Improved HCIA-Security V3.0 H12-711_V3.0 Prep

NEW QUESTION 1

______ is a flaw in the specific implementation of hardware, software, protocols, or system security policies that could enable an attacker to gain unauthorized access or compromise a system.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 2

Equipment sabotage attacks are generally not easy to cause information leakage, but usually cause interruption of network communication services.

• A. True
• B. False

Answer: A

NEW QUESTION 3

Which of the following is network address port translation (NAPT) and only translate network addresses (No-PAT) difference?

• A. go throughNo-PATAfter conversion, for external network users, all packets come from the sameIPaddress
• B. No-PATOnly supports protocol port translation at the transport layer
• C. NAPTOnly supports protocol address translation at the network layer
• D. No-PATSupports protocol address translation at the network layer

Answer: D

NEW QUESTION 4

Which of the following does not belong toUSGUser authentication method in firewall?

• A. Certification-free
• B. Password authentication
• C. sign in
• D. Fingerprint authentication

Answer: D

NEW QUESTION 5

We should choose the encryption algorithm according to our own use characteristics. When we need to encrypt a large amount of data, it is recommended to use the ______ encryption algorithm to improve the encryption and decryption speed.[fill in the blank]*

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6

In USG6000E, the initial priority of VGMP is ( ) (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7

In information security prevention, commonly used security products are firewalls,Anti-DDosequipment andIPS/IDSequipment

• A. True
• B. False

Answer: A

NEW QUESTION 8

The attacker sendsICMPAnswer the request and set the destination address of the request packet as the broadcast address of the victim network. What kind of attack is this behavior?

• A. IPspoofing attack
• B. Smurfattack
• C. ICMPredirect attack
• D. SYN floodattack

Answer: B

NEW QUESTION 9

Which of the following information is encrypted during the use of digital envelopes? (multiple choice)

• A. Symmetric key
• B. User data
• C. Receiver's public key
• D. Receiver's private key

Answer: AB

NEW QUESTION 10

whenUSGWhich of the following logs can be viewed when the series firewall hard disk is in place? (multiple choice)

• A. Operation log
• B. business log
• C. Alarm information
• D. Threat log

Answer: ABCD

NEW QUESTION 11

If we do not want to generate a reverse Server Mapi entry when configuring NAT Server, we need to add a parameter when configuring NATServerE. This parameter is ( ) (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12

( ) Can block discovered network intrusions in real time. (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

Which of the following descriptions about the function of the iptables table is wrong?

• A. NAT table: The function of address translation.
• B. Raw table: Determines whether the packet is processed by the state tracking mechanism.
• C. Mangle table: modify security policy
• D. Filter table: Policy allowed or not allowed in the packet.

Answer: C

NEW QUESTION 14

Which of the following protocols can guarantee the confidentiality of data transmission? (multiple choice)

• A. Telnet
• B. SSH
• C. FTP
• D. HTTPS

Answer: BD

NEW QUESTION 15

want to implement security policy"Anti-virus function", must beLicenseactivation.

• A. True
• B. False

Answer: A

NEW QUESTION 16

HuaweiUSGfirewallVRRPThe advertisement packets are multicast packets, so each firewall in the backup group must be able to communicate directly at Layer 2.

• A. True
• B. False

Answer: A

NEW QUESTION 17

Digital envelope technology means that the sender uses the receiver's public key to encrypt the data and then sends the ciphertext to the receiver.

• A. True
• B. False

Answer: A

NEW QUESTION 18
......