Huawei h12-711 practice test

HCIA Security V3.0 Exam

Last exam update: Jun 09 ,2024
Page 1 out of 34. Viewing questions 1-15 out of 503

Question 1

The SIP protocol uses the SDP message to establish a session, and the SDP message contains the
remote address or multicast address

  • A. True
  • B. False
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%

Explanation:

Discussions
vote your answer:
A
B
0 / 1000

Question 2

Digital envelope technology means that the sender uses the receiver's public key to encrypt the data
and then sends the ciphertext to the receiver.

  • A. True
  • B. False
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%

Discussions
vote your answer:
A
B
0 / 1000

Question 3

After the firewall detects a virus, which of the following will release the virus?

  • A. Hit apply exception
  • B. Not a protocol supported by the firewall
  • C. The source IP hits the whitelist
  • D. Hit virus exception
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

How many IPSec SAs need to be established to encapsulate P packets using the AH+ESP protocol?

  • A. 2
  • B. 1
  • C. 4
  • D. 3
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which of the following VPNs cannot be used in site-to-Site scenarios?

  • A. SSL VPN
  • B. L2TP VPN
  • C. IPSec VPN
  • D. GRE VPN
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

IPv6 supports configuring the router authorization function on the device, verifying the identity of
the peer through digital certificates, and selecting legal devices.

  • A. True
  • B. False
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%

Discussions
vote your answer:
A
B
0 / 1000

Question 7

An employee of a company accesses the internal web server of the company through the firewall.
The web page of the website can be opened by using a browser, but the reachability of the web
server is tested by using the Ping command, and it shows that it is unreachable. What are the
possible reasons?

  • A. The security policy deployed on the firewall allows the TCP protocol, but not the ICMP protocol
  • B. The web server is down
  • C. The security policy deployed on the firewall allows the HTTP protocol, but not the ICMP protocol
  • D. The interface of the firewall connecting to the server is not added to the security zone
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following descriptions about digital fingerprints in digital signatures is wrong?

  • A. The receiver needs to use the sender's public key to unlock the digital signature to obtain the digital fingerprint.
  • B. It is the data obtained by the sender after calculating the plaintext information through the HASH algorithm.
  • C. The receiver will use the sender's public key to calculate the generated data fingerprint and compare it with the received digital fingerprint.
  • D. Digital fingerprints are also known as information digests.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which of the following SSLVPN functions can and can only access all TCP resources?

  • A. Network expansion
  • B. Port Forwarding
  • C. web proxy
  • D. file sharing
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

When the company network administrator configures dual-system hot backup, (fill in the blank)
configure the status of VRRP backup group l as Active, and configure the virtual IP address as
10.1.1.1/24
<sysname>system-view
[sysname] interface GigabitEthernet 0/0/1
[sysname-GigabitEthernet0/0/l] ( ), the command to be typed in the blank is (please fill in the
complete command in all lowercase)

Mark Question:
Answer:

vrrp d 1
virtual-ip 10.1.1.1
active


Discussions
0 / 1000

Question 11

To configure a NAT policy in command line mode, you need to use the .command ( ) in the system
view to enter the NAT policy configuration view. (all lowercase) (fill in the blank)

Mark Question:
Answer:

nat-policy

User Votes:

Discussions
vote your answer:
0 / 1000

Question 12

( ) means that the computer system has defects and deficiencies in the specific matters of hardware,
software, protocols or system security policies. (Chinese Standard Terminology) (fill in the blank)

Mark Question:
Answer:

Vulnerability

User Votes:

Discussions
vote your answer:
0 / 1000

Question 13

Multiple different ( ) cannot be added to the same interface on the firewall at the same time (fill in
the blank)

Mark Question:
Answer:

Safe area

User Votes:

Discussions
vote your answer:
0 / 1000

Question 14

In USG6000E, the initial priority of VGMP is ( ) (fill in the blank)

Mark Question:
Answer:

45000

User Votes:

Discussions
vote your answer:
0 / 1000

Question 15

( ) is an "indirect intrusion attack. This attack mode is to virtually place a computer controlled by an
intruder between two communicating computers in a network connection through various technical
means. (fill in the blank)

Mark Question:
Answer:

Man-in-the-
middle attack


Discussions
0 / 1000
To page 2