H12-711_V3.0 Exam Dumps - HCIA-Security V3.0
Which of the following options can bewindowsDo you do it in the advanced settings of the firewall? (multiple choice)
Digital certificates can be divided into local certificates,CAcertificates, root certificates, self-signed certificates, etc.
aboutTCP/IPDescription of protocol stack packet decapsulation, which of the following is correct? (multiple choice)
Regarding the firewall security policy statement, which of the following options is false?
The most common three-level standard for equal protection includes three aspects: physical security, data security and network security.
Which of the following does not belong to the block encryption algorithm in the symmetric encryption algorithm?
HTTPmessage usageUDPcarry, andHTTPSprotocol based onTCPthree-way handshake, soHTTPSSafer and more recommendedHTTPS.
The world's first worm-"Morris Worm"Make people realize that with the deepening of people's dependence on computers, the possibility of computer network being attacked is also increasing, and it is necessary to establish a sound emergency response system
Digital signature technology obtains a digital signature by encrypting which of the following data?
In the classification of information security classified protection systems, which of the following levels define if an information system is compromised. Will it cause damage to social order and public interests? ( )[Multiple Choice Questions]
Which of the following security threats are terminal security threats? (multiple choice)
There are three types of frame forwarding behaviors: flooding, ( ), and discarding. (fill in the blank)
Regarding the single sign-on supported by the firewall, which one of the following is not included?
After the company network administrator configures the dual-system hot backup, he wants to check the status of the current VGMP group, so he typed the command and displayed the following information
HRP_M
Role: active, peer: active
Running priority:45000, peer:45000
Backup channel1 usage: 30x
Stab1 e time: 1days, 13 hours, 35 minutes
Last state change information: 2020-03-22 16:01:56 HRP core state changed, old_state=normal (active), new_state=normal
(active).local priority F 4
peer_priority 45000.
Configuration:
hello interval: 1000ms
preempt: 60s
mirror configuration:off
mirror session:on
track trunk member:on
auto-sync configuration:on
auto-sync connection- status:on
adjust ospf cost:on
adjust ospfv3-cost:on
adjust bgp-cost:on
nat resource: off
Detail information on:
Gigabi tEthernet0/0/1:up
Gigabi tEthernet0/0/3:up
ospf-cost: +0
then the command he typed in the blank is[fill in the blank]*
If there is no hard disk installed on the firewall, when a network intrusion event is found, the event will be recorded in the () log. (fill in the blank)
What are the correct options for the following description of the basic concepts of LDAP?
Which of the following SSLVPN functions can and can only access all TCP resources?
Which of the following options is not a communication electronic evidence?
After an engineer completes the source NAT configuration, the internal network still cannot access the external network. The engineer wants to query the detailed information of the address translation by using the command to query the session table, so the engineer directly uses the ( ) command in the user view to query the address translation. information. (fill in the blank)
Which of the following descriptions about the main implementation of single sign-on is wrong? ( )[Multiple choice]*
There are two ways for a PKI entity to apply for a local certificate from a CA: ( ). (fill in the blank)
Which of the following VPNs cannot be used in a Site to-Site scenario? ( )[Multiple choice]*
Under normal circumstances, the Emai1 protocols we often talk about include ____, POP3, and SMTP.[fill in the blank]*
Heartbeat message (He11o message): The two FWs send heartbeat messages to each other periodically (the default period is ( ) seconds) to check whether the peer device is alive. (fill in the blank)
existUSGIn the series firewalls, which of the following commands can be used to queryNATconversion result?
The preservation of electronic evidence is directly related to the legal validity of the evidence, and the authenticity and reliability of the preservation in compliance with legal procedures can be guaranteed. Which of the following is not an evidence preservation technique?
Which of the following information is encrypted during the use of digital envelopes? (multiple choice)
againstIPspoofing attack (IP Spoofing), which of the following is an error?
When dual-system hot backup is deployed on the firewall,VRRPWhich of the following protocols should be used to switch the overall status of a backup group?
Digital envelope technology means that the sender uses the receiver's public key to encrypt the data, and then sends the ciphertext to the receiver ( )[Multiple choice]*
Drag the warning level of the network security emergency response on the left into the box on the right, and arrange it from top to bottom in order of severity.[fill in the blank]*
Which of the following is not the default security zone of the firewall ( )[Multiple choice]*
____- The goal is to provide a rapid, composed and effective response in emergency situations, thereby enhancing the ability of the business to recover immediately from a disruptive event.[fill in the blank]*
_____ is a flaw in the specific implementation of hardware, software, protocols, or system security policies that could enable an attacker to gain unauthorized access or compromise a system.[fill in the blank]*
Which of the following options belong to international organizations related to the standardization of information security? (multiple choice)
at HuaweiSDSecIn the solution, which of the following is an analysis layer device?
Which of the following statements about electronic evidence sources is false?
Which of the following is network address port translation (NAPT) and only translate network addresses (No-PAT) difference?
Execute the command on the firewall and display the above information. Which of the following descriptions is correct? (multiple choice)
Digital signature is to generate digital fingerprint by using hash algorithm, so as to ensure the integrity of data transmission
existUSGConfiguration on the series firewallNAT Server, will produceserver-mapTable, which of the following is not part of this representation?
firewallGE1/0/1andGE1/0/2mouth belongs toDMZarea, if you want to implementGE1/0/1The connected area is accessibleGE1/0/2Connected area, which of the following is correct?
On the surface, threats such as viruses, loopholes, and Trojan horses are the causes of information security incidents, but at the root, information security incidents are also closely related to people and the information system itself.
Which of the following is true about the security policy configuration command?
The firewall is divided according to the protection object,windowsfirewall belongs to— ?
aboutHRPWhich of the following options is not included in the content of the master/slave configuration consistency check?
some applications such asOracleFor database applications, the firewall session connection is interrupted due to no data flow transmission for a long time, resulting in service interruption. Which of the following is the optimal solution?
Firewall in addition to supporting built-inPortalIn addition to authentication, it also supports customizationPortalauthentication, when using customPortalDuring authentication, there is no need to deploy externalPortalserver.
HuaweiUSGfirewallVRRPThe advertisement packets are multicast packets, so each firewall in the backup group must be able to communicate directly at Layer 2.
In the process of digital signature, which of the following is mainly carried outHASHAlgorithms thereby verifying the integrity of data transmissions?
Which of the following is not a common application scenario of digital certificates? ( )[Multiple choice]*
Use the Ping command on the firewall to test the reachability to the server (the security zone where the server is located is the DMZ). If a security policy is configured to allow the test traffic, the source security zone is _____.[fill in the blank]*
Control actions of firewall inter-domain forwarding security policypermitanddeny, which of the following options are correct? (multiple choice)
According to the management specification, regularly check the network security system and equipment, upgrade the patch, and organize the network security emergency response drill. The above actions belong toMPDRRWhat are the elements of the network security model?
Which of the following options belong to the default security zone of Huawei Firewall? (multiple choice)
In practical applications, asymmetric encryption is mainly used to encrypt user data
In which of the following scenarios does the firewall generate the Server map table? ( )
in the administratorUSGWhich of the following operations are required during the firewall software version upgrade? (multiple choice)
Please order the following project implementation steps from project initiation.[fill in the blank]*
UDPA port scan is when an attacker sends a zero byte lengthUDPmessage to a specific port of the target host, if the port is open, it will return aICMPPort reachable data packets.
GREThe tunnel addresses at both ends of the tunnel can be configured as addresses on different network segments