the steps of the safety assessment method?

  • A. Manual audit
  • B. Questionnaire survey
  • C. Data analysis
  • D. Penetration test

Answer: C

 

NEW QUESTION 102
......

Tested Material Used To H12-711-ENU: https://www.fast2test.com/H12-711-ENU-premium-file.html

 

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어