Free H12-711_V4.0 Sample Questions and 100% Cover Real Exam Questions (Updated 94 Questions)
Download Real Huawei H12-711_V4.0 Exam Dumps Test Engine Exam Questions
NEW QUESTION 22
When the Layer 2 switch receives a unicast frame and the MAC address table entry of the switch is empty, the switch discards the unicast frame.
- A. TRUE
- B. FALSE
Answer: B
NEW QUESTION 23
The following description of the intrusion fire protection system IPS, which is correct?
- A. The IPS cannot prevent intrusion from occurring in real time.
- B. The port IPS can be concatenated at the network boundary.
- C. Oral IPS has the ability to customize intrusion prevention rules.
- D. The port IPS can be attached to the switch and port mirrored through the switch.
Answer: B,C,D
NEW QUESTION 24
The shard cache technology will wait for the arrival of the first shard packet, and then reassemble and decrypt all the packets, and then do subsequent processing by the device to ensure that the session can proceed normally in some application scenarios.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 25
Which of the following is not an encryption algorithm in a VPN?
- A. The RIP
- B. 3DES
- C. DES
- D. AES
Answer: A
NEW QUESTION 26
ARP man-in-the-middle attacks are a type of spoofing attack technique.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 27
In the authentication policy of the firewall, _____ allows the user to not need to enter the user name and password, but can obtain the corresponding relationship between the user and the IP, so as to carry out policy management based on the user[fill in the blank]*
- A. Certification
- B. Certification-free
Answer: B
NEW QUESTION 28
The following description of IDS, which items are correct
The IDS cannot be linked to the firewall.
- A. The IDS can be upgraded flexibly and in a timely manner, and the strategic configuration operation is convenient and flexible.
- B. With IDS, system administrators can capture traffic from critical nodes and do intelligent analysis to find anomalous and suspicious network behavior and report it to administrators.
- C. Mouth IDS is a fine-grained detection device, through which the live network can be monitored more accurately.
Answer: A,B,C
NEW QUESTION 29
Which of the following are the backup items that HRP can provide?
- A. Mouth Server-map table entry
- B. Port TCP session table
- C. Mouth ARP table entry
- D. Mouth No-PAT table entry
Answer: A,B,C,D
NEW QUESTION 30
The keys used by the IPSec encryption and authentication algorithms can be configured manually or dynamically negotiated via the ____ protocol. (abbreviation, all uppercase).
- A. IKB
- B. IKE
Answer: B
NEW QUESTION 31
As shown in the figure, the process of AD single sign-on (querying the security log mode of AD server), please match the corresponding operation process.

Answer:
Explanation:
NEW QUESTION 32
Which of the following is not a type of Windows log event?
- A. Error
- B. Warning
- C. Information
- D. Debugging
Answer: A
NEW QUESTION 33
Drag the warning level of the network security emergency response on the left into the box on the right, and arrange it from top to bottom in order of severity.[fill in the blank]*
- A. 0
- B. 1
Answer: A
NEW QUESTION 34
IPSec VPN uses an asymmetric algorithm to calculate the ___ key to encrypt data packets.[fill in the blank]
- A. TRUE
- B. symmetry
Answer: B
NEW QUESTION 35
Which of the following descriptions about the main implementation of single sign-on is wrong? ( )[Multiple choice]*
- A. Accept PC message mode
- B. Query the AD server security log mode
- C. Firewall monitors AD authentication packets
- D. Query the syslog server mode
Answer: D
NEW QUESTION 36
Which of the following is not an advantage of symmetric encryption algorithms?
- A. Good scalability
- B. Low overhead
- C. High efficiency
- D. Suitable for encrypting large amounts of data
Answer: A
NEW QUESTION 37
Match each of the following application layer service protocols with the correct transport layer protocols and port numbers.
Answer:
Explanation:
NEW QUESTION 38
Which of the following characteristics does a denial-of-service attack include?
- A. Unauthorized activation of the mouth
- B. Unauthorized tampering of the mouth
- C. Unauthorized access to the mouth
- D. Unauthorized destruction of the mouth
Answer: A,B,C,D
NEW QUESTION 39
_____ Authentication is to configure user information (including local user's user name, password and various attributes) on the network access server. The advantage is that it is fast.[fill in the blank]*
- A. total authentication
- B. local authentication
Answer: B
NEW QUESTION 40
Both digital envelopes and digital signatures guarantee data security and verify the origin of data.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 41
An engineer needs to back up the firewall configuration. Now he wants to use a command to view all the current configurations of the firewall. May I ask the command he uses is ____[fill in the blank]*
- A. current-configuration
- B. display current-configuration
Answer: B
NEW QUESTION 42
Please match the following information security risks to information security incidents one by one.[fill in the blank]* physical security risk Enterprise server permissions are loosely set Information Security Management Risk Infected Panda Burning Incense Information Access Risk Fire destroyed equipment in computer room application risk Talk to people about leaking company secrets
- A. 0
- B. 1
Answer: B
NEW QUESTION 43
What is the protocol number of the GRE protocol?
- A. 0
- B. The 50th
- C. 1
- D. 2
Answer: C
NEW QUESTION 44
The following description of digital certificates, which one is wrong
- A. The simplest certificate consists of a public key, a name, and a digital signature from a certificate authority.
- B. In general, the key of a digital certificate has an expiration date.
- C. Digital certificates contain the owner's public key and related identity information.
- D. Digital certificates do not solve the problem of digital signature technology where the public key cannot be determined to be the designated owner.
Answer: D
NEW QUESTION 45
As shown in the figure, nat server global202.106.1.1 inside10.10.1.1 is configured on the firewall. Which of the following is the correct configuration for interzone rules? ( )[Multiple choice]*
- A. rule name d, source- zone untrust. destination- zone trust. destination- address10.l0.1.1 32, action permit
- B. rule name b, source- zone untrust, destination- zone trust, source- address10.10.1.1 32, action permit
- C. rule name c. source-zone untrust. destination-zone trust. destination-address 202.106.1.132, action permit
- D. rule name b, source-zone untrust, destination-zone trust, source-address202.106.l.1 32, action permit
Answer: A
NEW QUESTION 46
......
New H12-711_V4.0 exam dumps Use Updated Huawei Exam: https://www.testpassed.com/H12-711_V4.0-still-valid-exam.html
Verified H12-711_V4.0 Dumps Q&As - H12-711_V4.0 Test Engine with Correct Answers: https://drive.google.com/open?id=1ArUUZOHB2hudpeUkhgcEwiWP8WTs4t73