Valid H12-711 Exam Q&A PDF H12-711 Dump is Ready (Updated 290 Questions)
Exam Questions and Answers for H12-711 Study Guide
NEW QUESTION 49
Regarding the AH and ESP security protocols, which ofthe following options is correct? (Multiple Choice)
- A. The agreement number of ESP is51.
- B. The agreement number of AH is 51.
- C. ESP can provide encryption and verification functions
- D. AH can provide encryption and verification functions
Answer: B,C
NEW QUESTION 50
The following security policy command, representatives of the meaning:
- A. banned from trust region access to untrust region and the source address is 10.2.10.10 host to all the hosts ICMP message
- B. banned from trust region access to untrust region and the destination address is 10.1.0.0/16 segment all hosts ICMP message
- C. banned from trust region access to untrust region and the source address is 10.1.0.0/16 segment all the hosts ICMP message
- D. banned from trust region access to untrust region and the destination address is 10.1.10.10 host ICMP message
Answer: C
NEW QUESTION 51
Which of the following scenarios does not support by IPSEC WEB configuration of USG6000 series firewall? (Choose two.)
- A. Gateway Center
- B. Host and Host
- C. Gateway to Gateway
- D. Branch Gateway
Answer: A,B
NEW QUESTION 52
The repair of anti-virus software only needs to be able to repair some system files that were accidentally deleted when killing the virus to prevent the system from crashing
- A. True
- B. False
Answer: A
NEW QUESTION 53
The network administrator can collect data to be analyzed on the network device by means of packet capture, port mirroring, or log, etc.
- A. True
- B. False
Answer: A
NEW QUESTION 54
Which of the following statements are correct about the differences between pre-accident prevention strategies and post-accident recovery strategies? (Multiple Choice)
- A. Recovery strategy is part of the business continuity plan
- B. The prevention strategy focuses on minimizing the likelihood of an accident before the story occurs. The recovery strategy focuses on minimizing the impact and loss on the company after the accident
- C. Recovery strategy is used to improve business high availability
- D. The role of pre-disaster prevention strategies does not include minimizing economic, reputational, and other losses caused by accidents.
Answer: A,B,C
NEW QUESTION 55
Which of the following options is not the part of the quintet?
- A. Source IP
- B. Source MAC
- C. Destination IP
- D. Destination Port
Answer: B
NEW QUESTION 56
Which of the following are included in the operating system patch violations level of Terminal security system? (Choose two.)
- A. Low
- B. Serious
- C. General
- D. Important
Answer: B,C
NEW QUESTION 57
Both A and B communicate data. If an asymmetric encryption algorithm is used for encryption, when A sends data to B.
Which of the following keys will be used for data encryption?
- A. A private key
- B. A public key
- C. B private key
- D. public key
Answer: D
NEW QUESTION 58
In the digital signature process, which of the following is the HASH algorithm to verify the integrity of the data transmission?
- A. Receiver private key
- B. Symmetric key
- C. Receiver public key
- D. User data
Answer: D
NEW QUESTION 59
After the network intrusion event occurs,according to the plan to obtain the identity of the intrusion, the attack source and other information, and block the intrusion behavior, which links of the above actions are involved in the PDRR network security model? (Multiple Choice)
- A. Testing link
- B. Protection link
- C. Recovery link
- D. Response link
Answer: A,D
NEW QUESTION 60
Which of the following are the main implementations of gateway anti-viru3? (Multiple choice)
- A. Package inspection method
- B. Stream scanning method
- C. Agent scanning method
- D. File killing method
Answer: B,C
NEW QUESTION 61
Classify servers based on the shape, what types of the following can be divided into? (Multiple choice)
- A. Rack server
- B. X86 server
- C. Blade sen/er
- D. Tower server
Answer: A,C,D
NEW QUESTION 62
In stateful inspection firewall, when openingstate detection mechanism, three-way handshake's second packet (SYN + ACK) arrives the firewall. If there is still no corresponding session table on the firewall, then which of the following statement is correct?
- A. Packets must pass through the firewall, and establishes a session table
- B. If the firewall security policy allows packets through, then creating the session table
- C. If the firewall security policy allows packets through, then the packets can pass through the firewall
- D. Packets must not pass through the firewall
Answer: D
NEW QUESTION 63
The single-point login function of the online user, the user authenticates directly to the AD server, and the device does not interfere with the user authentication process. The AD monitoring service needs to be deployed on the USG device to mcnitorthe authentication information of the AD server.
- A. True
- B. False
Answer: B
NEW QUESTION 64
Based on the GRE encapsulation and de-encapsulation, which description is error?
- A. De-encapsulation Process: After GRE module de-encapsulation, the data packets will enter the IPmodule for further processing.
- B. Encapsulation Process: After GRE module packaging, the data packet will enter the IP module for further processing
- C. Encapsulation Process: The original data packetstransmit the data packets through looking up routing to the Tunnel interface to trigger GRE encapsulation.
- D. De-encapsulation Process: After the destination receives GRE packets, transmitting the data packets through looking up the routing to the Tunnel interfaces to trigger GRE encapsulation.
Answer: D
NEW QUESTION 65
Which of the following is not the scope of business of the National Internet Emergency Center?
- A. Cooperate with other agencies to provide training services
- B. Providing security evaluation services for government departments, enterprises and institutions
- C. Emergency handling of security incidents
- D. Early warning rotification of security incidents
Answer: A
NEW QUESTION 66
Which of the following descriptions about IKE SA is wrong?
- A. IKE SA servers for IPSec SA
- B. The encryption algorithm used by user data packets isdetermined by IKE SA.
- C. IKE SA is two-way
- D. IKE is a UDP- based application layer protocol
Answer: B
NEW QUESTION 67
Which of thefollowing 3re the versions of the SNMP protocol? (Multiple choice)
- A. SNMPvl
- B. SNMPv2c
- C. SNMPv3
- D. SNMPv2b
Answer: A,B,C
NEW QUESTION 68
Which of the Policy Center functional areas is wrong?
- A. Isolation domain refers to the client after authenticated must have access to the area
- B. Pre-authentication domain refers to the client through the identity authentication before access to the area
- C. Post-authentication domain refers to the client can access through the security certification area
- D. Isolation domain refers to the client security authentication failed the required access area
Answer: A
NEW QUESTION 69
Which of the following attacks is not aspecial packet attack?
- A. Large ICMP packet attack
- B. IP address scanning attack
- C. ICMP redirect packet attack
- D. ICMP unreachable packet attack
Answer: B
NEW QUESTION 70
Which of the following is correct about the description of SSL VPN?
- A. No authentication required
- B. may IP encrypt layer
- C. There is a NAT traversal problem
- D. Can be used without a client
Answer: D
NEW QUESTION 71
Digital signature is to achieve the integrity of data transmission by using a hash algorithm to generate digital fingerprints.
- A. True
- B. False
Answer: A
NEW QUESTION 72
Which of the following are the key features of the state inspection firewall include?
- A. The processing speed is slow
- B. Can only detect network layer
- C. Follow-up packet processing performance is excellent
- D. Do the packet filtering detection to each packet
Answer: C
NEW QUESTION 73
......
Certification dumps - HCNA-Security H12-711 guides - 100% valid: https://www.dumpsvalid.com/H12-711-still-valid-exam.html