H12-711試験無料問題集（290題）「Huawei HCIA-Security V3.0 認定」

出題：1

Which of the following is not the certificate save file format supported by the USG6000 series?

A. PEM

B. PKCS#

C. DER

D. PKCS#12

正解：B 解答を投票する

出題：2

Which of the following are the main implementations of gateway anti-virus? (Multiple choice)

A. File killing method

B. Agent scanning method

C. Package inspection method

D. Stream scanning method

正解：B,D 解答を投票する

出題：3

Security technology has different approaches at different technical levels and areas. Which of the following devices can be used for network layer security protection? (Multiple choice)

A. Firewall

B. IPS/IDS equipment

C. Anti-DDoS equipment

D. Vulnerability scanning device

正解：A,B,C 解答を投票する

出題：4

Which of the following option does not belong to symmetric encryption algorithm?

A. 3DES

B. DES

C. RSA

D. AES

正解：C 解答を投票する

出題：5

Regarding the HRP master and backup configuration consistency check content, which of the following is not included?

A. Next hop and outbound interface of static route

B. NAT policy

C. Is the heartbeat interface configured with the same serial number?

D. Authentication Policy

正解：A 解答を投票する

出題：6

ASPF (Application Specific Packet Filter) is a packet filtering technology based on the application layer, and implements a special security mechanism through the server-map table.
Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)

A. ASPF can dynamically create a server-map

B. The quintuple server-map entry implements a similar function to the session table.

C. ASPF monitors messages during communication

D. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.

正解：A,C,D 解答を投票する

出題：7

Which of the following is not part of the LINUX operating system?

A. RedHat

B. CentOS

C. MAC OS

D. Ubuntu

正解：C 解答を投票する

出題：8

Which of the following descriptions of the firewall fragment cache function are correct? (Multiple choice)

A. By default, the number of large fragment caches of an IPV4 packet is 32, and the number of large fragmentation buffers of an IPV6 packet is 255.

B. After the fragmented packet is directly forwarded, the firewall forwards the fragment according to the interzone security policy if it is not the fragmented packet of the first packet.

C. By default, the firewall caches fragmented packets.

D. For fragmented packets, NAT ALG does not support the processing of SIP fragmented packets.

正解：A,C,D 解答を投票する

出題：9

Fire Trust domain FTP client wants to access an Untrust server FTP service has allowed the client to access the server TCP 21 port, the client in the Windows command line window can log into the FTP server, but can not download the file, what are the following solutions? (Multiple choice)

A. Trust Untrust domain configuration is enabled detect ftp

B. the FTP works with the port mode modify the Untrust Trust domain to allow the inbound direction between the default access strategy

C. FTP works with Passive mode modify the domain inbound direction between the Untrust Trust default access policy to allow

D. take the Trust between Untrust domain to allow two-way default access strategy

正解：A,B,D 解答を投票する

出題：10

Which of the following options belong to the necessary configuration for the firewall double hot standby scenario? (Multiple Choice)

A. hrp preempt [delay interval]

B. hrp interface interface-type interface-number

C. hrp mirror session enable

D. hrp enable

正解：B,D 解答を投票する

出題：11

IPSec VPN uses an asymmetric encryption algorithm to encrypt the transmitted data.

A. True

B. False

正解：B 解答を投票する

出題：12

If the company structure has undergone a practical change, it is necessary to retest whether the business continuity plan is feasible.

A. True

B. False

正解：A 解答を投票する

出題：13

Which of the following descriptions is wrong about the source of electronic evidence?

A. Movies and TV shows belong to electronic evidence related to network technology.

B. Fax data, mobile phone recording is an electronic evidence related to communication technology.

C. Database operation records, operating system logs are computer-related electronic evidence

D. Operating system, e-mail, chat records can be used as a source of electronic evidence

正解：A 解答を投票する

出題：14

Which of the following is the analysis layer device in the Huawei SDSec solution?

A. CIS

B. Firehunter

C. switch

D. Agile Controller

正解：B 解答を投票する

出題：15

Intrusion prevention system technical characteristics include (Multiple choice)

A. real-time blocking

B. online mode

C. self-learning and adaptive

D. straight road deployment

正解：A,B,C 解答を投票する

出題：16

Which of the following are international organizations related to information security standardization? (Multiple Choice)

A. International Organization for Standardization (ISO)

B. International Electrotechnical Commission (IEC)

C. Wi-Fi Alliance

D. International Telecommunication Union (ITU)

正解：A,B,D 解答を投票する

出題：17

Which of the following are the versions of the SNMP protocol? (Multiple choice)

A. SNMPv1

B. SNMPv3

C. SNMPv2c

D. SNMPv2b

正解：A,B,C 解答を投票する

出題：18

In the information security system construction management cycle, which of the following actions is required to be implemented in the "check" link?

A. Safety management system operation monitoring

B. Implementation of the safety management system

C. Risk assessment

D. Safety management system design

正解：C 解答を投票する

出題：19

The VRRP advertisement packet of the Huawei USG firewall is a multicast packet. Therefore, each firewall in the backup group must be able to implement direct Layer 2 interworking.

A. True

B. False

正解：A 解答を投票する

出題：20

Which of the following is true about the description of the firewall?

A. Adding a firewall to the network will inevitably change the topology of the network.

B. Depending on the usage scenario, the firewall can be deployed in transparent mode or deployed in a three-bedroom mode.

C. In order to avoid single point of failure, the firewall only supports side-by-side deployment.

D. The firewall cannot transparently access the network.

正解：B 解答を投票する

H12-711試験無料問題集「Huawei HCIA-Security V3.0 認定」