HUAWEI H12-711 Free Practice Questions

NEW QUESTION 1
Which of the following is not the scope of business of the National Internet Emergency Center?

• A. Emergency handling of security incidents
• B. Early warning rotification of security incidents
• C. Providing security evaluation services for government departments, enterprises and institutions
• D. Cooperate with other agencies to provide training services

Answer: D

NEW QUESTION 2
The repair of anti-virus software only needs to be able to repair some system files that were accidentally deleted when killing the virus to prevent the system from crashing

• A. True
• B. False

Answer: A

NEW QUESTION 3
NAPT technology can implement a public network IP address for multiple private network hosts

• A. True
• B. False

Answer: A

NEW QUESTION 4
There ere various security threats in the use of the server. Which of the following options is not a server securitythreat?

• A. Natural disasters
• B. DDos attack
• C. Hacking
• D. Malicious programs

Answer: A

NEW QUESTION 5
Winch of the following is the encryption technology used in digital envelopes?

• A. Symmetric encryption algorithm
• B. Asymmetric encryption algorithm

Answer: B

NEW QUESTION 6
Which of the following is true about firewall security policies?

• A. By default, the security policy can control unicast packets andbroadcast packets.
• B. By default, the security policy can control multicast.
• C. By default, the security policy only controls unicast packets.
• D. By default, the security policy can control unicast packets, broadcast packets, and multicast packets.

Answer: C

NEW QUESTION 7
In the construction of information security system, the security model is needed to accurately describe the relationship between important aspects of security and system behavior

• A. True
• B. False

Answer: B

NEW QUESTION 8
Which of the following statement about the L2TP VPN ofClient-initialized is wrong?

• A. After the remote user access to internet, can initiate L2TP tunneling request to the remote LNS directly through the client software
• B. LNS device receives user L2TPconnection request, can verify based on user name and password.
• C. LNS assign a private IP address for remote users
• D. remote users do not need to install VPN client software

Answer: D

NEW QUESTION 9
Against Buffer overflow attacks, which description is correct?(Multiple choice)

• A. Buffer overflow attack is use of the software system on memory operating defects, by using high operating permission to run attack code
• B. Buffer overflow attack has nothing to do with operating system's vulnerabilities and architecture
• C. Buffer overflow attack is the most common method of attack software system's behaviors
• D. Buffer overflow attack belongs to the application layer attack behavior

Answer: ACD

NEW QUESTION 10
Digital certificates can be divided into local certificates, CA certificates, root certificates, and self-signed certificates according to different usage scenarios

• A. True
• B. False

Answer: A

NEW QUESTION 11
On the USG series firewalls, the default security policy does not support modification

• A. True
• B. False

Answer: B

NEW QUESTION 12
The preservation of electronicevidence is directly related to the legal effect of evidence, and it is in conformity with the preservation of legal procedures, and its authenticity and reliability are guaranteed. Which of the following is not an evidence preservation technique?

• A. Encryption technology
• B. Digital certificate technology
• C. Digital signature technology
• D. Packet tag tracking technology

Answer: D

NEW QUESTION 13
Which ofthe following is the username / password for the first login ofthe USG series firewall?

• A. Username admin, password Admin@123
• B. User name admin, password admin@123
• C. User name admin, password admin
• D. User name admin, password Admin123

Answer: A

NEW QUESTION 14
Which of the following are parts of the PKI architecture? (Multiple Choice)

• A. End entity
• B. Certification Authority
• C. Certificate Registration Authority
• D. Certificate Storage organization

Answer: ABCD

NEW QUESTION 15
Which of the following is the GRE protocol number?

• A. 46
• B. 47
• C. 89
• D. 50

Answer: B

NEW QUESTION 16
Which of the following options can be used in the advanced settings of windows firewall? (Multiple Choices)

• A. Restore defaults
• B. Change notification rules
• C. Set connection security rules
• D. Set out inbound rules

Answer: ABCD

NEW QUESTION 17
Apply for emergency response special funds, which stage work content does procurement emergency responsesoftware and hardware equipment belong to in the network full emergency response?

• A. Preparation stage
• B. Inhibition phase
• C. Response phase
• D. Recovery phase

Answer: A

NEW QUESTION 18
Which of the following statement is wrong about NAT?

• A. Configure a NAT address poolin the source NAT technolog
• B. You can configure only one IP address in the address pool.
• C. Address Translation can follow the needs of users, providing FT
• D. WWW, Telnet and other servicesoutside the LAN
• E. Some application layer protocols carry IP address information in the data, but also to modify the data in the upper layer of the IP address information when they make NAT
• F. For some non-TC
• G. UDP protocols (such as ICM
• H. PPTP), unable to do NAT.

Answer: D

NEW QUESTION 19
Classify servers based on the shape, what types of the following can be divided into? (Multiple choice)

• A. Blade sen/er
• B. Tower server
• C. Rack server
• D. X86 server

Answer: ABC

NEW QUESTION 20
Which of thefollowing are the default security zones of Huawei firewall? (Multiple Choice)

• A. Zone area
• B. Trust area
• C. Untrust area
• D. Security area

Answer: BC

NEW QUESTION 21
Which ofthe following are the standard port numbers for the FTP protocol? (Multiple choice)

• A. 20
• B. 21
• C. 23
• D. 80

Answer: AB

NEW QUESTION 22
Against IP Spoofing,which of the following description is wrong?

• A. IP spoofing is to use the hosts' normal trust relationship based on the IP address to launch it
• B. Af-.er IP spoofing attack is successful, the attacker can use forged any IP address to imitate legitimate hast to access to critical information
• C. An attacker would need to cisguise the source IP addresses as trusted hosts, and send the data segment with the SYN flag request for connection

Answer: B

NEW QUESTION 23
Which of the following is the port number used by L2TP packets?

• A. 17
• B. 500
• C. 1701
• D. 4500

Answer: C

NEW QUESTION 24
Which of the following options are suppoied by VPNtechnology to encrypt data messages? (Multiple choice)

• A. SSL VPN
• B. GRE VPN
• C. IPSec VPN
• D. L2TP VPN

Answer: AC

NEW QUESTION 25
Which of the following attacks is not a malformed message attack?

• A. Teardrop attack
• B. Smurf attack
• C. TCP fragment attack
• D. ICMP unreachable packet attack

Answer: D

NEW QUESTION 26
Which of the following types of attacks does the DDoS attack belong to?

• A. Snooping scanning attack
• B. Malformed packet attack
• C. Special message attack
• D. Traffic attack

Answer: D

NEW QUESTION 27
Which cf the following is correct about the description of SSL VPN?

• A. Can be used without a client
• B. may IPencrypt layer
• C. There is a NAT traversal problem
• D. No authentication required

Answer: A

NEW QUESTION 28
Which of the following are the necessary configurations of IPSec VPN? (Multiple Choice)

• A. Configuring IKE neighbors
• B. Configure IKE SA related parameters
• C. Configuring IPSec SA related parameters
• D. Configure the stream of interest

Answer: ABCD

NEW QUESTION 29
Which types of encryption technology can be divided into? (Multiple Choice)

• A. Symmetric encryption
• B. Asymmetric encryption
• C. Fingerprint encryption
• D. Data encryption

Answer: AB

NEW QUESTION 30
......