HCIA-Security V3.0 - H12-711 Exam Practice Test

Question 1

Common scanning attacks include: port scanning tools, vulnerability scanning tools, application scanning tools, database scanning tools, etc.

A. True

B. False

Correct Answer: A

Question 2

Which of the following is not included in the steps of the safety assessment method?

A. Data analysis

B. Manual audit

C. Penetration test

D. Questionnaire survey

Correct Answer: A

Question 3

Which of the following traffic matches the authentication policy triggers authentication?

A. DHCP, BGP, OSPF and LDP packets

B. The first DNS packet corresponding to the HTTP service data flow

C. Access device or device initiated traffic

D. Traffic of visitors accessing HTTP services

Correct Answer: D

Question 4

Which of the following statement about the NAT is wrong?

A. NAT technology can effectively hide the hosts of the LAN, it is an effective network security protection technology

B. Some application layer protocols carry IP address information in the data, but also modify the IP address information in the data of the upper layer when they are as NAT

C. Address Translation can follow the needs of users, providing FTP, WWW, Telnet and other services outside the LAN

D. For some non-TCP, UDP protocols (such as ICMP, PPTP), unable to do the NAT translation

Correct Answer: D

Question 5

Regarding the HRP master and backup configuration consistency check content, which of the following is not included?

A. Authentication Policy

B. NAT policy

C. Is the heartbeat interface configured with the same serial number?

D. Next hop and outbound interface of static route

Correct Answer: D

Question 6

The administrator wants to create a web configuration administrator, and set the Https device management port number to 20000, and set the administrator to the administrator level. which of the following commands are correct?

A. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level 1 [USG-aaa-manager-user-client001] password cipher Admin@123

B. Step1: web-manager enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] password cipher Admin@123

C. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa manager-user-client001] password cipher

D. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level 15 [USG-aaa-manager-user-client001] password cipher Admin@123

Correct Answer: D

Question 7

In the classification of the information security level protection system, which of the following levels defines the damage to the social order and the public interest if the information system is destroyed? (multiple choice)

A. Second level System audit protection level

B. Fourth level Structured protection

C. Third level Security mark protection

D. First level User-independent protection level

Correct Answer: A,B,C,D

Question 8

In the information security system construction management cycle, which of the following actions is required to be implemented in the "check" link?

A. Safety management system design

B. Risk assessment

C. Safety management system operation monitoring

D. Implementation of the safety management system

Correct Answer: B

Question 9

Which of the following mechanisms are used in the MAC flooding attack? (Multiple choice)

A. ARP learning mechanism

B. Number of MAC entries is limited

C. MAC learning mechanism of the switch

D. forwarding mechanism of the switch

Correct Answer: A,B,C,D

Question 10

Which of the following is correct about the description of SSL VPN?

A. There is a NAT traversal problem

B. Can be used without a client

C. may IP encrypt layer

D. No authentication required

Correct Answer: B

Question 11

Which of the following guarantees "should detect and protect spam at critical network nodes and maintain upgrades and updates of the spam protection mechanism" in security 2.0?

A. Border protection

B. Centralized control

C. Malicious code prevention

D. Communication transmission

Correct Answer: C

Huawei HCIA-Security V3.0 - H12-711 Exam Practice Test

Latest Update

Useful Links

Contact Us