Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors
  1. Home
  2. Huawei
  3. HCIA-Security
  4. H12-711_V3.0
  5. HCIA-Security V3.0 Questions and Answers
Note! The H12-711_V3.0 Exam is no longer available. Get in touch with our Live Chat or email us for more information about the H12-711_V4.0 Exam.

H12-711_V3.0 HCIA-Security V3.0 Questions and Answers

Questions 4

Which of the following types of encryption technology can be divided into? (multiple choice)

Options:

A.

Symmetric encryption

B.

Symmetric encryption

C.

fingerprint encryption

D.

data encryption

Buy Now
Questions 5

Social engineering is a means of harm such as deception, harm, etc. through psychological traps such as psychological weaknesses, instinctive reactions, curiosity, trust, and greed of victims ( )

Options:

A.

TURE

B.

False

Buy Now
Questions 6

Information security precautions include both management and technical measures. Which of the following measures is not a precautionary method for information security technology?

Options:

A.

Information security training for employees

B.

Scan the server for vulnerabilities

C.

Authenticate employees

D.

Turn on the anti-virus function on the firewall

Buy Now
Questions 7

Under normal circumstances, the terminal number used by the RADIUS server to provide accounting services is ( ). (fill in the blank)

Options:

Buy Now
Questions 8

Which of the following protocols cannot be encrypted by SSL VPN?

Options:

A.

HTTP

B.

UDP

C.

IP

D.

PPP

Buy Now
Questions 9

Evidence preservation is directly related to the legal effect of evidence. Which of the following is not an evidence preservation technique?

Options:

A.

Digital certificate technology

B.

Encryption Technology

C.

Data mining technology

D.

Digital Signature Technology

Buy Now
Questions 10

Please order the following steps in the PKI life cycle correctly, 1. Issued, 2. storage, 3. Update, 4. verify[fill in the blank]*

Options:

Buy Now
Questions 11

Which of the following NAT technologies is a destination NAT technology?

Options:

A.

Easy-ip

B.

NAT No-PAT

C.

NAPT

D.

NAT Server

Buy Now
Questions 12

When a network security incident occurs, investigate the intrusion behavior, virus or Trojan horse, and repair and strengthen the host. Which of the above actions belong to the work content of the network security emergency response?

Options:

A.

Recovery phase

B.

Detection stage

C.

Eradication stage

D.

Inhibition stage

Buy Now
Questions 13

When an access user uses Client-InitiatedVPN to establish a tunnel with the LNS, how many PPP connections can one tunnel carry?

Options:

A.

4

B.

1

C.

2

D.

3

Buy Now
Questions 14

( ) means that the computer system has defects and deficiencies in the specific matters of hardware, software, protocols or system security policies. (Chinese Standard Terminology) (fill in the blank)

Options:

Buy Now
Questions 15

The initial priority of the USG9500VGMP group is related to which of the following factors ( )? *

Options:

A.

interface bandwidth

B.

VRRP priority

C.

Number of daughter cards on the interface board

D.

The number of CPUs on the D service board

Buy Now
Questions 16

In symmetric encryption algorithms, the algorithm is generally used on data communication channels, browsers or network links (). (fill in the blank)

Options:

Buy Now
Questions 17

Which of the following descriptions about the heartbeat interface is wrong ( )?[Multiple choice]*

Options:

A.

It is recommended to configure at least two heartbeat interfaces. - One heartbeat interface is used as the master, and the other heartbeat interface is used as the backup.

B.

The interface MTU value is greater than 1500 and cannot be used as a heartbeat interface

C.

The connection method of the heartbeat interface can be directly connected, or it can be connected through a switch or router

D.

MGMT interface (Gigabi tEtherneto/0/0) cannot be used as heartbeat interface

Buy Now
Questions 18

As shown in the figure below, the internal user online scene of the enterprise is as follows. The user online process includes:

1. certified,USGallow connection

2. User accessinternetenterhttps://1.1.1.1 3. USGPush authentication interface

4. User successfully accessedhttps://1.1.1.1 ,device creationsessionsurface5 User enters correct username and password

The following correct sequence of processes should:

H12-711_V3.0 Question 18

Options:

A.

