[Q102-Q127] Prep4pass H12-711_V3.0-ENU Real Exam Question Answers Updated [Mar 14, 2022]

Prep4pass H12-711_V3.0-ENU Real Exam Question Answers Updated [Mar 14, 2022]

Easily To Pass New Huawei H12-711_V3.0-ENU Dumps with 396 Questions

NEW QUESTION 102
About the description of the Windows firewall, which of the following statements are correct? (Multiple Choice)

• A. Windows firewall not only allows or prohibits preset programs or features and programs installed on the system, but also support to customize the release rules in accordance with protocols or port numbers.
• B. Windows firewall can change the notification rule in the closed state
• C. Windows firewalls can only allow or prohibit preset programs or features and programs installed on the system, and cannot customize the release rules in accordance with protocols or port numbers.
• D. If in the process of setting up the Windows firewall, the Internet cannot be accessed, you can quickly restore the firewall to the initial state using the restored default value function.

Answer: A,D

 

NEW QUESTION 103
Which of the following NAT technologies can realize a public network address to provide source address translation for multiple private network addresses? (Multiple choice)

• A. NAT No-PAT
• B. NAT Server
• C. NAPT
• D. Easy-ip

Answer: C,D

 

NEW QUESTION 104
When the firewall hard disk is on the throne, which of the following statement about the firewall log is correct?

• A. Administrators can understand the user's security risk behavior and the cause of the alarm or blocking reason via threat logs.
• B. Administrators know the user's behavior, the keyword of the exploitation, and the effectiveness of the audit policy configuration through user activity logs.
• C. Administrators can announce the content log to view the detection and defense record of network threats
• D. Administrators can use the security policy in which traffic hits in the policy, for fault location when there is a problem.

Answer: D

 

NEW QUESTION 105
The account authority of an employee of a company has expired, but the account can still be used to access the company's server. Which security risks are the above scenarios? (Multiple choice)

• A. Manage security risks
• B. Access security risks
• C. System security risks
• D. Physical security risks

Answer: A,B,C

 

NEW QUESTION 106
When the administrator upgrades the USG firewall software version, which of the following operations are necessary? (Multiple choice)

• A. Specify the software version to be loaded next time
• B. Restart the device
• C. Upload firewall version software
• D. Restore factory settings

Answer: A,B,C

 

NEW QUESTION 107
In the classification of the information security level protection system, which of the following levels defines if the information system is damaged, it will damage the social order and public interests? (Multiple choice)

• A. Level 3 Security mark protection
• B. Second level System audit protection level
• C. Level 4 Structured protection
• D. First level User self-protection level

Answer: A,B,C

 

NEW QUESTION 108
RFC (Request For Comment) 1918 sets aside 3 IP address ends for private use, namely 10.0.0.0-10.255.255.255, _______, 192.168.0.0-192.168.255.255

• A. 172.16.0.0-172.31.255.255

Answer: A

 

NEW QUESTION 109
Regarding NAT address translation, which of the following statements is wrong?

• A. Address conversion can provide FTP, WWW, Telnet and other services outside the local area network according to the needs of users
• B. Some application layer protocols carry IP address information in the data, and when NAT is performed on them, the IP address information in the upper layer data must be modified
• C. For some non-TCP, UDP protocols (such as ICMP, PPTP), NAT conversion is not possible
• D. Configure the NAT address pool in the source NAT technology, you can configure only one IP address in the address pool

Answer: C

 

NEW QUESTION 110
Regarding the comparison between windows and linux, which of the following statements is wrong?

• A. Windows is open source, you can do whatever you want
• B. It is difficult for new linux users to get started, and some learning and guidance are needed.
• C. Linux is an open source code, you can do whatever you want
• D. Windows can be compatible with most software and play most games

Answer: A

 

NEW QUESTION 111
Which of the following options are harmful to traffic-based attacks? (Multiple choices)

• A. Data is stolen
• B. The webpage has been tampered with
• C. The network is down
• D. Server down

Answer: C,D

 

NEW QUESTION 112
The triggering methods of the built-in Portal authentication of the firewall include pre-authentication and ______ authentication

• A. Conversation

Answer: A

 

NEW QUESTION 113
Which of the following options are the key elements of information security protection? (Multiple Choice)

• A. Security products and technologies
• B. Asset management
• C. Safe operation and maintenance and management
• D. Personnel

Answer: A,C,D

 

NEW QUESTION 114
Regarding the vulnerability scan, which of the following is wrong?

