DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest Huawei H12-711 Free Exam Questions | SPOTO

SPOTO's latest exam dumps on the homepage, with a 100% pass rate! SPOTO delivers authentic Cisco CCNA, CCNP study materials, CCIE Lab solutions, PMP, CISA, CISM, AWS, and Palo Alto exam dumps. Our comprehensive study materials are meticulously aligned with the latest exam objectives. With a proven track record, we have enabled thousands of candidates worldwide to pass their IT certifications on their first attempt. Over the past 20+ years, SPOTO has successfully placed numerous IT professionals in Fortune 500 companies.
Take other online exams
Question #1
Among the various aspects of the risk assessment of IS027001, which of the following does not belong to the system design and release process?
A. AHold a summary meeting of the project in the information security management stage
B. BDetermine risk disposal measures and implement rectification plans
C. CDetermine risk tolerance and risk appetite
D. DSystem integration and information security management system document preparation
View answer
Correct Answer: A
Question #2
For MAC address spoofing attack, which description is error?
A. MAC address spoofing attack mainly use the switch MAC address learning mechanism
B. attacker can fake the source Mac address of the data frame is sent to the switch to implement MAC spoofing attack
C. MAC address spoofing attack can cause switches to learn the wrong MAC address and IP address mapping relationshipcorrect
D. MAC address spoofing attacks can cause the switch data is sent to the correct destination to be sent to the attacker
View answer
Correct Answer: AC
Question #3
Which scenarios does IPSec WEB configuration wizard not support?
A. ateway to Gateway
B. enter Gateway
C. ranch Gateway
D. ost and Host
View answer
Correct Answer: D
Question #4
As shown in the figure, the administrator needs to test the network quality of the 20.0.0/24 CIDR block to the 40.0.0/24 CIDR block on Device B, and the device needs to send large packets for a long time to test the network connectivity and stability.
A. tracert - a 20
B. ping - a 20
C. ping - s 20
D. tracert - a 20
View answer
Correct Answer: B
Question #5
____- The goal is to provide a rapid, composed and effective response in emergency situations, thereby enhancing the ability of the business to recover immediately from a disruptive event.[fill in the blank]*
A. Abusiness continuity plan
B. Bbusiness continuity
View answer
Correct Answer: A
Question #6
Some applications such as Oracle Database Applications, has no data streaming for a long time, so that the firewall session connection is interrupted, resulting in business interruption, which of the following is the optimal solution?
A. Configure a long connection for one businesscorrect
B. Open the ASPF function
C. Optimize safety strategy
D. Open Split Cache
View answer
Correct Answer: A
Question #7
For IPsec, IKE protocol can provide auto-negotiation key exchange and create security associations, in order to simplify the use and management of IPsec.
A. TRUEcorrect
B. FALSE
View answer
Correct Answer: A
Question #8
Which of the following attack methods is to construct special SQL statements and submit sensitive information to exploit program vulnerabilities
A. Buffer overflow attack
B. SQL injection attacks
C. Worm attack
D. Phishing attacks
View answer
Correct Answer: B
Question #9
Which types of the following can the encryption technology be divided into? (Multiple Choice)
A. Symmetrical encryptioncorrect
B. Fractional symmetric encryptioncorrect
C. Fingerprint encryption
D. Data encryption
View answer
Correct Answer: AB
Question #10
Which of the following are HRP(Huawei Redundancy Protocol) protocol can back up state information? (multiple choice)
A. session table
B. ServerMapentry
C. Dynamic blacklist
D. routing table
View answer
Correct Answer: ABC
Question #11
Digital envelope technology means that the sender uses the receiver's public key to encrypt the data, and then sends the ciphertext to the receiver () [Multiple choice] *
A. TRUE
B. FALSEcorrect
View answer
Correct Answer: B
Question #12
Which of the following descriptions about the heartbeat interface is wrong ()? [Multiple choice]
A. It is recommended to configure at least two heartbeat interfaces
B. The interface MTU value is greater than 1500 and cannot be used as a heartbeat interfacecorrect
C. The connection method of the heartbeat interface can be directly connected, or it can be connected through a switch or router
D. MGMT interface (GigabitEthernet0/0/0) cannot be used as heartbeat interface
View answer
Correct Answer: B
Question #13
At what layer does packet filtering technology in the firewall filter packets?
A. Transport layer
B. Network layercorrect
C. Physical layer
D. Data link layer
View answer
Correct Answer: B
Question #14
Which of the following is not an advantage of symmetric encryption algorithms?
A. ASuitable for encrypting large amounts of data
B. BLow overhead
C. CGood scalability
D. DHigh efficiency
View answer
Correct Answer: C
Question #15
About the contents of HRP standby configuration consistency check, which of the following is not included?