2->5->3->1->4

B.

2->3->5->1->4

C.

2->1->3->5->4

D.

2->3->1->5->4

Buy Now
Questions 19

Servers are classified by form factor, which of the following types can be classified? (multiple choice)

Options:

A.

blade server

B.

tower server

C.

rack server

D.

x86server

Buy Now
Questions 20

On the surface, threats such as viruses, loopholes, and Trojan horses are the causes of information security incidents, but at the root, information security incidents are also closely related to people and the information system itself.

Options:

A.

True

B.

False

Buy Now
Questions 21

existUSGConfigure on the system firewallNAT Server, will produceserver-mapTable, which of the following is not part of this representation?

Options:

A.

PurposeIP

B.

destination port number

C.

agreement number

D.

sourceIP

Buy Now
Questions 22

Which of the following options can bewindowsDo you do it in the advanced settings of the firewall? (multiple choice)

Options:

A.

Restore defaults

B.

Change notification rules

C.

Set up connection security rules

D.

Set up inbound and outbound rules

Buy Now
Questions 23

Which of the following are the basic functions of antivirus software? (multiple choice)

Options:

A.

virus protection

B.

Find viruses

C.

remove virus

D.

replication virus

Buy Now
Questions 24

aboutPKIOrdering of work processes, which of the following is correct?

H12-711_V3.0 Question 24

Options:

A.

1-2-6-5-7-4-3-8

B.

1-2-7-6-5-4-3-8

C.

6-5-4-1-2-7-3-8

D.

6-5-4-3-1-2-7-8

Buy Now
Questions 25

Regarding the description of the firewall security zone and interface relationship, which of the following options is correct? (multiple choice)

Options:

A.

The firewall allows the same physical interface to belong to two different security zones (sub-interfaces are not considered)

B.

There are two security zones with exactly the same security level in the firewall

C.

Different interfaces of the firewall can belong to different security zones

D.

Different interfaces of the firewall can belong to the same security zone

Buy Now
Questions 26

When we use digital signature technology, the receiver needs to use the sender's ( ) to unlock the digital signature to get the digital fingerprint. (fill in the blank)

Options:

Buy Now
Questions 27

Understanding engineering principles belongs to ( ) the category of security awareness training in information security prevention. (fill in the blank)

Options:

Buy Now
Questions 28

Because NAT technology can realize one-to-many address translation. So with NAT technology, there is no need to worry about insufficient IPv4 addresses.

Options:

A.

True

B.

False

Buy Now
Questions 29

Compared with IPSec VPN, ( ) has the advantage of good compatibility and can encapsulate IPX, multicast packets, etc., and is widely used. (fill in the blank)

Options:

Buy Now
Questions 30

Which of the following security measures does the monitor correspond to?

Options:

A.

Intrusion Detection System

B.

Encrypted VPN

C.

Access control system

D.

Firewall

Buy Now
Questions 31

What are the correct options for the following description of the basic concepts of LDAP?

Options:

A.

Directory Information Tree DIT: A collection of attributes constitutes a Directory Information Tree.

B.

Unique identifier DN, the name that uniquely identifies an entry in a directory information tree

C.

Relative Distinguished Name RDN, the name of the entry, uniquely identifies child entries of the same parent entry

D.

Attribute: The attribute describes the characteristics of the object. An attribute consists of an attribute type and one or more attribute values.

Buy Now
Questions 32

Which of the following security threats are terminal security threats? (multiple choice)

Options:

A.

man-in-the-middle attack

B.

There is a vulnerability in the server

C.

User identity is not verified

D.

Users use weak passwords

Buy Now
Questions 33

Man-in-the-middle attacks are data security threats.

Options:

A.

True

B.

False

Buy Now
Questions 34

aboutClient-Initiated VPN, which of the following statements is true? (multiple choice)

Options:

A.

each access user andLNSestablish a tunnel between

B.

Each tunnel carries only oneL2TPsession andPPPconnect

C.

Each tunnel carries multipleL2TPsession andPPPconnect

D.

