This page was exported from Actual Test Materials [ http://blog.actualtests4sure.com ] Export date:Fri Nov 15 23:28:40 2024 / +0000 GMT ___________________________________________________ Title: Latest [Jul 07, 2022] Real Huawei H12-711 Exam Dumps Questions [Q49-Q68] --------------------------------------------------- Latest [Jul 07, 2022] Real Huawei H12-711 Exam Dumps Questions H12-711 Dumps To Pass HCNA-Security Exam in One Day (Updated 290 Questions) NEW QUESTION 49Which of the following belongs to the devices at the execution layer in the Huawei SDSec solution? ‘Multiple Choice)  cis  Fierhunter  Router  AntiDDoS NEW QUESTION 50Which of the following are correct about configuring the firewall security zone?(Multiple Choice)  The firewall has four security zones by default, and the four security zone priorities do not support modification.  Firewall can have 12 security zones at most.  The firewall can create two security zones of the same priority  When data flows between different security zones, the device security check is triggered and the corresponding security policy is implemented NEW QUESTION 51Digital signature is to achieve the integrity of data transmission by using a hash algorithm to generate digital fingerprints.  True  False NEW QUESTION 52Which of the following are included in the operating system patch violations level of Terminal security system?(Choose two.)  Low  Important  Serious  General NEW QUESTION 53Which statement about NAT is wrong? (Choose two.)  NAT Outbound refers to conversion to the source IP address, NAT Inbound refers to conversion to the destination IP address  NAT Inbound command and NAT Server command have the same functions, can choose to configure according to personal preference  Outbound direction NAT can support the following application modes: one-on-one, many-to-many and many-to-one  NAT technology can support multi-channel protocols such as FTP and other standard multi-channel protocol NEW QUESTION 54Which of the following is not the main form of computer crime?  Implant a Trojanto the target host  Hacking the target host  Using a computer for personal surveys  Use scanning tools to collect network information without permission NEW QUESTION 55About thecontents of HRP standby configuration consistency check, which of the following is not included?  NAT policy  If the heartbeat interface with the same serial number configured  Next hop and outbound interface of static route  Certification strategy NEW QUESTION 56Under the tunnel encapsulation mode. IPSec configuration does not need to have a route to thedestination private network segment, because the data will be re-encapsulated using the new IP header to find the routing table.  True  False NEW QUESTION 57Some applications, such as Oracle database application, there is no data transfer for a long time, so that firewall session connection is interrupted, thus resulting in service interruption, which of the following technology can solve this problem?  Configure a long business connection  Configure default session aging time  Optimization of packet filtering rules  Turn fragment cache NEW QUESTION 58The scene of internal users access the internet as shown, the subscriber line process are:1. After authentication, USG allow the connection2. The user input http://1.1.1.1 to access Internet3. USG push authentication interface, User =? Password =?4. The user successfully accessed http://1.1.1.1, equipment create Session table.5. User input User = *** Password = ***Which the following procedure is correct?  2-5-3-1-4  2-3-5-1-4  2-1-3-5-4  2-3-1-5-4 NEW QUESTION 59Regarding the description of Windows Firewall, which of the following options are correct? (Multiple Choice)  Windows Firewall can only allow or prohibit preset programs or functions and programs installed on the system, and cannot customize the release rules according to the protocol or port number.  Windows Firewall not only allowsor prohibits preset programs or functions and programs installed on the system, but also can customize the release rules according to the protocol or port number.  If you are unable to access the Internet during the process of setting up the Windows Firewall, you can use the Restore Defaults feature to quickly restore the firewall to its initial state.  Windows Firewall can also change notification rules when it is off. NEW QUESTION 60NAPTtechnology can implement a public network IP address for multiple private network hosts  True  False NEW QUESTION 61The European TCSEC Code is dividedinto two modules, Function and Evaluation, which are mainly used in the miitary, government and commercial fields  True  False NEW QUESTION 62In the Client-Initiated VPN configuration, generally it is recommended to plan the address pool and the headquarters or need to of the network address for the different network or need to open proxy forwarding on the gateway device  True  False NEW QUESTION 63Which description about disconnect the TCP connection 4 times-handshake is wrong?  initiative to shut down the sender first FIN active closed, while theother received this FIN perform passive shut down  when passive close receipt the first FIN. it will send back an ACK, and randomly generated to confirm the serial number  passive closing party end need to send a file to the application, theapplication will close it connection and lead to send a FIN  in passive close the sender after the FIN. initiative to close must send back a confirmation, and will confirm the serial number is set to receive serial number 1 NEW QUESTION 64Regarding the relationship and role of VRRP/VGMP/HRP, which of the following statements are correct? (Multiple choice)  VRRP is responsible for sending free ARP to direct traffic to the new primary device during active/standby switchover.  VGMP is responsible for monitoring equipment failures and controlling fast switching of equipment.  HRP is responsible for data backup during hot standby operation.  VGMP group in the active state may include the VRRP group in the standby state. NEW QUESTION 65Caesar Code is primarily used to encrypt data by using a stick of a specific specification  True  False NEW QUESTION 66In the currentnetwork it has deployed other authentication system, device registration function by enabling a single point, reducing the user to re-enter the password. What are correct about single sign-on statements?(Multiple choice)  Device can identify the user through the authentication of the identity authentication system, user access, the device will not pis authentication pages, to avoid further asked to enter a username / password  AD domain single sign-on is only one depbyment model  Although not requireto enter a user password, but the authentication server needs to interact with the user password and devices used to ensure that certification through discussion  AD domain single sign-on login can be minored data stream synchronized manner to the firewall NEW QUESTION 67Which of the following is not part of adigital certificate?  Public key  Private key  Validity period  Issuer NEW QUESTION 68Regarding the problem that the two-way binding user of the authentication-free method cannot access the network resources, which of the following options are possible reasons? (Multiple choice)  The authentication-free user and the authenticated user are in the same security zone.  The authentication-free user does not use the PC with the specified IP/MAC address.  The authentication action in the authentication policy is set to “No credit / free authentication”  Online users have reached a large value  Loading … H12-711 Exam Brain Dumps - Study Notes and Theory: https://www.actualtests4sure.com/H12-711-test-questions.html --------------------------------------------------- Images: https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-07-07 03:21:07 Post date GMT: 2022-07-07 03:21:07 Post modified date: 2022-07-07 03:21:07 Post modified date GMT: 2022-07-07 03:21:07