A. NAT policy
B. Next hop and outbound interface of static route
C. Certification strategy
D. If the heartbeat interface with the same serial number configured
View answer
Correct Answer: B
Question #16
Which of the following is true about the sequencing of the PKI work process? 1. The communication terminal applies for CA certificate. 2. PKI replies to CA certificate 3. Obtain each other's certificate and verify the validity 4. Communication terminal installs local certificate 5. PKI issues a local certificate 6. The communication terminal applies for a local certificate 7. Communication terminal installs CA certificate 8. Communicate with each other
A. 1-2-6-5-7-4-3-8
B. 6-5-4-1-2-7-3-8
C. 6-5-4-3-1-2-7-8
D. 1-2-7-6-5-4-3-8
View answer
Correct Answer: D
Question #17
Regarding the investigation and evidence collection, which of the following statement is correct?
A. Evidence is not necessarily needed in an investigation
B. Evidence acquired by eavesdropping is also effective
C. During all investigation and evidence, preferably with law enforcement involved
D. Document evidence is required in computer crimes
View answer
Correct Answer: C
Question #18
Which of the following statement about Internet user group management is wrong?
A. ach user group can include multiple users and user group
B. ach user group can belong to more than one parent user group
C. here is a default user group in the system; the user group is also the default authentication domain
D. ach user belongs to at least one user group, who can also belong to multiple user groups
View answer
Correct Answer: B
Question #19
Which one of the options below belong to the component of the PKI architecture? (Multiple Choice)
A. Terminal entitycorrect
B. Certificate certification authoritycorrect
C. Certificate registration authoritycorrect
D. Certificate Storage authoritycorrect
View answer
Correct Answer: ABCD
Question #20
In SSL handshake protocol, what is the role of Server Key Exchange message?
A. erver key exchange message indicates that the server has finished sending all the information
B. n the server key exchange message, it contains set of parameters required for completing key exchange
C. t contains an X
D. n the server key exchange message, it contains the negotiated CipherSuite which is copied to the state of the current connection
View answer
Correct Answer: B
Question #21
When configuring NAT Server on the USG Series Firewall, a Server-Map table is generated. Which item below does not belong to content in this performance?
A. Destination IP
B. Destination port number
C. Agreement number
D. Source IPcorrect
View answer
Correct Answer: D
Question #22
Huawei Redundancy Protocol, used to connect the main firewall configuration and connection status and other data on the backup firewall to synchronize, which of the following options do not belong to the scope of sync?
A. Security Policycorrect
B. NAT Policy
C. blacklist
D. IPS signature setscorrect
View answer
Correct Answer: AD
Question #23
In the environment of GRE configuration, which of the following statements are true? (Choose three.)
A. n order to make the ends of the tunnel forward data packets normally, the devices of both ends are configured routing which through the Tunnel interface
B. f both ends enable the configuration of keyword verification, the keyword must be the same
C. hen the local device send data packets, by identifying the protocol field value of IP header for GRE to determine whether send the data packet to GRE module for processing
D. hen the opposite end receives data packets, by identifying the protocol field value of IP header for GRE to determine whether send the data packet to GRE module for processing
View answer
Correct Answer: ABD
Question #24
Which of the following options can be used in the advanced settings of windows firewall? (Multiple Choice)
A. Restore defaultscorrect
B. Change notification rulescorrect
C. Set connection security rulescorrect
D. Set out inbound rulescorrect
View answer
Correct Answer: ABCD
Question #25
Which item below is not a Linux operating system?
A. CentOS
B. RedHat
C. Ubuntu
D. MAC OScorrect
View answer
Correct Answer: D
Question #26
SSL VPN which can through the following ways for access control to the user.(multiple choice)
A. IPcorrect
B. MAC
C. PORTcorrect
D. URLcorrect
View answer
Correct Answer: ACD
Question #27
Which user authentication methods can be supported by Policy Center system? (Choose three.)
A. IP address authentication
B. MAC address authentication
C. Ordinary ID/password authentication
D. LDAP authentication
View answer
Correct Answer: BCD
Question #28
Which of the following is not an advantage of symmetric encryption algorithms?
A. Suitable for encrypting large amounts of data
B. Low overhead
C. Good scalabilitycorrect
D. High efficiency
View answer
Correct Answer: C
Question #29
When the firewall hard disk is in place, which of the following is correct description for the firewall log?
A. The administrator can advertise the content log to view the detection and defense records of network threats
B. The administrator can use the threat log to understand the user's security risk behavior and the reason for being alarmed or blocked
C. The administrator knows the user's behavior, the keywords explored, and the effectiveness of the audit policy configuration through the user activity log
D. The administrator can learn the security policy of the traffic hit through the policy hit log, and use it for fault location when the problem occurs
View answer
Correct Answer: D
Question #30
SSL VPN supported file sharing types can be divided into two kinds of SMB and NFS, SMB correspond Windows hosts, NFS correspond Linux host
A. True
B. False
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.