Pass4sure offers free demo for H12-711 exam. "HCNA-Security - CBSN (Constructing Basic Security Network)", also known as H12-711 exam, is a HUAWEI Certification. This set of posts, Passing the HUAWEI H12-711 exam, will help you answer those questions. The H12-711 Questions & Answers covers all the knowledge points of the real exam. 100% real HUAWEI H12-711 exams and revised by experts!

Free demo questions for HUAWEI H12-711 Exam Dumps Below:

NEW QUESTION 1
The preservation of electronicevidence is directly related to the legal effect of evidence, and it is in conformity with the preservation of legal procedures, and its authenticity and reliability are guaranteed. Which of the following is not an evidence preservation technique?

  • A. Encryption technology
  • B. Digital certificate technology
  • C. Digital signature technology
  • D. Packet tag tracking technology

Answer: D

NEW QUESTION 2
Which of the following are correct regarding the matching conditions of the security policy? (Multiple choice)

  • A. 'The source security zone' is an optional parameter in the matehing condition.
  • B. "Time period"in the matching condition is an optional parameter
  • C. "Apply" in the matching condition is an optional parameter
  • D. "Service" is an optional parameter in the matching condition

Answer: ABCD

NEW QUESTION 3
Regarding the firewall security policy, which of the following options are wrong?

  • A. If the security policy is permit, the discarded message will not accumulate the number of hits.
  • B. When configuring the security policy name, you cannot reuse the samename.
  • C. Adjust the order of security policies without saving the configuration file.
  • D. The number of security policy entries of Huawei USG series firewalls cannot exceed 128.

Answer: A

NEW QUESTION 4
Which ofthe following are the standard port numbers for the FTP protocol? (Multiple choice)

  • A. 20
  • B. 21
  • C. 23
  • D. 80

Answer: AB

NEW QUESTION 5
ASPF (Application Specific Packet Filter) is a kind of packet filtering basedon the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol. ASPF by Server Map table achieves a special security mechanism. Which statement about ASPF and Server map table are correct? (Multiple choice)

  • A. ASPF monitors the packets in the process of communication
  • B. ASPF dynamically create and delete filtering rules
  • C. ASPF through server map table realize dynamic to allow multi-channel protocol data to pass
  • D. Quintupleserver-map entries achieve a similar functionality with session table

Answer: ABC

NEW QUESTION 6
In the construction of information security system, the security model is needed to accurately describe the relationship between important aspects of security and system behavior

  • A. True
  • B. False

Answer: B

NEW QUESTION 7
Which of the following operations are necessary during theadministrator upgrade of the USG firewall software version? (Multiple Choice)

  • A. Upload the firewall version software
  • B. Restart the device
  • C. Device factory reset
  • D. Specify the next time you start loading the software version.

Answer: ABD

NEW QUESTION 8
Which of the following is not part of adigital certificate?

  • A. Public key
  • B. Private key
  • C. Validity period
  • D. Issuer

Answer: B

NEW QUESTION 9
When the firewall hard disk is in place, which of the following is correct description for the firewall log?

  • A. The administrator can advertise the content log to view the detection and defense records of network threats.
  • B. The administrator can use the threat logto understand the user's security risk behavior and the reason for being alarmed or blocked.
  • C. The administrator knows the user's behavior, the keywords explored, and the effectiveness of the audit policy configuration through the user activity log.
  • D. The administrator can learn the security policy of the traffic hit through the policy hit lo
  • E. And use it for fault location when the problem occurs.

Answer: D

NEW QUESTION 10
In o der to obtain evidence of crime, it is necessary to master the technology ofintrusion tracking Which of the following descriptions are correct about the tracking technology? (Multiple Choice)

  • A. Packet Recording Technology marks packets on each passing router by inserting trace data into the tracked IP packets
  • B. Link test technology determines the source of the attack by testing the network link between the routers
  • C. Packet tagging technology extracts information from attack sources by recording packets on the routerand then using data drilling techniques
  • D. Snallow mail behavior analysis can analyze the information such as sending IF address, sending time, sending frequency, number of recipients, shallow email heacers and so on.

Answer: ABD

NEW QUESTION 11
Which of the following description are correct about the security policy action and security configuration file? (Multiple Choice)

  • A. If the action of the security policy is 'prohibited’, the device will discard this traffic and will not perform content security check later.
  • B. The security configuration file can be applied without being applied to the security policy allowed by the action
  • C. The security configuration file must be applied to the security policy that is allowed to take effect.
  • D. If the security policy action is "Allow", the traffic will not match the security configuration file.

Answer: AC

NEW QUESTION 12
Which of the following is the port number used by L2TP packets?

