Latest H12-711 Pass Guaranteed Exam Dumps Certification Sample Questions
New H12-711 Test Materials & Valid H12-711 Test Engine
NEW QUESTION 127
In order to obtain evidence of crime, it is necessary to master :he technology of intrusion tracking. Which of the following descriptions are correct about thetracking technology? (Multiple Choice)
- A. Analysis of shallow mail behavior can analyze the information such as sending IP address, sending time, sending frequency, number of recipients, shallow email headers, etc.
- B. Link detection technology determines the source of the attack by testing the network connection between the routers
- C. Packet tagging technology extracts information from attack sources by recording packets on the router and then using data drilling techniques
- D. Packet Recording Technology marks packets on each router that has been spoken by inserting trace data into the tracked IP packets.
Answer: A,B,D
NEW QUESTION 128
In the USG series firewall system view, the device configuration will be restored to the default configuration after the reset saved-configuration command is executed. No other operations are required
- A. True
- B. False
Answer: B
NEW QUESTION 129
ASPF (Application Specific Packet Filter) is a packet filtering technology based on the application layer, and implements a special security mechanism through the server-map table.
Which of the following statements about the ASPF and server-map tables are correct? (Multiple Choice)
- A. ASPF dynamically allows multi-channel protocol data to pass through the server-map table.
- B. ASPF can dynamically create a server-map
- C. ASPF monitors messages during communication
- D. The quintuple server-map entry implements a similar function to the session table.
Answer: A,B,C
NEW QUESTION 130
What port numbers may be used by FTP protocol? (Choose two.)
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A,C
NEW QUESTION 131
When the session authentication mode is used to trigger the firewall's built-in Portal authentication, the user does not actively perform identity authentication, advanced service access, and device push "redirect" to the authentication page.
- A. False
- B. True
Answer: B
NEW QUESTION 132
Which of the following protection levels are included in the TCSEC standard? (Multiple Choice)
- A. Forced protection level
- B. Passive protection level
- C. Independent protection level
- D. Verify protection level
Answer: A,C,D
NEW QUESTION 133
ASPF (Application Specific Packet Filter) is a kind of packet filtering basedon the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol.
ASPF by Server Map table achieves a special security mechanism. Which statement about ASPF and Server map table are correct? (Multiple choice)
- A. ASPF through server map table realize dynamic to allow multi-channel protocol data to pass
- B. ASPF dynamically create and delete filtering rules
- C. Quintupleserver-map entries achieve a similar functionality with session table
- D. ASPF monitors the packets in the process of communication
Answer: A,B,D
NEW QUESTION 134
In practical applications, asymmetric encryption is mainly used to encrypt user data
- A. True
- B. False
Answer: B
NEW QUESTION 135
Which of the following statements are correct about Huawei routers and switches? (Multiple Choice)
- A. The router can implement some security functions, and some routers can implement more security functions by adding security boards.
- B. The switch does not have security features
- C. The main function of the router is to forward data. Sometimes the firewall may bea more suitable choice when the enterprise has security requirements.
- D. The switch has some security features, and some switches can implement more security functions by adding security boards.
Answer: A,C,D
NEW QUESTION 136
Which of the following is the encryption technology used in digital envelopes?
- A. Stream encryption algorithm
- B. Symmetric encryption algorithm
- C. Hash algorithm
- D. Asymmetric encryption algorithm
Answer: D
NEW QUESTION 137
Which of the following types of attacksdoes the DDos attack belong to?
- A. Malformed packet attack
- B. Special packet attack
- C. Traffic attack
- D. Snooping scanning attack
Answer: C
NEW QUESTION 138
Against IP Spoofing,which of the following description is wrong?
- A. An attacker would need to cisguise the source IP addresses as trusted hosts, and send the data segment with the SYN flag request for connection
- B. Af-.er IP spoofing attack is successful, the attacker can use forged any IP address to imitate legitimate hast to access to critical information
- C. IP spoofing is to use the hosts' normal trust relationship based on the IP address to launch it
Answer: B
NEW QUESTION 139
Digital certificates can be divided into local certificates, CA certificates, root certificates, and self-signed certificates according to different usage scenarios
- A. False
- B. True
Answer: B
NEW QUESTION 140
Which of the following descriptions about the patch is wrong?
- A. Patches are generally updated.
- B. No patching does not affect the operation of the system, so it is irrelevant whether to patch or not.
- C. Computer users should download and install new patches to protect their systems in a timely manner
- D. Patch is a small program made by the original authorof the software for the discovered vulnerability.
Answer: B
NEW QUESTION 141
Which of the following are part of the SSL VPN function? (Multiplechoice)
- A. Port scanning
- B. WEB rewriting
- C. File sharing
- D. User authentication
Answer: C,D
NEW QUESTION 142
When the firewall hard disk is in place, which of the following is correct description for the firewall log?
- A. The administrator knows the user's behavior, the keywords explored, and the effectiveness of the audit policy configuration through the user activity log.
- B. The administrator can use the threat logto understand the user's security risk behavior and the reason for being alarmed or blocked.
- C. The administrator can learn the security policy of the traffic hit through the policy hit log. And use it for fault location when the problem occurs.
- D. The administrator can advertise the content log to view the detection and defense records of network threats.
Answer: C
NEW QUESTION 143
In the firewall, detect ftp command to set in which mode? (Choose two.)
- A. Inter-Domain mode
- B. Interface Mode
- C. Domain Model
- D. System Model
Answer: A,C
NEW QUESTION 144
What is the difference between network address porttranslation (NAT) and conversion-only network address (No- PAT)? (Multiple Choice)
- A. After NATP conversion, for external network users, all messages are from the same IP address or several IP addresses.
- B. No-PAT supports protocol address translation at the network layer
- C. No-PAT only supports protocol address translationat the application layer.
- D. NAPT only supports protocol address translation at the network layer.
Answer: A,B
NEW QUESTION 145
......
H12-711 Sample with Accurate & Updated Questions: https://prep4sure.dumpexams.com/H12-711-vce-torrent.html