Free H12-711 Braindumps Download Updated on Jan 19, 2022 with 290 Questions
Huawei H12-711 Exam Practice Test Questions
NEW QUESTION 167
Regarding the firewall security policy, which of the following options is wrong?
- A. Huawei's USG series firewalls cannot have more than 128 security policy entries.
- B. If the security policy is permit, the discarded message will not accumulate the number of hits.
- C. When configuring the security policy name, you cannot reuse the same name
- D. Adjust the order of security policies with immediate effect, no need to save the configuration file.
Answer: B
NEW QUESTION 168
As shown, when configuring the point-to-multipoint scenarios, the headquarters network segment is
10.1.1.0/24, the segment of branch 1 is 10.1.2.0/24, of branch 2 is 10.1.3.0/24.
About the protected data flow configuration which defined by headquarters and branch offices, which of the following combinations can be the full matched requirements?
- A. 1 2 4 6
- B. 3 4 5 6
- C. 1 2
- D. 1 2 3 5
Answer: D
NEW QUESTION 169
Which of the following options are supported by VPN technology to encrypt data messages? (Multiple choice)
- A. L2TP VPN
- B. GRE VPN
- C. SSL VPN
- D. IPSec VPN
Answer: C,D
NEW QUESTION 170
Which of the following is the analysis layer device in the Huawei SDSec solution?
- A. Agile Controller
- B. CIS
- C. Firehunter
- D. switch
Answer: C
NEW QUESTION 171
Under the tunnel encapsulation mode. IPSec configuration does not need to have a route to thedestination private network segment, because the data will be re-encapsulated using the new IP header to find the routing table.
- A. True
- B. False
Answer: B
NEW QUESTION 172
Using a computer to store information about criminal activity is not a computer crime.
- A. True
- B. False
Answer: B
NEW QUESTION 173
Which of the following are correct about configuring the firewall security zone?(Multiple Choice)
- A. Firewall can have 12 security zones at most.
- B. The firewall has four security zones by default, and the four security zone priorities do not support modification.
- C. The firewall can create two security zones of the same priority
- D. When data flows between different security zones, the device security check is triggered and the corresponding security policy is implemented
Answer: B,D
NEW QUESTION 174
To implement the " anti-virus function " in the security policy, you must perform a License activation
- A. True
- B. False
Answer: A
NEW QUESTION 175
If the administrator uses 'he default authentication domain to authenticate a user, you onlyneed to enter a user name when the user logs, if administrators use the newly created authentication domain to authenticate the user, the user will need to enter login "username @ Certified domain name"
- A. True
- B. False
Answer: A
NEW QUESTION 176
Antivirus software and host firewall have the same effect
- A. True
- B. False
Answer: B
NEW QUESTION 177
Which of the following description are correct about the security policy action and security configuration file? (Multiple Choice)
- A. If the action of the security policy is "prohibited", the device will discard this traffic and will not perform content security check later.
- B. If the security policy action is "Allow", the traffic will not match the security configuration file.
- C. The security configuration file must be applied to the security policy that is allowed to take effect.
- D. The security configuration file can be applied without being applied to the security policy allowed by the action.
Answer: A,C
NEW QUESTION 178
Which of the following guarantees "should detect and protect spam at critical network nodes and maintain upgrades and updates of the spam protection mechanism" in security 2.0?
- A. Centralized control
- B. Communication transmission
- C. Border protection
- D. Malicious code prevention
Answer: D
NEW QUESTION 179
In the VRRP (Virtual Router Redundancy Protocol) group, the primary firewall periodically sends advertisement packets to the backup firewall. The backup firewall is only responsible for monitoring advertisement packets and will not respond.
- A. True
- B. False
Answer: A
NEW QUESTION 180
Execute the command on the firewall and display the following information, which of the following description is correct? (Multiple Choice) HRP_A [USG_A] display vrrp interfaceGigabitEthernet 0/0/1 \ GigabitEthernet9/0/1 | Virtual Router 1VRRP Group: Active state: Active Virtual IP: 202.38.10.1 Virtual MAC: 0000-5e00-0101 Primary IP: 202 38.10.2 PriorityRun: 100 PriorityConfig: 100 MasterPriority: 100 Preempt: YES Delay Time: 10
- A. This firewall VRID is 1 the VRRP priority to backup g'oup 100
- B. This firewall G1 / 0/1 virtual interface IP address 202.30.10.2
- C. The status of this firewall VGMP group is Active.
- D. Will not switch when the primary device fails
Answer: A,C
NEW QUESTION 181
Which of the following is the encryption technology used by digital envelopes?
- A. Asymmetric encryption algorithm
- B. Stream encryption algorithm
- C. Symmetric encryption algorithm
- D. Hash algorithm
Answer: A
NEW QUESTION 182
For the process of forwarding the first packet of the session between firewall domains,there are the following steps:
1. find the routing table
2. find inter-domain packet filtering rules
3. find the session table
4. find the blacklist
Which of the following is the correct order?
- A. 3->2->1->4
- B. 1->3->2->4
- C. 3->4->1->2
- D. 4->3->1->2
Answer: C
NEW QUESTION 183
Which of the following is null a itjquiiemeiil fui (bewail duuble hul standby?
- A. The firewall hardware model is consistent
- B. The firewall software version is consistent
- C. The type and number of the interface used are the same
- D. The firewall interface has the same IP address.
Answer: D
NEW QUESTION 184
......
Updated Verified H12-711 dumps Q&As - Pass Guarantee or Full Refund: https://actualtests.torrentexam.com/H12-711-exam-latest-torrent.html
