[Oct 14, 2022] H12-711 Questions Truly Valid For Your Huawei Exam! [Q35-Q54]

[Oct 14, 2022] H12-711 Questions Truly Valid For Your Huawei Exam!

H12-711 Actual Questions - Instant Download Tests Free Updated Today!

NEW QUESTION 35
Which of the following statements are correct about the business continuity plan? (Multiple Choice)

• A. Not all security incidents must be reported to company executives
• B. Business continuity plan does not require high-level participation of the company before forming a formal document
• C. Business continuity plan does not require high-level participation of the company in determining the project scope phase
• D. BCP needs flexibility because it cannot predict all possible accidents

Answer: A,D

 

NEW QUESTION 36
The following security policy command, representatives of the meaning:

• A. banned from trust region access to untrust region and the source address is 10.1 0 0/16 segment all the hosts ICMP message
• B. banned from trust region access to untrust region and the destination address is 10.1 0 0/16 segment all hosts ICMP message
• C. banned from trust region access to untrust region and the destination address is 10 1 10 10 host ICMP message
• D. banned from trust region access to untrust region and the source address is10.2.10.10 host to all the hosts ICMP message

Answer: A

 

NEW QUESTION 37
Manual auditing is a supplement to tool evaluation. It does not require any software to be installed on the target system being evaluated, and has no effect on the operation and status of the target system.
Which of the following options does not include manual auditing?

• A. Manual inspection of network equipment
• B. Manual inspection of the database
• C. Manual inspection of the administrator's operation of the equipment process
• D. Manual detection of the host operating system

Answer: C

 

NEW QUESTION 38
Which of the following is not a hash algorithm?

• A. MD5
• B. SHA1
• C. SHA2
• D. SM1

Answer: D

 

NEW QUESTION 39
The content of intrusion detection covers authorized and unauthorized intrusions. Which of the following is not in the scope of intrusion detection?

• A. Administrator mistakenly delete configuration
• B. Leaking data information
• C. Pretending to be another user
• D. Planting worms and Trojans

Answer: A

 

NEW QUESTION 40
What are the advantages of address translation techniques included? (Multiple choice)

• A. Address conversion can block internal network users,improve the safety of internal network
• B. Address conversion can make internal network users (private IPaddress) easy access to the Internet
• C. Address conversion that can handle the IP header of encryption
• D. Many host address conversion can make the internal LAN to share an IP address on the Internet

Answer: A,B,D

 

NEW QUESTION 41
Which of the following statement about the L2TP VPN of Clieit-initialized is wrong?

• A. remote users do not need to install VPN client software
• B. LNS assign a private IP address for remote users
• C. After the remote user access to internet, can initiate L2TPtunneling request to the remote LNS directly through the client software
• D. LNS device receives user L2TPconnection request, can verify based on user name and password.

Answer: A

 

NEW QUESTION 42
Security technology has different approaches at different technical levels and areas. Which of the following devices can be used for network layer security protection? (Multiple choice)

• A. Vulnerability scanning device
• B. IPS/IDS equipment
• C. Firewall
• D. Anti-DDoS equipment

Answer: B,C,D

 

NEW QUESTION 43
In o der to obtain evidence of crime, it is necessary to master the technology ofintrusion tracking Which of the following descriptions are correct about the tracking technology? (Multiple Choice)

• A. Packet tagging technology extracts information from attack sources by recording packets on the router and then using data drilling techniques
• B. Snallow mail behavior analysis can analyze the information such as sending IF address, sending time, sending frequency, number of recipients, shallow email heacers and so on.
• C. Packet Recording Technology marks packets on each passing router by inserting trace data into the tracked IP packets
• D. Link test technology determines the source of the attack by testing the network link between the routers

Answer: B,C,D

 

NEW QUESTION 44
Information security levelprotection is to improve the overall national security level, while rationally optimizing the distribution of security resources, so that it can return the greatest security and economic benefits

• A. False
• B. True

Answer: B

 

NEW QUESTION 45
Which of the following description is wrong about the operating system?

• A. The operating system is responsible for managing the execution of all hardware resources and control software of the computer system.
• B. The operating system is the interface between the user and the computer
• C. The operating system itself is also a software
• D. The interface between the operating system and the user is a graphical interface.

Answer: D

 

NEW QUESTION 46
Which ofthe following is the username / password for the first login ofthe USG series firewall?

• A. User name admin, password Admin123
• B. User name admin, password admin@123
• C. User name admin, password admin
• D. Username admin, password Admin@123

Answer: D

 

NEW QUESTION 47
Which of the following scenarios does not support by IPSEC WEB configuration of USG6000 series firewall? (Choose two.)

• A. Gateway to Gateway
• B. Host and Host
• C. Branch Gateway
• D. Gateway Center

Answer: B,D

 

NEW QUESTION 48
Which of the following attacks can DHCP Snooping prevent? (Multiple Choice)

• A. Counterfeit DHCP lease renewal packet attack using option82 field
• B. IP spoofing attack
• C. Intermediaries and IP/MAC spoofing attacks
• D. DHCP Server counterfeiter attack

Answer: A,B,C,D

 

NEW QUESTION 49
The matching principle of the security policy is: firstly, find the inter-domain security policy configured manually, and if there is no match, the data packet is directly discarded

• A. False
• B. True

Answer: B

 

NEW QUESTION 50
The VRRP advertisement packet of the Huawei USG firewall is a multicast packet. Therefore, each firewall in the backup group must be able to implement direct Layer 2 interworking

• A. False
• B. True

Answer: B

 

NEW QUESTION 51
When the IPSec VPN tunnel mode is deployed, the AH protocol is used for packet encapsulation. In the new IP packet header field, which of the following parameters does not require data integrity check?

• A. Destination IP address
• B. TTL
• C. Source IP address
• D. Idetification

Answer: B

 

NEW QUESTION 52
Against IP Spoofing,which of the following description is wrong?

• A. IP spoofing is to use the hosts' normal trust relationship based on the IP address to launch it
• B. Af-.er IP spoofing attack is successful, the attacker can use forged any IP address to imitate legitimate hast to access to critical information
• C. An attacker would need to cisguise the source IP addresses as trusted hosts, and send the data segment with the SYN flag request for connection

Answer: B

 

NEW QUESTION 53
Digital certificates are fair to public keys through third-party agencies, thereby ensuring the non-repudiation of data transmission. Therefore, to confirm the correctness of the public key, only the certificate of the communicating party is needed.

• A. True
• B. False

Answer: B

 

NEW QUESTION 54
......

Get instant access of 100% real exam questions with verified answers: https://passleader.bootcamppdf.com/H12-711-exam-actual-tests.html