H12-711 Certification Overview - [Nov 29, 2021] Latest H12-711 PDF Dumps
The Best Huawei H12-711 Study Guides and Dumps of 2021
NEW QUESTION 52
In the security assessment method, the purpose ofthe security scan is to scan the target system with a scan analysis evaluation tool to discover related vulnerabilities and prepare for the attack.
- A. False
- B. True
Answer: A
NEW QUESTION 53
Which of the following are the versions of the SNMP protocol? (Multiple choice)
- A. SNMPv1
- B. SNMPv2b
- C. SNMPv2c
- D. SNMPv3
Answer: A,C,D
NEW QUESTION 54
In the IPSec VPN transmission mode, which part ofthe data packe: is encrypted?
- A. New IP packet header
- B. Transport layer and upper layer data packet
- C. Network layer and upper layer data packet
- D. Original IP packet header
Answer: B
NEW QUESTION 55
Using a computer to store information about criminal activity is not a comouter crime
- A. False
- B. True
Answer: A
NEW QUESTION 56
Regarding the relationship and role of VRRPA/GMP/HRP. which of the following statements are correct?(Multiple choice)
- A. VRRP is responsible for sending free ARP to direct traffic to the new primary device during active/standby switchover.
- B. VGMP is responsible for monitoring equipment failures and controlling fast switching of equipment.
- C. VGMP group in the active state may include the VRRP group in the standby state.
- D. HRP is responsible for data backup during hot standby operation
Answer: A,B,D
NEW QUESTION 57
If the administrator uses 'he default authentication domain to authenticate a user, you onlyneed to enter a user name when the user logs, if administrators use the newly created authentication domain to authenticate the user, the user will need to enter login "username @ Certified domain name"
- A. False
- B. True
Answer: B
NEW QUESTION 58
Which scenarios does IPSec WEB configuration wizard not support?
- A. Gateway to Gateway
- B. Branch Gateway
- C. Center Gateway
- D. Host and Host
Answer: D
NEW QUESTION 59
Which of the following io true about the description of the firewall?
- A. Adding a firewall to the network will inevitably change the :opology of the network.
- B. In order to avoid single point of faiure. the firewall only supports side-by-side deplcyment.
- C. The firewall cannot transparently access the network.
- D. Depending on the usage scenario, the firewall can be deployed in transparent moce or deployed in a three bedroom mode.
Answer: D
NEW QUESTION 60
Which of the following guarantees "should detect and protect spam at critical network nodes and maintain upgrades and updates of the spam protection mechanism" in security 2.0?
- A. Centralized control
- B. Malicious code prevention
- C. Border protection
- D. Communication transmission
Answer: B
NEW QUESTION 61
Which of the following are correct regarding the matching conditions of the security policy? (Multiple choice)
- A. "Time period" in the matching condition is an optional parameter
- B. "The source security zone" is an optional parameter in the matching condition.
- C. "Apply" in the matching condition is an optional parameter
- D. "Service" is an optional parameter in the matching condition
Answer: A,B,C,D
NEW QUESTION 62
Which of the following is not part of the method used in the Detection section of the P2DR model?
- A. Shut down the service
- B. Testing
- C. Real-time monitoring
- D. Alarm
Answer: D
NEW QUESTION 63
Under the tunnel encapsulation mode. IPSec configuration does not need to have a route to thedestination private network segment, because the data will be re-encapsulated using the new IP header to find the routing table.
- A. False
- B. True
Answer: A
NEW QUESTION 64
Which of the following is the core part of the P2DR model?
- A. Response
- B. Protection
- C. Detection
- D. Policy Strategy
Answer: D
NEW QUESTION 65
Except built-in Portal authentication, firewall also supports custom Portal authentication, when using a custom Portal authentication, no need to deploy a separate external Portal server.
