[Aug-2021] Updated HCNA-Security H12-711-ENU Exam Questions BUNDLE PACK Master The Huawei Content H12-711-ENU EXAM DUMPS WITH GUARANTEED SUCCESS! NEW QUESTION 146 Which of the following description about the VGMP protocol is wrong? A. By default, when three HELLO packet cycle of Standby end does not receive HELLO packets which are sent from the opposite end, the opposite end will be considered a failure, [...]

All Products Contact now

[Aug-2021] Updated HCNA-Security H12-711-ENU Exam Questions BUNDLE PACK [Q146-Q163]

Share

[Aug-2021] Updated HCNA-Security H12-711-ENU Exam Questions BUNDLE PACK

Master The Huawei Content H12-711-ENU EXAM DUMPS WITH GUARANTEED SUCCESS!

NEW QUESTION 146
Which of the following description about the VGMP protocol is wrong?

  • A. By default, when three HELLO packet cycle of Standby end does not receive HELLO packets which are sent from the opposite end, the opposite end will be considered a failure, which will switch itself to the Active state
  • B. VGMP ensure that all VRRP backup groups state are the same through a unified control of the switching of each VRRP backup group state
  • C. VGMP add multiple VRRP backup groups on the same firewall to a management group, uniformly manage all the VRRP group by management group.
  • D. State of VGMP group is active, which will periodically send HELLO packets to the opposite end, Stdandby end only monitors the HELLO packets, which will not respond

Answer: D

 

NEW QUESTION 147
About the description of firewall active-standby, which of the following is correct? (Multiple Choice)

  • A. When a plurality of regions on the firewall need to provide dual-machine backup function, you need to configure multiple VRRP backup groups on the firewall.
  • B. The firewall active-standby requires the information such as the session table, MAC table, routing table and so on synchronous backup between primary devices and slave devices.
  • C. VGMP is to ensure all VRRP backup groups' consistency of switching
  • D. It requires the state of all the VRRP backup groups in the same VGMP management group on the same firewall should be consistent.

Answer: A,C,D

 

NEW QUESTION 148
Which of the following guarantees "should detect and protect spam at critical network nodes and maintain upgrades and updates of the spam protection mechanism" in security 2.0?

  • A. Communication transmission
  • B. Centralized control
  • C. Malicious code prevention
  • D. Border protection

Answer: C

 

NEW QUESTION 149
Which of the following is the default backup method for double hot standby?

  • A. Automatic backup
  • B. Session fast backup
  • C. Manual batch backup
  • D. Configuration of the active and standby FWs after the device is restarted

Answer: A

 

NEW QUESTION 150
Device destruction attacks are generally not easy to cause information leakage, but usually cause network communication services to be interrupted.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 151
Which of the following is the core part of the P2DR model?

  • A. Policy Strategy
  • B. Protection
  • C. Response
  • D. Detection

Answer: A

 

NEW QUESTION 152
Which of the following descriptions is wrong about IKE SA?

  • A. IKE SA is two-way
  • B. IKE is a UDP- based application layer protocol
  • C. IKE SA for IPSec SA services
  • D. The encryption algorithm used by user data packets is determined by IKE SA.

Answer: D

 

NEW QUESTION 153
On the USG series firewall, after the web redirection function is configured, the authentication page cannot be displayed. Which of the following is not the cause of the fault?

  • A. Web authentication is not enabled.
  • B. The browser SSL version does not match the SSL version of the firewall authentication page.
  • C. The port of service of authentication page is set to 8887
  • D. The authentication policy is not configured or the authentication policy is incorrectly configured.

Answer: C

 

NEW QUESTION 154
ASPF (Application Specific Packet Filter) is a packet filtering technology based on the application layer, and implements a special security mechanism through the server-map table.
Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)

  • A. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.
  • B. ASPF can dynamically create a server-map
  • C. ASPF monitors messages during communication
  • D. The quintuple server-map entry implements a similar function to the session table.

Answer: A,B,C

 

NEW QUESTION 155
When the session authentication mode is used to trigger the firewall's built-in Portal authentication, the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 156
Against Buffer overflow attacks, which description is correct? (Multiple choice)

  • A. buffer overflow attack is the most common method of attack software system's behaviors
  • B. buffer overflow attack belongs to the application layer attack behavior
  • C. Buffer overflow attack is use of the software system on memory operating defects, by using high operating permission to run attack code
  • D. Buffer overflow attack has nothing to do with operating system's vulnerabilities and architecture

Answer: A,B,C

 

NEW QUESTION 157
Which of the following information will be encrypted during the use of digital envelopes? (Multiple Choice)

  • A. User data
  • B. Receiver private key
  • C. Receiver public key
  • D. Symmetric key

Answer: A,D

 

NEW QUESTION 158
Which of the following is true about firewall security policies?

  • A. By default, the security policy can control unicast packets, broadcast packets, and multicast packets.
  • B. By default, the security policy can control unicast packets and broadcast packets.
  • C. By default, the security policy can control multicast.
  • D. By default, the security policy only controls unicast packets.

Answer: D

 

NEW QUESTION 159
For the process of forwarding the first packet of the session between firewall domains, there are the following steps:
1. find the routing table
2. find inter-domain packet filtering rules
3. find the session table
4. find the blacklist
Which of the following is the correct order?

  • A. 4->3->1->2
  • B. 1->3->2->4
  • C. 3->2->1->4
  • D. 3->4->1->2

Answer: D

 

NEW QUESTION 160
Which of the following description are correct about the security policy action and security configuration file? (Multiple Choice)

  • A. The security configuration file can be applied without being applied to the security policy allowed by the action.
  • B. If the action of the security policy is "prohibited", the device will discard this traffic and will not perform content security check later.
  • C. The security configuration file must be applied to the security policy that is allowed to take effect.
  • D. If the security policy action is "Allow", the traffic will not match the security configuration file.

Answer: B,C

 

NEW QUESTION 161
The European TCSEC Code is divided into two modules, Function and Evaluation, which are mainly used in the military, government and commercial fields.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 162
About the descriptions of windows Firewall Advanced Settings, which of the following is wrong? (Multiple choice)

  • A. When setting the pop-up rule, only the local port can be restricted, and the remote port cannot be restricted.
  • B. When setting the pop-up rule, both local ports and remote ports can be restricted.
  • C. When setting the stacking rule, only the local port can be restricted, and the remote port cannot be restricted.
  • D. When setting the stacking rule, both the local port and the remote port can be restricted.

Answer: B,D

 

NEW QUESTION 163
......

Pass Huawei H12-711-ENU Exam – Experts Are Here To Help You: https://www.guidetorrent.com/H12-711-ENU-pdf-free-download.html

Related Articles

more
Huawei H12-711-ENU Certification Practice Exam