H12-711試験無料問題集（290題）「Huawei HCIA-Security V3.0 認定」

出題：1

Which of the following is not a key technology for anti-virus software?

A. Format the disk

B. Shelling technology

C. Self-protection

D. Real-time upgrade of the virus database

正解：A 解答を投票する

出題：2

ASPF (Application Specific Packet Filter) is a packet filtering technology based on the application layer, and implements a special security mechanism through the server-map table.
Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)

A. ASPF can dynamically create a server-map

B. The quintuple server-map entry implements a similar function to the session table.

C. ASPF monitors messages during communication

D. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.

正解：A,C,D 解答を投票する

出題：3

Which of the following statements about Client-Initiated VPN is correct? (Multiple choice)

A. Each tunnel carries multiple L2TP sessions and one PPP connection.

B. A tunnel is established between each access user and the LNS.

C. Only one L2TP session and PPP connection are carried in each tunnel.

D. Each tunnel carries multiple L2TP sessions and PPP connections.

正解：B,C 解答を投票する

出題：4

Which of the following options belong to the necessary configuration for the firewall double hot standby scenario? (Multiple Choice)

A. hrp preempt [delay interval]

B. hrp interface interface-type interface-number

C. hrp mirror session enable

D. hrp enable

正解：B,D 解答を投票する

出題：5

IPS (Intrusion Prevention System) is a defense system that can block in real time when intrusion is discovered.

A. True

B. False

正解：A 解答を投票する

出題：6

Which configuration is correct to implement NAT ALG function?

A. nat alg protocol

B. nat protocol

C. detect protocol

D. alg protocol

正解：C 解答を投票する

出題：7

Which of the following options belong to the encapsulation mode supported by IPSec VPN? (Multiple Choice)

A. Tunnel mode

B. ESP mode

C. Transmission mode

D. AH mode

正解：A,C 解答を投票する

出題：8

Which of the following is not a requirement for firewall double hot standby?

A. The firewall hardware model is consistent

B. The firewall software version is consistent

C. The firewall interface has the same IP address.

D. The type and number of the interface used are the same.

正解：C 解答を投票する

出題：9

The matching principle of the security policy is: firstly, find the inter-domain security policy configured manually, and if there is no match, the data packet is directly discarded.

A. True

B. False

正解：A 解答を投票する

出題：10

In the USG series firewall, you can use the ______ function to provide well-known application services for non-known ports.

A. MAC and IP address binding

B. Port mapping

C. Packet filtering

D. Long connection

正解：B 解答を投票する

出題：11

Digital certificate technology solves the problem that public key owners cannot determine in digital signature technology.

A. True

B. False

正解：A 解答を投票する

出題：12

Against Buffer overflow attacks, which description is correct? (Multiple choice)

A. buffer overflow attack belongs to the application layer attack behavior

B. Buffer overflow attack is use of the software system on memory operating defects, by using high operating permission to run attack code

C. buffer overflow attack is the most common method of attack software system's behaviors

D. Buffer overflow attack has nothing to do with operating system's vulnerabilities and architecture

正解：A,B,C 解答を投票する

出題：13

Which of the following descriptions is correct about port mirroring? (Multiple Choice)

A. The mirrored port copies the packet to the observing port.

B. The observing port sends the received packet to the monitoring device.

C. The mirrored port sends the received packet to the monitoring device.

D. The observing port copies the packet to the mirrored port.

正解：A,B 解答を投票する

出題：14

NAT technology can securely transmit data by encrypting data.

A. True

B. False

正解：B 解答を投票する

H12-711試験無料問題集「Huawei HCIA-Security V3.0 認定」