H12-711試験無料問題集（290題）「Huawei HCIA-Security V3.0 認定」

出題：1

After the network intrusion event occurs, according to the plan to obtain the identity of the intrusion, the attack source and other information, and block the intrusion behavior, which links of the above actions are involved in the PDRR network security model? (Multiple Choice)

A. Protection link

B. Response link

C. Testing link

D. Recovery link

正解：B,C 解答を投票する

出題：2

Which of the following are international organizations related to information security standardization? (Multiple Choice)

A. International Organization for Standardization (ISO)

B. International Electrotechnical Commission (IEC)

C. Wi-Fi Alliance

D. International Telecommunication Union (ITU)

正解：A,B,D 解答を投票する

出題：3

Which of the following are key elements of information security prevention? (Multiple choice)

A. Security products and technologies

B. Security operation and management

C. Personnel

D. Asset management

正解：A,B,C,D 解答を投票する

出題：4

UDP port scanning means that the attacker sends a zero-byte UDP packet to a specific port of the target host. If the port is open, it will return an ICMP port reachable data packet.

A. True

B. False

正解：B 解答を投票する

出題：5

Which of the following description about the VGMP protocol is wrong?

A. VGMP ensure that all VRRP backup groups state are the same through a unified control of the switching of each VRRP backup group state

B. VGMP add multiple VRRP backup groups on the same firewall to a management group, uniformly manage all the VRRP group by management group.

C. By default, when three HELLO packet cycle of Standby end does not receive HELLO packets which are sent from the opposite end, the opposite end will be considered a failure, which will switch itself to the Active state

D. State of VGMP group is active, which will periodically send HELLO packets to the opposite end, Stdandby end only monitors the HELLO packets, which will not respond

正解：D 解答を投票する

出題：6

The preservation of electronic evidence is directly related to the legal effect of evidence, and it is in conformity with the preservation of legal procedures, and its authenticity and reliability are guaranteed. Which of the following is not an evidence preservation technique?

A. Encryption technology

B. Packet tag tracking technology

C. Digital signature technology

D. Digital certificate technology

正解：B 解答を投票する

出題：7

Which of the following attacks is not a special packet attack?

A. ICMP redirect packet attack

B. IP address scanning attack

C. Large ICMP packet attack

D. ICMP unreachable packet attack

正解：B 解答を投票する

出題：8

In order to obtain evidence of crime, it is necessary to master the technology of intrusion tracking. Which of the following descriptions are correct about the tracking technology? (Multiple Choice)

A. Shallow mail behavior analysis can analyze the information such as sending IP address, sending time, sending frequency, number of recipients, shallow email headers and so on.

B. Packet tagging technology extracts information from attack sources by recording packets on the router and then using data drilling techniques

C. Packet Recording Technology marks packets on each passing router by inserting trace data into the tracked IP packets

D. Link test technology determines the source of the attack by testing the network link between the routers

正解：A,C,D 解答を投票する

出題：9

Firewall update signature database and Virus database online through security service center, requires the firewall can connect to the Internet first, and then need to configure the correct DNS addresses.

A. FALSE

B. TRUE

正解：B 解答を投票する

出題：10

As shown in the figure, a NAT server application scenario is configured when the web configuration mode is used.

Which of the following statements are correct? (Multiple choice)

A. When configuring NAT Server, the internal address is 10.1.1.2 and the external address is 200.10.10.1.

B. When configuring an interzone security policy, set the source security zone to DMZ and the target security zone to Untrust.

C. When configuring NAT Server, the internal address is 200.10.10.1 and the external address is 10.1.1.2.

D. When configuring an interzone security policy, set the source security zone to Untrust and the target security zone to DMZ.

正解：A,D 解答を投票する

出題：11

Which types of encryption technology can be divided into? (Multiple Choice)

A. Data encryption

B. Fingerprint encryption

C. Asymmetric encryption

D. Symmetric encryption

正解：C,D 解答を投票する

出題：12

On Huawei USG series devices, the administrator wants to erase the configuration file. Which of the following commands is correct?

A. reset running-configuration

B. reset saved-configuration

C. clear saved-configuration

D. reset current-configuration

正解：B 解答を投票する

出題：13

In the USG series firewall system view, the device configuration will be restored to the default configuration after the reset saved-configuration command is executed. No other operations are required.

A. True

B. False

正解：B 解答を投票する

出題：14

Which of the following protocols can guarantee the confidentiality of data transmission? (Multiple Choice)

A. Telnet

B. HTTPS

C. FTP

D. SSH

正解：B,D 解答を投票する

出題：15

Which of the following guarantees "should detect and protect spam at critical network nodes and maintain upgrades and updates of the spam protection mechanism" in security 2.0?

A. Border protection

B. Centralized control

C. Malicious code prevention

D. Communication transmission

正解：C 解答を投票する

出題：16

In the digital signature process, which of the following is the HASH algorithm to verify the integrity of the data transmission?

A. Receiver private key

B. Receiver public key

C. User data

D. Symmetric key

正解：C 解答を投票する

出題：17

Which of the following behaviors is relatively safer when connecting to Wi-Fi in public places?

A. Connect encrypted free Wi-Fi for online transfer operations

B. Connect unencrypted free Wi-Fi for online shopping

C. Connect to the paid Wi-Fi hotspot provided by the operator and only browse the web

D. Connect Wi-Fi hotspots that are not encrypted

正解：C 解答を投票する

出題：18

After the firewall uses the hrp standby config enable command to enable the standby device configuration function, all the information that can be backed up can be directly configured on the standby device, and the configuration on the standby device can be synchronized to the active device.

A. True

B. False

正解：A 解答を投票する

H12-711試験無料問題集「Huawei HCIA-Security V3.0 認定」