Each tunnel carries multipleL2TPsession and aPPPconnect

Buy Now
Questions 35

Common scanning attacks include: port scanning tools, vulnerability scanning tools, application scanning tools and database scanning tools, etc.

Options:

A.

True

B.

False

Buy Now
Questions 36

Which of the following is not a symmetric encryption algorithm?

Options:

A.

DES

B.

3DES

C.

AES

D.

RSA

Buy Now
Questions 37

Which of the following optionsVPNDoes technical support encrypt data packets? (multiple choice)

Options:

A.

SSL VPN

B.

GRE VPN

C.

IPSec VPN

D.

L2TP VPN

Buy Now
Questions 38

existL2TPconfiguration, for the commandTunnel Name, which of the following statements is true? (multiple choice)

Options:

A.

Used to specify the tunnel name of the local end

B.

Used to specify the tunnel name of the peer

C.

both endsTunnel Nnamemust be consistent

D.

If not configuredTunnel Name, the tunnel name is the local system name

Buy Now
Questions 39

aboutSSL VPNdescription, which of the following is correct?

Options:

A.

Can be used without a client

B.

yesIPlayer to encrypt

C.

existNATcrossing problem

D.

No authentication required

Buy Now
Questions 40

about Internet users andVPNIn the description of access user authentication, which of the following is false?

Options:

A.

Internet users andVPNAccess to user shared data, user attribute check (user status, account expiration time, etc.)

VPNAccess takes effect

B.

The process of online users using local authentication or server authentication is basically the same. Both users are authenticated through the authentication domain, and the user triggering method is also the same.

C.

VPNAfter users access the network, they can access the network resources of the enterprise headquarters, and the firewall can control the network resources that can be accessed based on the user name

D.

VPNAfter the access user is authenticated, it will go online in the user online list at the same time

Buy Now
Questions 41

Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security? (multiple choice)

Options:

A.

Vulnerability Scanning Device

B.

firewall

C.

Anti-DDoSequipment

D.

IPS/IDSequipment

Buy Now
Questions 42

useiptablesWrite a rule that doesn't allow172.16.0.0/16Which of the following rules is correct?

Options:

A.

iptables -t fielter -A INPUT -s 172.16.0.0/16 -p all -j DROP

B.

iptables -t fielter -P INPUT -s 172.16.0.0/16 -p all -j DROP

C.

iptables -t fielter -P INPUT -s 172.16.0.0/16 -p all -j ACCEPT

D.

iptables -t fielter -P INPUT -d 172.16.0.0/16 -p all -j ACCEPT

Buy Now
Questions 43

IPSec VPNAn asymmetric encryption algorithm is used to encrypt the transmitted data

Options:

A.

True

B.

False

Buy Now
Questions 44

HuaweiUSGfirewallVRRPThe advertisement packets are multicast packets, so each firewall in the backup group must be able to communicate directly at Layer 2.

Options:

A.

True

B.

False

Buy Now
Questions 45

Which of the following statements are true about port mirroring? (multiple choice)

Options:

A.

The mirror port replicates the packets to the observing port

B.

The observing port sends the received packets to the monitoring device

C.

The mirror port sends the received packets to the monitoring device

D.

The observing port replicates the packets to the mirroring port

Buy Now
Questions 46

Which of the following configurations can achieveNAT ALGFeatures?

Options:

A.

nat alg protocol

B.

alg protocol

C.

nat protocol

D.

detect protocol

Buy Now
Questions 47

About the rootCACertificate, which of the following descriptions is incorrect?

Options:

A.

Issuer isCA

B.

The certificate subject name isCA

C.

public key information isCA's public key

D.

signature isCAgenerated by public key encryption

Buy Now
Questions 48

Which of the following options belongs to Tier 2VPNTechnology?

Options:

A.

SSL VPN

B.

L2TP VPN

C.

GRE VPN

D.

IPSec VPN

Buy Now
Questions 49

Which of the following statements about Internet user management is false?

Options:

A.

Each user group can include multiple users and user groups

B.

Each user group can belong to multiple parent user groups

C.