• A. Vulnerabilities are security risks, which can expose computers to hacker attacks
• B. The vulnerability is unknown in advance and discovered afterwards.
• C. Vulnerabilities are generally patchable
• D. Vulnerabilities can be avoided

Answer: D

 

NEW QUESTION 115
Which of the following is the difference between NAPT and No-PAT?

• A. No-PAT supports protocol address translation at the network layer
• B. No-PAT only supports protocol port conversion at the transport layer
• C. After No-PAT conversion, for external users, all messages come from the same IP address
• D. NAPT only supports protocol address translation at the network layer

Answer: A

 

NEW QUESTION 116
Which attack below is not a malformated packet attack?

• A. Smurf attack
• B. ICMP unreachable message attack
• C. TCP shard attack
• D. TEARDROP attack

Answer: B

 

NEW QUESTION 117
When connecting to Wi-Fi in public places, which of the following is relatively safer?

• A. Connect to unencrypted free Wi-Fi for online shopping
• B. Connect to unencrypted Wi-Fi hotspots
• C. Connect to encrypted free Wi-Fi for online transfer operations
• D. Connect to the paid Wi-Fi hotspot provided by the operator and only browse the Internet

Answer: D

 

NEW QUESTION 118
Which of the following is not a symmetric encryption algorithm?

• A. DES
• B. RSA
• C. 3DES
• D. AES

Answer: B

 

NEW QUESTION 119
When deploying the IPSec VPN tunnel mode, the AH protocol is used for packet encapsulation. In the header field of the new IP packet, which of the following parameters does not require data integrity verification?

• A. Destination IP address
• B. Source IP address
• C. Idetification
• D. TTL

Answer: D

 

NEW QUESTION 120
Which of the following options are suitable for business travelers to access the corporate intranet in the public network environment? (Multiple choice)

• A. L2TPoverIPSecVPN
• B. SSL VPN
• C. GER VPN
• D. MPLS VPN

Answer: A,B

 

NEW QUESTION 121
Regarding the description of the advanced settings of the windows firewall, which of the following options are wrong? (Multiple choice)

• A. When setting the popstack rules, only the local port can be restricted, but the remote port cannot be restricted
• B. When setting the pushstack rules, only the local port can be restricted, but the remote port cannot be restricted
• C. When setting the pushstack rules, both the local port and the remote port can be restricted
• D. When setting the popstack rules, both the local port and the remote port can be restricted

Answer: C,D

 

NEW QUESTION 122
"Implementing security monitoring management for information and information systems, preventing illegal use of information and information systems", is to achieve which feature in information security?

• A. Confidentiality
• B. Controllability
• C. Non-repudiation
• D. Integrity

Answer: B

 

NEW QUESTION 123
The results seen through display ike sa are as follows. Which of the following statements is wrong?

• A. The neighbor address is 2.2.2.1
• B. IKE uses the V1 version
• C. IPSec SA has been established
• D. IKE SA has been established

Answer: C

 

NEW QUESTION 124
Regarding single sign on, which of the following statements are correct? (Multiple Choice)

• A. AD domain single sign on can be synchronized to the firewall by mirroring the login data stream
• B. Although there is no need to enter the user password, the authentication server needs to interact with the user password and the device to ensure that the authentication is passed
• C. The device can identify users who have passed the authentication by the identity authentication system
• D. There is only one deployment mode for AD domain single sign on

Answer: A,C

 

NEW QUESTION 125
Regarding the description of the intrusion detection system, which of the following is wrong?

• A. The intrusion detection system can dynamically collect a large amount of key information through the network and computer, and can analyze and judge the current state of the entire system environment in time
• B. Once the intrusion detection system finds any behavior that violates the security policy or the system has traces of being attacked, it can implement blocking operations
• C. Intrusion detection system includes all software and hardware systems used for intrusion detection
• D. The immersion detection system can be linked with firewalls and switches, becoming a powerful "assistant" of the firewall, and better and more precise control of traffic access between domains

Answer: B

 

NEW QUESTION 126
In the process of establishing IPSec VPN between the peers FW_A and FW_B, two types of security associations need to be established in two stages. In the first stage, establish ____ to verify the identity of the peers.

• A. IKE SA

Answer: A

 

NEW QUESTION 127
......

Latest H12-711_V3.0-ENU Study Guides 2022 - With Test Engine PDF: https://questionsfree.prep4pass.com/H12-711_V3.0-ENU_exam-braindumps.html