Achieve the H12-711_V4.0 Exam Best Results with Help from Huawei Certified Experts [Q91-Q114]

Rate this post

Achieve the H12-711_V4.0 Exam Best Results with Help from Huawei Certified Experts

Provide H12-711_V4.0 Practice Test Engine for Preparation

Huawei H12-711_V4.0 (HCIA-Security V4.0) Certification Exam covers a wide range of topics related to security, including network security, security management, firewall technology, intrusion detection and prevention, and VPN technology. H12-711_V4.0 exam is divided into multiple sections, each covering a specific aspect of security. H12-711_V4.0 exam also includes practical exercises that test the candidate’s ability to apply their knowledge to real-world scenarios.

NO.91 SSL is a security protocol that provides secure connections for TCP-based application layer protocols.

True

False

NO.92 Which of the following descriptions of the iptables table functions is incorrect?

NAT table: function of address translation.

Raw table: determines whether the data packet is processed by the status tracking mechanism.

Mangle table: modify security policy

Filter table: Policies that are allowed or not allowed in the data packet.

NO.93 The following description of the intrusion fire protection system IPS, which is correct?

The port IPS can be concatenated at the network boundary.

The IPS cannot prevent intrusion from occurring in real time.

The port IPS can be attached to the switch and port mirrored through the switch.

Oral IPS has the ability to customize intrusion prevention rules.

NO.94 If there are multiple levels of CAs in the PKI system, a CA hierarchy will be formed. The top-level CA is the root CA, which has a CA “self-signed” certificate.

True

False

NO.95 In the information security system construction and management cycle, which of the following behaviors needs to be implemented in the “Check” link?

Safety management system design

Safety management system implementation

Risk assessment

Safety management system operation monitoring

NO.96 Regarding SSL VPN technology, which of the following statements is incorrect?

SSL VPN technology can be perfectly suitable for NAT traversal scenarios

The encryption of SSL VPN technology only takes effect on the application layer

SSL VPN requires a dial-up client

SSL VPN technology expands the network scope of enterprises

NO.97 As shown in the figure, the process of AD single sign-on (querying the security log mode of AD server), please match the corresponding operation process.

NO.98 Which of the following does not belong to system security?

Security of services running in the system

Security database

Operating system security

Database system configuration security

NO.99 Which of the following descriptions about local authentication is correct?

The visitor sends the user name and password that identifies his or her identity to the third-party authentication server. After the authentication is passed, the third-party authentication server sends the visitor’s identity information to the firewall. The firewall only records the visitor’s identity information and does not participate in the authentication process.

Visit the Portal authentication page to obtain the SMS verification code, and then enter the SMS verification code to pass the authentication.

The visitor sends the user name and password identifying his or her identity to the firewall through the Portal authentication page. The password is stored on the firewall, and the verification process is performed on the firewall.

The visitor sends the username and password identifying his or her identity to the firewall through the Portal authentication page. The password is not stored on the firewall. The firewall sends the username and password to the third-party authentication server, and the verification process is performed on the authentication server.

NO.100 Some applications, such as Oracle database applications, have no data flow transmission for a long time, causing the firewall session connection to be interrupted, resulting in business interruption. Which of the following is the optimal solution?

Configure a long connection for a certain business

Enable ASPF function

Optimize security policies

Enable shard caching

NO.101 Which of the following does not belong to the levels classified in network security incidents?

Major cybersecurity incidents

Special cybersecurity incidents

General cybersecurity incidents

Larger network security incidents

NO.102 What is the authentication range of the AH protocol in tunnel mode?

NO.103 Which of the following descriptions about OSPF is correct? (Multiple Choice)

Distance Vector Protocol

Good scalability

No loop

Support authentication

NO.104 Which of the following algorithms are block cipher algorithms? (Multiple Choice)

RC4

3DES

AES

DES

NO.105 Please sequence the following digital envelope encryption and decryption processes correctly.

A uses B’s public key to encrypt the symmetric key and generate a digital envelope.

After receiving A’s encrypted information, B uses his own private key to open the digital envelope and obtains the symmetric key

A uses the symmetric key to encrypt the plain text and generate cipher text information.

B uses the symmetric key to decrypt the ciphertext information and obtains the original plaintext

A sends the digital envelope and ciphertext information to B.

NO.106 The reason why OSPF is more commonly used than RIP is that OSPF has the device authentication function and is more secure.

True

False

NO.107 Applying for special funds for emergency response and purchasing emergency response software and hardware equipment belong to which stage of the complete network emergency response?

Preparation stage

Inhibition phase

Response phase

Recovery phase

NO.108 DH algorithm is an asymmetric encryption and decryption algorithm and is generally used by both parties to negotiate a symmetric encryption key.

True

False

NO.109 Which of the following options correctly describes the sequence of the four phases of the Information Security Management System (ISMS)?

Plan->Check->Do->Action

Check->Plan->Do->Action

Plan->Do->Check->Action

Plan->Check->Action->Do

NO.110 Which of the following is not a system requirement for configuring dual-machine hot standby?

FW software versions must be the same

FW models must be the same

FW hard disk configuration must be the same

FW board types must be the same

NO.111 Network devices are managed by deploying SNMP protocol in the network. When an abnormality occurs in the network device, the administrator will receive () message.

trap

NO.112 A self-signed certificate, also known as a root certificate, is a certificate issued to itself, that is, the issuer and subject names in the certificate are the same.

True

False

NO.113 Please correctly categorize the following common security threats and corresponding defense methods.

1-Manual audit
2-Penetration testing
3-Questionnaire survey
4-Interview research

NO.114 The built-in Porral authentication method of Huawei firewall is only session authentication.

True

False

Loading …

Detailed New H12-711_V4.0 Exam Questions for Concept Clearance: https://www.pdf4test.com/H12-711_V4.0-dump-torrent.html

Free certification test prep

Achieve the H12-711_V4.0 Exam Best Results with Help from Huawei Certified Experts [Q91-Q114]

Leave a Reply Cancel reply