The Regenerate Guide To H12-711_V3.0 Preparation Labs

NEW QUESTION 1

About firewall gateways forHTTPWhich of the following statements is false about the protocol's antivirus response?

• A. When the gateway device blocksHTTPAfter connecting, push to the clientwebpage and generate log
• B. Response methods include announcement and blocking
• C. In alarm mode, the device only generates logs, which is not correct.HTTPThe files transmitted by the protocol are processed and sent out
• D. Blocking means that the device is disconnected from theHTTPserver connection and block file transfer

Answer: B

NEW QUESTION 2

In the VGMP group state, if the device's own VGMP group priority is equal to the peer device's VGMP group priority, the device's VGMP group state is ( ). (answer in letters) (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 3

In the classification of information security classified protection systems, which of the following levels define if an information system is compromised. Will it cause damage to social order and public interests? (
)[Multiple Choice Questions]

• A. The third level of security marking protection
• B. Level 4 Structural Protection
• C. Second-level system audit protection
• D. The first level of user self-protection

Answer: ABC

NEW QUESTION 4

When dual-system hot backup is deployed on the firewall,VRRPWhich of the following protocols should be used to switch the overall status of a backup group?

• A. VRRP
• B. VGMP
• C. HRP
• D. OSPF

Answer: B

NEW QUESTION 5

Understanding engineering principles belongs to ( ) the category of security awareness training in information security prevention. (fill in the blank)

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6

Which of the following protocols is not a protocol type that ASPF can detect? ( )[Multiple choice]*

• A. PPTP
• B. FTP
• C. MSTP
• D. DNS

Answer: C

NEW QUESTION 7

Which of the following attacks is not a malformed packet attack?

• A. Teardropattack
• B. Smurfattack
• C. TCPFragmentation attack
• D. ICMPUnreachable Packet Attack

Answer: D

NEW QUESTION 8

Which of the following is an encryption technique used in digital envelopes?

• A. Symmetric encryption algorithm
• B. Asymmetric encryption algorithm
• C. hash algorithm
• D. Stream Encryption Algorithm

Answer: AB

NEW QUESTION 9

An employee of a company accesses the internal web server of the company through the firewall. The web page of the website can be opened by using a browser, but the reachability of the web server is tested by using the Ping command, and it shows that it is unreachable. What are the possible reasons?

• A. The security policy deployed on the firewall allows the TCP protocol, but not the ICMP protocol
• B. The web server is down
• C. The security policy deployed on the firewall allows the HTTP protocol, but not the ICMP protocol
• D. The interface of the firewall connecting to the server is not added to the security zone

Answer: C

NEW QUESTION 10

The preservation of electronic evidence is directly related to the legal validity of the evidence, and the authenticity and reliability of the preservation in compliance with legal procedures can be guaranteed. Which of the following is not an evidence preservation technique?

• A. Encryption Technology
• B. digital certificate technology
• C. digital signature technology
• D. Packet Tag Tracking Technology

Answer: D

NEW QUESTION 11

Which of the following options is correct regarding the actions of the security policy and the description of the security profile? (multiple choice)

• A. Prohibited if the action of the security policy is"prohibit", the device will discard this traffic, and will not perform content security checks in the future.
• B. The security profile can take effect even if the action is allowed under the security policy
• C. The security profile must be applied under the security policy whose action is Allowed to take effect.
• D. If the security policy action is"allow", the traffic will not match the security profile

Answer: AC

NEW QUESTION 12

Which of the following attacks is not a special packet attack?

• A. ICMPredirected packet attack
• B. ICMPUnreachable Packet Attack
• C. IPaddress scanning attack
• D. oversizedICMPPacket attack

Answer: C

NEW QUESTION 13

HRP(Huawei Redundancy Protocol) protocol, which is used to synchronize data such as key configuration and connection status of the firewall to the standby firewall, which of the following options does not belong to the scope of synchronization?

• A. security strategy
• B. NATStrategy
• C. blacklist
• D. IPSSignature set

Answer: D

NEW QUESTION 14

existUSGseries firewall, you can use. The function provides well-known application services for non-well-known ports.

• A. Port Mapping
• B. MACandIPaddress binding
• C. packet filtering
• D. Long connection

Answer: A

NEW QUESTION 15

about Internet users andVPNIn the description of access user authentication, which of the following is false?

• A. Internet users andVPNAccess to user shared data, user attribute check (user status, account expiration time, etc.)VPNAccess takes effect
• B. The process of online users using local authentication or server authentication is basically the same.Both users are authenticated through the authentication domain, and the user triggering method is also the same.
• C. VPNAfter users access the network, they can access the network resources of the enterprise headquarters, and the firewall can control the network resources that can be accessed based on the user name
• D. VPNAfter the access user is authenticated, it will go online in the user online list at the same time

Answer: D

NEW QUESTION 16

Man-in-the-middle attacks are data security threats.

• A. True
• B. False

Answer: A

NEW QUESTION 17

Which of the following options are malicious programs? (multiple choice)

• A. Trojan horse
• B. Vulnerability
• C. worm
• D. Virus

Answer: ACD

NEW QUESTION 18
......