Go to H12-711_V3.0 Questions - Try H12-711_V3.0 dumps pdf
Dumps Practice Exam Questions Study Guide for the H12-711_V3.0 Exam
NEW QUESTION 201
The attacker sends a SYN packet with the same source address and destination address, or the source address is the loopback address, to the target host (the source port and the destination port are the same), causing the attacked to send a SYN-AKY message to his own address. Which kind of attack is is this behavior?
- A. Land attack
- B. TCP spoofing attack
- C. SYN Flood attack
- D. Smurf attack
Answer: A
NEW QUESTION 202
Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security protection? (Multiple choice)
- A. Vulnerability scanning device
- B. Firewall
- C. IPS/IDS device
- D. Anti-DDoS device
Answer: B,C,D
NEW QUESTION 203
Social engineering is a method of deceiving and hurting victims through psychological traps such as psychological weakness, instinctual reaction, curiosity, trust, and greed.
- A. True
- B. False
Answer: A
NEW QUESTION 204
Please sort the following project implementation steps from the start of the project.
Answer:
Explanation:
NEW QUESTION 205
Regarding the description of the preemption function managed by VGMP, which of the following is wrong?
- A. By default, the preemption delay time of the VGMP management group is 40s
- B. After the VRRP backup group is added to the VGMP management group, the original preemption function on the VRRP backup group becomes invalid
- C. By default, the preemption function of the VGMP management group is enabled
- D. Preemption means that when the original failed master device recovers from a failure, its priority will be restored, and you can regain its own status as the master
Answer: A
NEW QUESTION 206
Regarding the vulnerability scan, which of the following is wrong?
- A. The vulnerability is unknown in advance and discovered afterwards.
- B. Vulnerabilities can be avoided
- C. Vulnerabilities are generally patchable
- D. Vulnerabilities are security risks, which can expose computers to hacker attacks
Answer: B
NEW QUESTION 207
The single sign-on function of Internet users, the user directly authenticates to the AD server, the device does not interfere with the user authentication process, the AD monitoring service needs to be deployed in the USG device to monitor the authentication information of the AD server.
- A. True
- B. False
Answer: A
NEW QUESTION 208
IPSec VPN technology does not support NAT crossing when using the ESP security protocol package, because ESP encrypts the header of the packet.
- A. True
- B. False
Answer: B
NEW QUESTION 209
Which of the following description is wrong about the main implementation of Single Sign On?
- A. Query the security log mode of the AD server
- B. The firewall monitors AD authentication packets
- C. Accept PC message mode
- D. Query syslog server mode
Answer: D
NEW QUESTION 210
Which of the following statement is wrong about the root CA certificate?
- A. Certificate main name is CA
- B. The issuer is CA
- C. Public key information is the public key of CA
- D. Signature is generated by the CA public key encryption
Answer: D
NEW QUESTION 211
Which of the following sequence for incident response management is correct?
1 Detection 2 Report 3 Mitigation 4 Summarize experience 5 Repair 6 Recovery 7 Response
- A. 1-2-3-7-6-5-4
- B. 1-3-2-7-5-6-4
- C. 1-3-2-7-6-5-4
- D. 1-7-3-2-6-5-4
Answer: D
NEW QUESTION 212
Security technology has different methods in different technical levels and fields. Which of the following devices can be used for network layer security protection? (Multiple choice)
- A. Vulnerability scanning equipment
- B. Firewall
- C. Anti-DDoS equipment
- D. IPS/IDS equipment
Answer: B,C,D
NEW QUESTION 213
Regarding port mirroring, which of the following descriptions are correct? (Multiple Choice)
- A. The observation port sends the received message to the monitoring device
- B. The mirror port sends the received message to the monitoring device
- C. The mirror port copies the packet to the observing port
- D. The observing port copies the packet to the mirror port
Answer: A,C
NEW QUESTION 214
In the process of establishing IPSec VPN between the peers FW_A and FW_B, two types of security associations need to be established in two stages. In the first stage, establish ____ to verify the identity of the peers.
- A. IKE SA
Answer: A
NEW QUESTION 215
According to the HiS ec solution, please drag the devices on the left into the logical architecture layer on the right.
Answer:
Explanation:
NEW QUESTION 216
On Huawei USG series firewalls, the default security policy does not support modification.
- A. True
- B. False
Answer: B
NEW QUESTION 217
Regarding the firewall security policy statement, which of the following options is wrong?
- A. Adjust the order of the security policy without saving the configuration file, it will take effect immediately
- B. If the security policy is permit, the discarded packets will not accumulate the "hit times"
- C. The number of security policy entries of Huawei USG series firewalls cannot exceed 128
- D. When configuring the security policy name, the same name cannot be used repeatedly
Answer: C
NEW QUESTION 218
The main reason why NAPT can achieve one-to-many address translation is that ______ is also converted while addressing, so multiple private addresses can share the same public address.
- A. Port
Answer: A
NEW QUESTION 219
The preservation of electronic evidence is directly related to the legal effect of evidence, and its authenticity and reliability can only be guaranteed if it conforms to legal procedures. Which of the following is not an evidence preservation technique?
- A. Encryption technology
- B. Digital signature technology
- C. Digital certificate technology
- D. Message mark tracking technology
Answer: D
NEW QUESTION 220
Which of the following is not a key technology of anti-virus software?
- A. Self-protection
- B. Shelling technology
- C. Format the disk
- D. Real-time update virus database
Answer: C
NEW QUESTION 221
......
Free HCIA-Security H12-711_V3.0 Exam Question: https://www.test4sure.com/H12-711_V3.0-pass4sure-vce.html