- A. False
- B. True
Answer: A
NEW QUESTION 66
The scene of internal users access the internet as shown, the subscriber line process are:
1. After authentication, USG allow the connection
2. The user input http://1.1.1.1 to access Internet
3. USG push authentication interface, User =? Password =?
4. The user successfully accessed http://1.1.1.1, equipment create Session table.
5. User input User = *** Password = ***
Which the following procedure is correct?
- A. 2-3-1-5-4
- B. 2-1-3-5-4
- C. 2-3-5-1-4
- D. 2-5-3-1-4
Answer: C
NEW QUESTION 67
Which of the following are in the certification area of IS027001? (Multiple choice)
- A. Business continuity management
- B. Personnel safety
- C. Vulnerability management
- D. Access control
Answer: A,B,C,D
NEW QUESTION 68
Which of the following statements are correct about the business continuity plan? (Multiple Choice)
- A. Business continuity plan does not require high-level participation of the company in determining the project scope phase
- B. Not all security incidents must be reported to company executives
- C. Business continuity plan does not require high-level participation of the company before forming a formal document
- D. BCP needs flexibility because it cannot predict all possible accidents
Answer: B,D
NEW QUESTION 69
In L2TP configuration for command Tunnel Name, which statements are correct? (Multiple choice)
- A. Must be consistent with Tunnel Name peer configuration
- B. Usedto specify the name of the peer tunnel
- C. Used to specify the name of the end of the tunnel
- D. If do not configure the Tunnel Name, the tunnel name is the name of the local system
Answer: C,D
NEW QUESTION 70
IPSec VPN uses an asymmetric encryption algorithm to encrypt the transmitted data
- A. False
- B. True
Answer: A
NEW QUESTION 71
As shown in the figure, a NAT server application scenario isconfigured when the web configuration mode is used
Which of the following statements are correct"? (Multiple choice)
- A. When configuring NAT Server, the internal address is 10 1.1 2 and the external address is 200.10.10.1.
- B. When configuring NAT Server, the internal address is 200.10.10.1 and the external address is 10.1.1.2.
- C. When configuring an interzone secunty policy, set the source security zone to DMZ and the target secunty zone to Untrust.
- D. When configuring an interzone secunty policy, set the source security zone to Untrust and the target security zone to DMZ
Answer: A,D
NEW QUESTION 72
ASPF (Application Specific Packet Filter) is a kind of packet filtering basedon the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol.
ASPF by Server Map table achieves a special security mechanism. Which statement about ASPF and Server map table are correct? (Multiple choice)
- A. ASPF through server map table realize dynamic to allow multi-channel protocol data to pass
- B. Quintupleserver-map entries achieve a similar functionality with session table
- C. ASPF dynamically create and delete filtering rules
- D. ASPF monitors the packets in the process of communication
Answer: A,C,D
NEW QUESTION 73
During the configuration of NAT, which of the following will the device generate a Server-map entry? (Multiple Choice)?
- A. After the NAT server is configured successfully, the device automatically generates a server map entry.
- B. After configuring NAT No-PAT, the device will create a server-map table for the configured multi-channel protocol data stream.
- C. Automatically generate server-map entries when configuring source NAT.
- D. A server-map entry is generated when easy-ip is configured.
Answer: A,B
NEW QUESTION 74
The administrator PC and the USG firewall management interface directly connected using the web the way initialization, which of the following statements are true? (Multiple choice)
- A. IP address of the management PC is manually set to 192.168.0.2-192.168.0.254
- B. Manage PC browser access http://192.168.0.1
- C. Manage PC browser access http://192.168.1.1
- D. Set the NIC of the management PC to automatically obtain the IP address.
Answer: A,B
NEW QUESTION 75
......
Valid H12-711 Exam Updates - 2021 Study Guide: https://www.fast2test.com/H12-711-premium-file.html
Top Huawei H12-711 Exam Audio Study Guide! Practice Questions Edition: https://drive.google.com/open?id=1RE3eLsQ23RVRsaykwtGpwNh7B9POVEkq