Huawei

H12-711

Huawei Certified ICT

Associate - Security
(HCIA-SECURITY
v3.0)
Version: Demo
Web: www.exams4sure.com
[ Total Questions: 10]
Email: support@exams4sure.com
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at feedback@exams4sure.com

Support
If you have any questions about our product, please provide the following items:

exam code
screenshot of the question
login id/email

please contact us at support@exams4sure.com and our technical experts will provide support within 24 hours.

Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Practice Exam Huawei - H12-711

Question #:1

Which of the following statement is wong about L2TP VPN?

A. Applicable to business employees dialing access to the intranet

B. Will not encrypt the data

C. Can be used in conjunction with IPsec VPN

D. Belongs to Layer 3 VPN technology

Answer: D

Question #:2

In the currentnetwork it has deployed other authentication system, device registration function by enabling a
single point, reducing the user to re-enter the password. What are correct about single sign-on statements?
(Multiple choice)

A. Device can identify the user through the authentication of the identity authentication system, user
access, the device will not pis authentication pages, to avoid further asked to enter a username /
password

B. AD domain single sign-on is only one depbyment model

C. Although not requireto enter a user password, but the authentication server needs to interact with the
user password and devices used to ensure that certification through discussion

D. AD domain single sign-on login can be minored data stream synchronized manner to the firewall

Answer: A D

Question #:3

Which of the following attacks does not belong to special packet attack?

A. ICMP redirect packet attack

B. ICMP unreachable packet attack

C. IP address scanning attack

D. Large ICMP packet attack

Answer: C

Leaders in it certification 1 of 4
Practice Exam Huawei - H12-711

Question #:4

Common scanning attacks include: port scanning tools, vulnerability scanning tools, application scanning
tools, database scanning tools, etc

A. True

B. False

Answer: A

Question #:5

Which of the followingdescription about the VGMP protocol is wrong?

A. VGMP add multiple VRRP backup groups on the same firewall to a management group, uniformly
manage all the VRRP group by management group.

B. VGMP ensure that all VRRP backup groups state are the same througha unified control of the switching
of each VRRP backup group state

C. State of VGMP group is active, which will periodically send HELLO packets to the opposite end.
Stdandby end only monitors the HELLO packets, which will not respond

D. By default, when three HELLO packet cycle of Standby end does not receive HELLO packets which are
sent from the opposite end, the opposite end will be considered a failure, which will switch itself to the
Active state

Answer: C

Question #:6

Security technology has different methods at different technical levels and areas. Which of the following
devices can be used for network layer security protection? (Multiple choice)

A. Vulnerability scanning device

B. Firewall

C. Anti-DDoS device

D. IPS/IDS device

Answer: B C D

Question #:7

In the USG series firewall system view, the device configuration will be restored to the default configuration

Leaders in it certification 2 of 4
Practice Exam Huawei - H12-711

after the reset saved-configuration command is executed. No other operations are required

A. True

B. False

Answer: B

Question #:8

Which of the following is not part of adigital certificate?

A. Public key

B. Private key

C. Validity period

D. Issuer

Answer: B

Question #:9

When the firewall hard disk is in place, which of the following is correct description for the firewall log?

A. The administrator can advertise the content log to view the detection and defense records of network
threats.

B. The administrator can use the threat logto understand the user's security risk behavior and the reason for
being alarmed or blocked.

C. The administrator knows the user's behavior, the keywords explored, and the effectiveness of the audit
policy configuration through the user activity log.

D. The administrator can learn the security policy of the traffic hit through the policy hit log. And use it for
fault location when the problem occurs.

Answer: D

Question #:10

About the descriptions of windows Firewall Advanced Settings, which of the following is wrong? (Multiple
choice)

A. When setting the stacking rule, only the local port can be restricted, and the remote port cannot be
restricted,

B.

Leaders in it certification 3 of 4
Practice Exam Huawei - H12-711

B. When setting the stacking rule, both the local port and the remote port can be restricted.

C. When setting the pop-up rule, only the local port can be restricted, and the remote port cannot be
restricted,

D. When setting the pop-up rule, both local ports and remote ports can be restricted.

Answer: B D

Leaders in it certification 4 of 4
About Exams4sure.com
Exams4sure.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.

We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.

View list of all certification exams: All vendors

We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.

Sales: sales@exams4sure.com
Feedback: feedback@exams4sure.com
Support: support@exams4sure.com

Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.