New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

H12-721 Exam Dumps - Huawei Certified ICT Professional - Constructing Infrastructure of Security Network

Go to page:
Question # 25

On the USG, you need to delete sslconfig.cfg in the hda1:/ directory. Which of the following commands can complete the operation?

A.

cd hda 1:/remove sslconfig.cfg

B.

cd hda 1:/delete sslconfig.cfg

C.

cd hda 1:/rmdir sslconfig.cfg

D.

cd hda 1:/mkdir sslconfig.cfg

Full Access
Question # 26

A network is as follows: The l2tp vpn is established through the VPN Client and the USG (LNS). What are the reasons for the dialup failure?

A.

The tunnel name of the A LNS is inconsistent with the tunnel name of the client.

B.

L2TP tunnel verification failed

C.

0PPP authentication failed, the PPP authentication mode set on the client PC and LNS is inconsistent.

D.

The client PC cannot obtain the IP address assigned to it from the LNS.

Full Access
Question # 27

The server health check mechanism is enabled on the USG firewall of an enterprise to detect the running status of the back-end real server (the three servers are Server A, Server B, and Server C). When the USG fails to receive the response from Server B multiple times. When the message is received, Server B will be disabled and the traffic will be distributed to other servers according to the configured policy.

A.

TRUE

B.

FALSE

Full Access
Question # 28

The topology diagram of the BFD-bound static route is as follows: The administrator has configured the following on firewall A: [USG9000_A] bfd [USG9000_A-bfd] quit [USG9000_A] bfd aa bind peer-ip 1.1.1.2 [USG9000_A- Bfd session-aa] discriminator local 10 [USG9000_A-bfd session-aa] discriminator remote 20 [USG9000_A-bfd session-aa] commit [USG9000_A-bfd session-aa] quit What are the correct statements about this segment?

A.

command bfd aa bind peer-ip 1.1.1.2 is used to create a BFD session binding policy for detecting link status.

B.

"[USG9000_A] bfd" is incorrectly configured in this command and should be changed to [USG9000_A] bfd enable to enable BFD function.

C.

[USG9000_A-bfd session-aa] commit is optional. If no system is configured, the system will submit the BFD session log information by default.

D.

The command to bind a BFD session to a static route is also required: [USG9000_A]ip route-static 0.0.0.0 0 1.1.1.2 track bfd-session aa

Full Access
Question # 29

The topology of the BFD-bound static route is as follows: The administrator has configured the following on firewall A: [USG9000_A] bfd [USG9000_A-bfd] quit [USG9000_A] bfd aa bind peer-ip 1.1.1.2 [USG9000_A- Bfd session-aa] discriminator local 10 [USG9000_A-bfd session-aa] discriminator remote 20 Which of the following configurations can be added to the firewall to implement BFD-bound static routes?

A.

[USG9000_A-bfd session-aa] commit

B.

[USG9000_A]bfd aa bind local-ip 1.1.1.1

C.

[USG9000_A]ip route-static 0.0.0.0 0 1.1.1.2 track bfd-session aa

D.

[USG9000_A] ip route-static 0.0.0.0 0 1.1.1.2 bfd-session aa

Full Access
Question # 30

With regard to the Radius agreement, what are the following statements correct?

A.

uses the UDP protocol to transmit Radius packets.

B.

authentication and authorization port number can be 1812

C.

Encrypt the account when transferring user accounts and passwords using the Radius protocol

D.

authentication and authorization port number can be 1645

Full Access
Question # 31

The HRP technology can implement the standby firewall without any configuration information. All the configuration information is synchronized by the main firewall to the standby firewall through HRP, and the configuration information is not lost after the restart.

A.

TRUE

B.

FALSE

Full Access
Question # 32

Which of the following configurations is mandatory when the IKE peer needs to be referenced to the IPSec policy template in the divquarters-branch-based IPSec VPN network (pre-shared key + traversal NAT)?

A.

ipsec proposal

B.

exchang-mode aggressive

C.

pre-shared-key

D.

remote-address

Full Access
Go to page: