• Home
  • Articles
  • [Aug 30, 2022] Huawei H12-711 Real Exam Questions and Answers FREE [Q132-Q154]

[Aug 30, 2022] Huawei H12-711 Real Exam Questions and Answers FREE [Q132-Q154]

Share

[Aug 30, 2022] Huawei H12-711 Real Exam Questions and Answers FREE

Pass Huawei H12-711 Exam Info and Free Practice Test

NEW QUESTION 132
Which of the following are correct regarding the matching conditions of the security policy? (Multiple choice)

  • A. "Time period"in the matching condition is an optional parameter
  • B. "Service" is an optional parameter in the matching condition
  • C. "Apply" in the matching condition is an optional parameter
  • D. 'The source security zone' is an optional parameter in the matehing condition.

Answer: A,B,C,D

 

NEW QUESTION 133
For the process of forwarding the first packet of the session between firewall domains,there are the following steps:
1. find the routing table
2. find inter-domain packet filtering rules
3. find the session table
4. find the blacklist
Which of the following is the correct order?

  • A. 3->4->1->2
  • B. 3->2->1->4
  • C. 1->3->2->4
  • D. 4->3->1->2

Answer: A

 

NEW QUESTION 134
In the Client-Initiated VPN configuration, generally it is recommended to plan the address pool and the headquarters of the network address for the different network segments, or need to open proxy forwarding on the gateway device.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 135
Which of the following options does not include the respondents in the questionnaire for safety assessment?

  • A. Network System Administrator
  • B. Technical leader
  • C. Security administrator
  • D. HR

Answer: D

 

NEW QUESTION 136
Which of the following description about the group management for VGMP is wrong?

  • A. Periodically sends Hello packets between VGMP of master/slave firewall
  • B. master/slave devices exchange packets to understand each other through the heartbeat line, and backup the related commands and status information
  • C. Master/slave status change of VRRP backup group needs to notify its VGMP management group
  • D. Theinterface type and number of two firewalls heartbeat port may be different, as long as they can communicate with each other

Answer: D

 

NEW QUESTION 137
Which of the following statement about the NAT is wrong?

  • A. NAT technology can effectively hide the hosts of the LAN, it is an effective network security protection technology
  • B. Address Translation can follow the needs of users, providing FTP, WWW, Telnet and other services outside the LAN
  • C. Some application layer protocols carry IP address information in the data, but also modify the IP address information in the data of the upper layer when they are as NAT
  • D. For some non-TCP, UDP protocols (such as ICMP, PPTP), unable to do the NAT translation

Answer: D

 

NEW QUESTION 138
Which of the following iscorrect about firewall IPSec policy?

  • A. By default, IPSec policy can control unicast packets and broadcast packets.
  • B. By default. IPSec policy only controls unicast packets.
  • C. By default, IPSec policy can control multicast.
  • D. By default, IPSec policy can control unicast packets, broadcast packets, and multicast packets °

Answer: B

 

NEW QUESTION 139
Which of the following descriptions about IKE SA is wrong?

  • A. The encryption algorithm used by user data packets isdetermined by IKE SA.
  • B. IKE SA servers for IPSec SA
  • C. IKE is a UDP- based application layer protocol
  • D. IKE SA is two-way

Answer: A

 

NEW QUESTION 140
Which of the following is the GRE protocol number?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

 

NEW QUESTION 141
Administrators want to clear the current session table. Which of the following command is correct?

  • A. display firewall session table
  • B. clear firewall session table
  • C. reset firewall session table
  • D. display session table

Answer: C

 

NEW QUESTION 142
Both A and B communicate data. If an asymmetric encryption algorithm is used for encryption, when A sends data to B, which of the following keys will be used for data encryption?

  • A. B private key
  • B. A public key
  • C. B public key
  • D. A private key

Answer: C

 

NEW QUESTION 143
What problem does IPsec IKE aggressive mode mainly solve?

  • A. solve the security problem in the process of negotiation
  • B. solve NAT traversal problem
  • C. solve the problem of slow negotiation on both ends of the tunnel
  • D. solve because of uncertain originator source address cannot select pre-shared key problem

Answer: D

 

NEW QUESTION 144
Which of the following statement is wrong about L2TP VPN?

  • A. Will not encrypt the data
  • B. Can be used in conjunction with IPsec VPN
  • C. Belongs to Layer 3 VPN technology
  • D. Applicable to business employees dialing access to the intranet

Answer: C

 

NEW QUESTION 145
Which of the following are multi-user operating systems? (Multiple choice)

  • A. Windows
  • B. MSDOS
  • C. LINUX
  • D. UNIX

Answer: A,C,D

 

NEW QUESTION 146
In the construction of information security system, the security model is needed to accurately describe the relationship between important aspects of security and system behavior

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 147
When the IPSec VPN tunnel mode is deployed, the AH protocol is used for packet encapsulation. In the new IP packet header field, which of the following parameters does not require data integrity check?

  • A. TTL
  • B. Idetification
  • C. Source IP address
  • D. Destination IP address

Answer: A

 

NEW QUESTION 148
The administrator wants to create a web configuration administrator, and set the Https device management port number to 20000, and set the administrator to the administrator level. which of the following commands are correct?

  • A. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level 1 [USG-aaa-manager-user-client001] password cipher Admin@123
  • B. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa manager-user-client001] password cipher
  • C. Step1: web-manager security enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] level 15 [USG-aaa-manager-user-client001] password cipher Admin@123
  • D. Step1: web-manager enable port 20000 Step2: AAA View [USG] aaa [USG aaa] manager-user client001 [USG-aaa-manager-user-client001] service-type web [USG-aaa-manager-user-client001] password cipher Admin@123

Answer: C

 

NEW QUESTION 149
Which of the following desciipliuri uf firewall hul standby is cuie? (multiple choice)

  • A. When multiple areas of the firewall need to provide dual-system backup, you need to configure multiple VRRP backup groups on the firewall.
  • B. The status of all VRRP backup groups in the same VGMP management group on the same firewall is the same
  • C. The hot standby of the firewall needs to synchronize the backup between the master device and the slave device by using the session table. MAC table, and routing table.
  • D. VCMP i3 to ensure the consistency of all VRRPbackup group switching

Answer: A,B,D

 

NEW QUESTION 150
Which of the following are international organizations related to information security standardization?
(Multiple Choice)

  • A. Wi-Fi Alliance
  • B. International Electrotechnical Commission (IEC)
  • C. International Organization for Standardization (ISO)
  • D. International Telecommunication Union (ITU)

Answer: B,C,D

 

NEW QUESTION 151
Which of the following descriptions of the firewall fragment cache function are correct? (Multiple choice)

  • A. After the fragmented packet is directly forwarded, the firewall forwards the fragment according to the interzone security policy if it is not the fragmented packet of the first packet.
  • B. By default, the number of large fragment caches of an IPV4 packet is 32, and the number of large fragmentation buffers of an IPV6 packet is 255.
  • C. For fragmented packets, NAT ALG does not support the processing of SIP fragmented packets.
  • D. By default, the firewall caches fragmented packets.

Answer: B,C,D

 

NEW QUESTION 152
Ininformation security prevention, commonly used security products are firewalls, Anti-DDos devices and IPS/IDS devices.

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 153
In the information security system construction management cycle, which of the following actions is required to be implemented in the "check' link?

  • A. Safety managementsystem operation monitoring
  • B. Safety management system design
  • C. Implementation of the safety management system
  • D. Risk assessment

Answer: D

 

NEW QUESTION 154
......

Latest H12-711 Exam Dumps Huawei Exam: https://easytest.exams4collection.com/H12-711-latest-braindumps.html

Related Articles

more
Huawei H12-711 Certification Practice Exam

The Practice Questions will teach you the basic technology and tell you how to affectively prepare for the real test. In a word, our Study Material Torrent is the best reference for you preparation.

Latest Exam Collection

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Exams4Collection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy