H12-711-ENU試験無料問題集（290題）「Huawei HCIA-Security V3.0 認定」

出題：1

IPSec VPN uses an asymmetric encryption algorithm to encrypt the transmitted data.

A. True

B. False

正解：B 解答を投票する

出題：2

Which of the following descriptions is wrong about the root CA certificate?

A. Signature is generated by CA public key encryption

B. The issuer is CA

C. The certificate subject name is CA.

D. Public key information is the public key of the CA

正解：A 解答を投票する

出題：3

Which of the following protocols can guarantee the confidentiality of data transmission? (Multiple Choice)

A. Telnet

B. HTTPS

C. FTP

D. SSH

正解：B,D 解答を投票する

出題：4

The world's first worm "Morris worm" made people realize that as people become more dependent on computers, the possibility of computer networks being attacked increases, and it is necessary to establish a comprehensive emergency response system.

A. True

B. False

正解：A 解答を投票する

出題：5

W hich of the following are the characteristics of a symmetric encryption algorithm? (Multiple choice)

A. Fast encryption

B. Key distribution security is high

C. Key distribution is not secure

D. Confidential speed is slow

正解：A,C 解答を投票する

出題：6

Regarding the problem that the two-way binding user of the authentication-free method cannot access the network resources, which of the following options are possible reasons? (Multiple choice)

A. The authentication-free user does not use the PC with the specified IP/MAC address.

B. The authentication-free user and the authenticated user are in the same security zone.

C. The authentication action in the authentication policy is set to "No credit / free authentication"

D. Online users have reached a large value

正解：A,D 解答を投票する

出題：7

Which of the following are the ways in which a PKI entity applies for a local certificate from CA? (Multiple Choice)

A. Offline application

B. Online application

C. Network application

D. Local application

正解：A,B 解答を投票する

出題：8

Which of the following statements about IPSec SA is true?

A. IPSec SA is two-way

B. IPSec SA is one-way

C. used to generate an encryption key

D. Used to generate a secret algorithm

正解：B 解答を投票する

出題：9

In order to obtain evidence of crime, it is necessary to master the technology of intrusion tracking. Which of the following descriptions are correct about the tracking technology? (Multiple Choice)

A. Packet Recording Technology marks packets on each router that has been spoken by inserting trace data into the tracked IP packets.

B. Link detection technology determines the source of the attack by testing the network connection between the routers.

C. Analysis of shallow mail behavior can analyze the information such as sending IP address, sending time, sending frequency, number of recipients, shallow email headers, etc.

D. Packet tagging technology extracts information from attack sources by recording packets on the router and then using data drilling techniques

正解：A,B,C 解答を投票する

出題：10

Which of the following are in the certification area of ISO27001? (Multiple choice)

A. Vulnerability management

B. Access control

C. Business continuity management

D. Personnel safety

正解：A,B,C,D 解答を投票する

出題：11

Which of the following is true about the sequencing of the PKI work process?
1. The communication terminal applies for CA certificate.
2. PKI replies to CA certificate
3. Obtain each other's certificate and verify the validity
4. Communication terminal installs local certificate
5. PKI issues a local certificate
6. The communication terminal applies for a local certificate
7. Communication terminal installs CA certificate
8. Communicate with each other

A. 1-2-6-5-7-4-3-8

B. 1-2-7-6-5-4-3-8

C. 6-5-4-1-2-7-3-8

D. 6-5-4-3-1-2-7-8

正解：B 解答を投票する

出題：12

Which of the following statements is wrong about the firewall gateway's anti-virus response to the HTTP protocol?

A. Response methods include announcement and blocking

B. Alarm mode device only generates logs and sends them out without processing the files transmitted by the HTTP protocol.

C. Blocking means that the device disconnects from the HTTP server and blocks file transfer.

D. When the gateway device blocks the HTTP connection, push the web page to the client and generate a log.

正解：A 解答を投票する

出題：13

Antivirus software and host firewall have the same effect.

A. True

B. False

正解：B 解答を投票する

出題：14

When configuring NAT Server on the USG series firewall, the server-map table will be generated. Which of the following does not belong in the table?

A. Agreement number

B. Destination port number

C. Source IP

D. Destination IP

正解：C 解答を投票する

出題：15

In the current network it has deployed other authentication system, device registration function by enabling a single point, reducing the user to re-enter the password.
What are correct about single sign-on statements? (Multiple choice)

A. AD domain single sign-on is only one deployment model

B. device can identify the user through the authentication of the identity authentication system, user access, the device will not push authentication pages, to avoid further asked to enter a username / password

C. Although not require to enter a user password, but the authentication server needs to interact with the user password and devices used to ensure that certification through discussion

D. AD domain single sign-on login can be mirrored data stream synchronized manner to the firewall

正解：B,D 解答を投票する

出題：16

Electronic evidence preservation is directly related to the legal effect of evidence, in line with the preservation of legal procedures, and its authenticity and reliability are guaranteed. Which of the following is not an evidence preservation technology?

A. Encryption technology

B. Message tag tracking technology

C. Digital signature technology

D. Digital certificate technology

正解：B 解答を投票する

H12-711-ENU試験無料問題集「Huawei HCIA-Security V3.0 認定」