  • A. 17
  • B. 500
  • C. 1701
  • D. 4500

Answer: C

NEW QUESTION 13
Security technology has different methods at different technical levels and areas. Which of the following devices can be used for network layer security protection? (Multiple choice)

  • A. Vulnerability scanning device
  • B. Firewall
  • C. Anti-DDoS device
  • D. IPS/IDS device

Answer: BCD

NEW QUESTION 14
Which of the following options belong to theencapsulation mode supported by IPSec VPN? (Multiple Choice)

  • A. AH mode
  • B. Tunnel mode
  • C. Transmission mode
  • D. ESP mode

Answer: BC

NEW QUESTION 15
Regarding the firewall security policy, which of the following options is wrong?

  • A. If the security policy is permit, the discarded message will not accumulate the number of hits.
  • B. When configuring the security policy name, you cannot reuse the same name
  • C. Adjust the order of security policies with immediate effect, no need to save the configuration file.
  • D. H
  • E. Huawei’s USG series firewalls cannot have more than 128 security policy entries.

Answer: A

NEW QUESTION 16
In IPSEC VPN. Which of the following scenarios can be applied by tunnel mode?

  • A. between the host and the host
  • B. between hosts and security gateways
  • C. between security gateways
  • D. Between tunnel mode and transport mode

Answer: C

NEW QUESTION 17
Encryption technology can transform readable information into unreadable information in a certain way

  • A. True
  • B. False

Answer: A

NEW QUESTION 18
Which configuration is correct to implement NAT ALG function?

  • A. nat alg protocol
  • B. alg protocol
  • C. nat protocol
  • D. detect protocol

Answer: D

NEW QUESTION 19
The Protocol field in the IP header identifies the protocol used by the upper layer. Which of the following field values indicates that the upper layer protocol is UDP protocol?

  • A. 6
  • B. 17
  • C. 11
  • D. 18

Answer: B

NEW QUESTION 20
During the configuration of NAT. which of the following will the devicegenerate a Server-map entry? (Multiple Choice)?

  • A. Automatically generate server-map entries when configuring source NAT.
  • B. After the NAT server is configured successfully, the device automatically generates a server map entry.
  • C. A server-map entry is generated when easy-ip is configured.
  • D. After configuring NAT No-PAT, the device will create a server-map table for the configured multi-channel protocol data stream.

Answer: BD

NEW QUESTION 21
When Firewall does dual-system hot backup networking, in order to achieve the overall status of the backup group switching, which of the following protocol technology need to be used?

  • A. VRRP
  • B. VGMP
  • C. HRP
  • D. OSPF

Answer: B

NEW QUESTION 22
Which of the following protection levels are included in the TCSEC standard? (Multiple Choice)

  • A. Verify protection level
  • B. Forced protection level
  • C. Independent protection level
  • D. Passive protection level

Answer: ABC

NEW QUESTION 23
Using a computer to store information about criminal activity is not a comouter crime

  • A. True
  • B. False

Answer: B

NEW QUESTION 24
In practical applications, asymmetric encryption is mainly used to encrypt user data

  • A. True
  • B. False

Answer: B

NEW QUESTION 25
After the firewall uses the hrp standby config enable command to enable the standby device configuration function, all the information that can be backed up can bedirectly configured on the standby device, and the configuration on the standby device can be synchronized to the active device.

  • A. True
  • B. False

Answer: A

NEW QUESTION 26
When establishing their own information systems, companies check each operation according to internationally established authoritative standards and can check whether their information systems are safe

  • A. True
  • B. False

Answer: A

NEW QUESTION 27
IPS (Intrusion Prevention System) is a defense system that can block in real time when intrusion is discovered

  • A. True
  • B. False

Answer: A

NEW QUESTION 28
About thecontents of HRP standby configuration consistency check, which of the following is not included?

  • A. NAT policy
  • B. If the heartbeat interface with the same serial number configured
  • C. Next hop and outbound interface of static route
  • D. Certification strategy

Answer: C

NEW QUESTION 29
HTTP packets are carried by UDP. and the HTTPS protocol is based on TCP three-way handshake. Therefore. HTTPS is relatively secure, and HTTPS is recommended.

  • A. True
  • B. False

Answer: B

NEW QUESTION 30
Which of the following is used to encrypt digital fingerprints in digital signature technology?

  • A. sender public key
  • B. sender private key
  • C. Receiver public key
  • D. Receiver private key

Answer: B

NEW QUESTION 31
......

100% Valid and Newest Version H12-711 Questions & Answers shared by Certshared, Get Full Dumps HERE: https://www.certshared.com/exam/H12-711/ (New 294 Q&As)