Avant-garde HCIA-Security V3.0 H12-711_V3.0 Dumps Questions

NEW QUESTION 1

After a network intrusion event occurs, the identity of the intrusion, the source of the attack and other information are obtained according to the plan, and the intrusion behavior is blocked. The above actions belong to PDRR. What are the links in the network security model? (multiple choice)

• A. Protection link
• B. Detection link
• C. response link
• D. recovery link

Answer: BC

NEW QUESTION 2

An employee of a company accesses the internal web server of the company through the firewall, and can open the web page of the website by using a browser, but the accessibility of the web server is tested by using the Pina command, and it shows that it is unreachable. What are the possible reasons? ( )[Multiple choice]

• A. The security policy deployed on the firewall allows the TCP protocol, but not the ICMP protocol
• B. The interface of the firewall connecting to the server is not added to the security zone
• C. The security policy deployed on the firewall allows the HTTP protocol, but not the ICMP protocol
• D. WEB server is down

Answer: A

NEW QUESTION 3

In the security assessment method, the purpose of security scanning is to scan the target system with scanning analysis and assessment tools in order to find relevant vulnerabilities and prepare for attacks.

• A. True
• B. False

Answer: B

NEW QUESTION 4

Which of the following descriptions about the DNS protocol is correct?

• A. There are four types of servers in the DNS domain name resolution system: root server, top-level domain name server, recursive server and cache server.
• B. The DNS protocol port number is 53
• C. DNS protocol transport layer can use either TCP or UDP
• D. If the DNS cache server does not have the domain name resolution cache to be queried, it will directly query the top-level domain name server

Answer: ABD

NEW QUESTION 5

aboutVRRP/VGMP/HRPWhich of the following statements is correct? (multiple choice)

• A. VRRPResponsible for sending free messages during active/standby switchoverARPDirect traffic to the new master
• B. VGMPResponsible for monitoring equipment failures and controlling rapid switching of equipment
• C. HRPResponsible for data backup during dual-system hot standby operation
• D. inActivestateVGMPGroups may containStandbystateVRRPGroup

Answer: ABC

NEW QUESTION 6

After the firewall detects an intrusion, the administrator can view the intrusion log information in the firewall business log or ( ) log. (fill in the blank

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7

Regarding the firewall security policy statement, which of the following options is false?

• A. If the security policypermit, the discarded packets will not be accumulated"Hits"
• B. When configuring a security policy name, the same name cannot be reused
• C. Adjust the order of security policies without saving configuration files and take effect immediately
• D. HuaweiUSGThe number of security policy entries for the series firewall cannot exceed128strip

Answer: A

NEW QUESTION 8

at HuaweiSDSecIn the solution, which of the following is an analysis layer device?

• A. CIS
• B. Agile Controller
• C. switch
• D. Firehunter

Answer: D

NEW QUESTION 9

According to the management specification, regularly check the network security system and equipment, upgrade the patch, and organize the network security emergency response drill. The above actions belong toMPDRRWhat are the elements of the network security model?

• A. Protection link
• B. Detection link
• C. response link
• D. Management link

Answer: BC

NEW QUESTION 10

Which of the following stages has the development of information security gone through? (multiple choice)

• A. communication assurance stage
• B. Information Assurance Stage
• C. Information security stage
• D. Communication confidentiality stage

Answer: BCD

NEW QUESTION 11

As shown in the figure, nat server global202.106.1.1 inside10.10.1.1 is configured on the firewall. Which of the following is the correct configuration for interzone rules? ( )[Multiple choice]*

• A. rule name
• B. source-zone untrus
• C. destination-zone trus
• D. destination-address 202.106.1.132, action permit
• E. rule name d, source- zone untrus
• F. destination- zone trus
• G. destination- address10.l0.1.1 32, action permit
• H. rule name b, source- zone untrust, destination- zone trust, source- address10.10.1.1 32, action permit
• I. rule name b, source-zone untrust, destination-zone trust, source-address202.106.l.1 32, action permit

Answer: B

NEW QUESTION 12

Usually we divide servers into two categories: general-purpose servers and functional servers. Which of the following options meets this classification standard?

• A. By application level
• B. By use
• C. By shape
• D. By Architecture

Answer: B

NEW QUESTION 13

aboutL2TPThe sequence of the call establishment process in the corridor, which of the following descriptions is correct?
* 1. EstablishL2TPtunnel
* 2. EstablishPPPconnect
* 3. LNSAuthenticate the user
* 4. User access to intranet resources
* 5. EstablishL2TPconversation

• A. 1->2->3->5->4
• B. 1->5->3->2->4
• C. 2->1->5->3->4
• D. 2->3->1->5->4

Answer: B

NEW QUESTION 14

Personal information leakage is the destruction of the _______ characteristics of information.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 15

In information security prevention, commonly used security products are firewalls,Anti-DDosequipment andIPS/IDSequipment

• A. True
• B. False

Answer: A

NEW QUESTION 16

An engineer needs to back up the firewall configuration. Now he wants to use a command to view all the
current configurations of the firewall. May I ask the command he uses is _____ [fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 17

The company administrator uses the ping command to test the connectivity of the network. If he needs to specify the source address of the ehco-request message, what are the additional parameters he needs?

• A. -i
• B. -a
• C. -C
• D. -f

Answer: C

NEW QUESTION 18

Vulnerabilities that have not yet been discovered are0 dayVulnerability

• A. True
• B. False

Answer: B

NEW QUESTION 19
......