• Home
  • Articles
  • NEW 2021 Certification Sample Questions H12-711 Dumps & Practice Exam [Q24-Q42]

NEW 2021 Certification Sample Questions H12-711 Dumps & Practice Exam [Q24-Q42]

Share

NEW 2021 Certification Sample Questions H12-711 Dumps & Practice Exam

H12-711 Deluxe Study Guide with Online Test Engine

NEW QUESTION 24
The administrator wants to create a web configuration administrator, and set the Https device management port number to 20000, and set the administrator to the administrator level, which of the following commands are correct?

  • A. Stepl: web-manager enable port 20000 Step2. AAA View [USG] aaa [USG aaa] manager-user clientO01 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] password cipher Admin@123
  • B. Stepl: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level
    1 [USG-aaa- manager-user-client001] password cipher Admin@123
  • C. Stepl: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa manager-user-client001] password cipher
  • D. Stepl: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level
    15 [USG-aaa- manager-user-client001] password cipher Admin@123

Answer: D

 

NEW QUESTION 25
Which of the following description is wrong aoout the intrusion detection system?

  • A. The intrusion detection system can perform blocking operation if it finds that there is a violation of the security policy or the system has traces of being attacked.
  • B. The intrusion detection system can dynamically collect a large amount of key information 3nd materials through the network and computer, and can timely analyze and judge the current state of the entire system environment.
  • C. Intrusion detection system includes all hardware and software systems for intrusion detection
  • D. The flood detection system can be linked with firewalls and switches to become a powerfu 'helper' of the firewall, which is better and more precise to control traffic access between domains.

Answer: C

 

NEW QUESTION 26
Which of the following descriptions is correct about port mirroring? (Multiple Choice)

  • A. The mirrored port sends the received packet to the monitoring device.
  • B. The observing port copies the packet to the mirrored port.
  • C. The observing port sends the received packet to the monitoring device.
  • D. The mirrored port copies the packet to the observing port.

Answer: C,D

 

NEW QUESTION 27
Which of the following does not include the steps of the safety assessment method?

  • A. Manual audit
  • B. Questionnaire survey
  • C. Penetration test
  • D. Data analysis

Answer: D

 

NEW QUESTION 28
ASPF (Application Specific Packet Filter) is a kind of packet filtering basedon the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol.
ASPF by Server Map table achieves a special security mechanism. Which statement about ASPF and Server map table are correct? (Multiple choice)

  • A. Quintupleserver-map entries achieve a similar functionality with session table
  • B. ASPF dynamically create and delete filtering rules
  • C. ASPF through server map table realize dynamic to allow multi-channel protocol data to pass
  • D. ASPF monitors the packets in the process of communication

Answer: B,C,D

 

NEW QUESTION 29
Antivirus software and host firewall have the same effect

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 30
Classify servers based on the shape, what types of the following can be divided into? (Multiple choice)

  • A. X86 server
  • B. Rack server
  • C. Blade sen/er
  • D. Tower server

Answer: B,C,D

 

NEW QUESTION 31
Which ofjhe following is the encryption technology used in digital envelopes?

  • A. Asymmetric encryption algorithm
  • B. Symmetric encryption algorithm
  • C. Hash algorithm
  • D. Streaming algorithm

Answer: A

 

NEW QUESTION 32
Which statement about NAT is wrong? (Choose two.)

  • A. NAT Outbound refers to conversion to the source IP address, NAT Inbound refers to conversion to the destination IP address
  • B. NAT technology can support multi-channel protocols such as FTP and other standard multi-channel protocol
  • C. Outbound direction NAT can support the following application modes: one-on-one, many-to-many and many-to-one
  • D. NAT Inbound command and NAT Server command have the same functions, can choose to configure according to personal preference

Answer: A,D

 

NEW QUESTION 33
About the description of firewall active-standby, which of the following is correct?(Multiple Choice)

  • A. It requires the state of all the VRRP backup groups in the same VGMP management group on the same firewall should be consistent.
  • B. VGMP is to ensureall VRRP backup groups' consistency of switching
  • C. When a plurality of regions on the firewall needs to provide dual-machine backup function, you need to configure multiple VRRP backup groups on the firewall.
  • D. The firewall active-standby requires the information such as the session table. MAC table, routing table and so on synchronous backup between primary devices and slave devices.

Answer: A,B,C

 

NEW QUESTION 34
ASPF (Application Specific Packet Filter) is apacket filtering technology based on the application layer, and implements a special security mechanism through the server-map table. Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)

  • A. ASPF can dynamically create a server-map
  • B. The quintuple server-map entry implements a similar function to the session table.
  • C. ASPF monitors messages during communication
  • D. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.

Answer: A,C,D

 

NEW QUESTION 35
Which of the following are in the certification area of ISO27001? (Multiple choice)

  • A. Personnel safety
  • B. Access control
  • C. Vulnerability management
  • D. Business continuity management

Answer: A,B,C,D

 

NEW QUESTION 36
Which of the following description about the group management for VGMP is wrong?

  • A. master/slave devices exchange packets to understand each other through the heartbeat line, and backup the related commands and status information
  • B. Master/slave status change of VRRP backup group needs to notify its VGMP management group
  • C. Periodically sends Hello packets between VGMP of master/slave firewall
  • D. Theinterface type and number of two firewalls heartbeat port may be different, as long as they can communicate with each other

Answer: D

 

NEW QUESTION 37
NAT technology can securely transmit data by encrypting data.

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 38
Which of the following is correct about firewall IPSec policy?

  • A. By default, IPSec policy can control unicast packets and broadcast packets.
  • B. By default, IPSec policy can control multicast.
  • C. By default, IPSec policy can control unicast packets, broadcast packets, and multicast packets 。
  • D. By default, IPSec policy only controls unicast packets.

Answer: D

 

NEW QUESTION 39
In L2TP configuration for command Tunnel Name, which statements are correct? (Multiple choice)

  • A. If do not configure the Tunnel Name, the tunnel name is the name of the local system
  • B. Must be consistent with Tunnel Name peer configuration
  • C. Used to specify the name of the end of the tunnel
  • D. Usedto specify the name of the peer tunnel

Answer: A,C

 

NEW QUESTION 40
If the administrator uses 'he default authentication domain to authenticate a user, you onlyneed to enter a user name when the user logs, if administrators use the newly created authentication domain to authenticate the user, the user will need to enter login "username @ Certified domain name"

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 41
The single-point login function of the online user, the user authenticates directly to the AD server, and the device does not interfere with the user authentication process. The AD monitoring service needs to be deployed on the USG device to monitor the authentication information of the AD server.

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 42
......

H12-711 dumps review - Professional Quiz Study Materials: https://www.itcertmagic.com/Huawei/real-H12-711-exam-prep-dumps.html

H12-711 Test Prep Training Practice Exam Questions Practice Tests: https://drive.google.com/open?id=1WTyPXtbq2P8MCBvARM4LzZ2RT42VlkCr

Related Articles

more
Huawei H12-711 Certification Practice Exam