The system has one by defaultdefaultUser group, which is also the system default authentication domain

D.

Each user belongs to at least one user group and can also belong to multiple user groups

Buy Now
Questions 50

Which of the following options is correct regarding the description of firewall hot standby? (multiple choice)

Options:

A.

When the dual-system backup function needs to be provided in multiple areas on the firewall, it is necessary to configure multipleVRRPbackup group

B.

require the same firewall on the sameVGMPmanagement group ownedVRRPBackup group status remains consistent

C.

Firewall dual-system hot backup requires session table,MACInformation such as tables and routing tables are synchronized and backed up between the master device and the slave device

D.

VGMPto guarantee allVRRPConsistency of backup group switching

Buy Now
Questions 51

Network administrators can collect data to be analyzed on network devices through packet capture, port mirroring, or logs

Options:

A.

True

B.

False

Buy Now
Questions 52

Which of the following is an action to be taken during the eradication phase in a cybersecurity emergency response? (multiple choice)

Options:

A.

Find Trojan horses, illegal authorizations, and system loopholes, and deal with them in a timely manner

B.

Revise security policies based on security incidents that occur, enable security auditing

C.

Block the behavior of the attack and reduce the impact

D.

Confirm the degree of damage caused by the security incident and report the security incident

Buy Now
Questions 53

Which of the following categories are included in Huawei Firewall User Management? (multiple choice)

Options:

A.

Internet user management

B.

Access user management

C.

Admin user management

D.

Device user management

Buy Now
Questions 54

Which of the following is true about the difference between pre-incident prevention strategies and post-incident recovery strategies? (multiple choice)

Options:

A.

Prevention strategies focus on minimizing the likelihood of an accident before a story occurs. Recovery strategies focus on minimizing the impact and damage to the business after an incident

B.

The role of pre-disaster prevention strategies does not include minimizing economic and reputational losses caused by accidents

C.

Recovery strategies are used to improve business high availability

D.

A recovery strategy is part of a business continuity plan

Buy Now
Questions 55

The SSL VPN routing mode determines the routing of the packets sent by the client. In the ______ mode, no matter what resource is accessed, the data will be intercepted by the virtual network card and forwarded to the virtual gateway for processing.[fill in the blank]*

Options:

Buy Now
Questions 56

Based on the HiSec solution, please drag the device on the left into the logical architecture layer on the right.[fill in the blank]

H12-711_V3.0 Question 56

Options:

Buy Now
Questions 57

Which of the following is not the business scope of the National Internet Emergency Response Center?

Options:

A.

Emergency handling of security incidents

B.

Warning and notification of security incidents

C.

Provide security evaluation services for government departments, enterprises and institutions

D.

Cooperate with other institutions to provide training services

Buy Now
Questions 58

Which of the following statements is true about business continuity plans? (multiple choice)

Options:

A.

The business continuity plan does not require senior company involvement during the scoping phase of the project

B.

Because all possible accidents cannot be predicted,BCPFlexibility is required

C.

The business continuity plan does not require senior company involvement until it is formally documented

D.

Not all security incidents must be reported to company executives

Buy Now
Questions 59

Gratuitous ARP can be used to detect whether the ______ address conflicts, and it can also refresh the switch MAC address table.[fill in the blank]*

Options:

Buy Now
Questions 60

UDPA port scan is when an attacker sends a zero byte lengthUDPmessage to a specific port of the target host, if the port is open, it will return aICMPPort reachable data packets.

Options:

A.

True

B.

False

Buy Now
Questions 61

Control actions of firewall inter-domain forwarding security policypermitanddeny, which of the following options are correct? (multiple choice)

Options:

A.

The actions of the firewall's default security policy are:deny

B.

The packet matches the interzone security policydenyThe packet is discarded immediately after the action, and other interzone security policies will not continue to be executed.

C.

Even if the packet matches the security policypermitaction, and may not necessarily be forwarded by the firewall

D.

Whether the packet matches the security policypermitaction, ordenyaction, will go toUTMmodule handling

Buy Now
Questions 62

If internal employees access the Internet through the firewall and find that they cannot connect to the Internet normally, what command can be used on the firewall to check the interface state security zone, security policy and routing table troubleshooting? (Write out any one of the viewing commands, requiring: the words on the command line must be complete and correct to score, and cannot be omitted or abbreviated)[fill in the blank]*

Options:

Buy Now
Questions 63

When configuring user single sign-on, if you use the mode of querying the AD server security log, please check the followingcertifiedProcedureEnterRow ordering:[fill in the blank]*

The AD monitor forwards the user login message to F7, and the user goes online at F7.

AD monitor through the WMI interface provided by AD server. Connect to the AD server to query the security log. Get the user login message.

accessboardrecord AD domain, AD servicedevicerecorduseHouseholdsuperiorStringinformation into the security log.

The AD monitor starts from the time when the AD single sign-on service starts, and regularly queries the security logs generated on the AD server.

Options:

Buy Now
Questions 64

RFC (Request For Comment) 1918 reserves 3 IP addresses for private use, namely 10.0.0.0-10.255.255.255, ______, 192.168.0.0-192.168.255.255[fill in the blank]*

Options:

Buy Now
Questions 65

If there is a practical change in the company structure, it is necessary to re-test whether the business continuity plan is feasible

Options:

A.

True

B.

False

Buy Now
Questions 66

If users from the external network (where the security zone is Untrust) are allowed to access the intranet server (where the security zone is DMZ), the destination security zone selected when configuring the security policy is ______.[fill in the blank]*

Options:

Buy Now
Questions 67

Which of the following options is NOTwindowsOS log type?

Options:

A.

business log

B.

application log

C.

Security log

D.

System log

Buy Now
Questions 68

Which of the following options belong to international organizations related to the standardization of information security? (multiple choice)

Options:

A.

International Organization for Standardization(ISO)International Organization for Standardization

B.

International Electrotechnical Commission(IEC) International Electrotechnical Commission

C.

International Telecommunication Union(ITU)ITU

D.

Wi-Fi Alliance Wi-Fialliance organization

Buy Now
Questions 69

About intrusion prevention systems (IPS), which of the following is false?

Options:

A.

IDSThe device needs to be linked with the firewall to block intrusion

B.

IPSThe device cannot be deployed in bypass mode in the network

C.

IPSDevices can be connected in series at the network boundary and deployed online

D.

IPSOnce the device detects intrusion behavior, it can achieve real-time blocking

Buy Now
Questions 70

Which of the following descriptions about digital fingerprints in digital signatures is wrong?

Options:

A.

The receiver needs to use the sender's public key to unlock the digital signature to obtain the digital fingerprint.

B.

It is the data obtained by the sender after calculating the plaintext information through the HASH algorithm.

C.

The receiver will use the sender's public key to calculate the generated data fingerprint and compare it with the received digital fingerprint.

D.

Digital fingerprints are also known as information digests.

Buy Now
Questions 71

Which of the following items belong to the information security prevention method in the dimension of operation and maintenance management?

Options:

A.

Disaster recovery

B.

Safe operation

C.

The training of enterprise employees' safety awareness

D.

Emergency Response

Buy Now
Questions 72

Which of the following statements about electronic evidence sources is false?

Options:

A.

Facsimile data and mobile phone recordings are electronic evidence related to communication technology.

B.

Movies and TV series are electronic evidence related to network technology.

C.

Database operation records and operating system logs are electronic evidence related to computers•

D.

OS logs,e-mail, chat records can be used as a source of electronic evidence

Buy Now
Questions 73

Which of the following descriptions about dual-system hot backup is wrong? ( )[Multiple choice]*

Options:

A.

By default the preemption delay is 60s

B.

Whether it is a Layer 2 or Layer 3 interface, whether it is a service interface or a heartbeat interface, it needs to be added to a security zone

C.

By default, the active preemption function is enabled

D.

Dual-system hot backup function requires license support

Buy Now
Exam Code: H12-711_V3.0
Exam Name: HCIA-Security V3.0
Last Update: Dec 1, 2023
Questions: 492
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 21 Nov 2024