Huawei H12-711_V4.0-ENU HCIA-Security V4.0 Exam Online Training

Huawei H12-711_V4.0-ENU Online Training

Question #21

Regarding the comparison between windows and linux, which of the following statements is incorrect?

A . It is difficult for newbies to get started with Linux and they need some learning and guidance.
B . Windows can be compatible with most software and play most games.
C . Linux is open source, you can do whatever you want
D . Windows is open source, you can do whatever you want

Question #22

Which of the following protocols does not belong to the protocol type that ASPF can detect?

Question #23

Compared with traditional five-tuple information, which of the following elements is a new element of next-generation firewall?

Question #24

Which of the following is true regarding firewall security policies?

A . By default, security policies can control unicast messages and broadcast messages.
B . By default, security policies can control multicast
C . By default, the security policy only controls unicast packets.
D . By default, security policies can control unicast packets, broadcast packets and multicast packets.

Question #25

Which of the following attacks is not a malformed packet attack?

Question #26

Which of the following descriptions of the VGMP protocol is incorrect?

A . VGMP adds multiple VRRP backup groups on the same firewall to a management group, and the management group manages all VRRP backup groups uniformly.
B . VGMP ensures that the status of all VRRP backup groups in the management group is consistent by uniformly controlling the status switching of each VRRP backup group.
C . The VGMP group device in the Active status will regularly send hello messages to the peer. The stdandby end is only responsible for monitoring hello messages and will not respond.
D . By default, when the standby end does not receive a hello message from the peer end within three hello message cycles, it will consider that the peer end is faulty and switch itself to the Active state.

Question #27

Regarding NAT configuration, which of the following is incorrect?

A . Configure source NAT in transparent mode. The firewall does not support easy-ip mode.
B . The IP address in the address pool can overlap with the public IP address of the NAT server.
C . When there is VoIP service in the network, there is no need to configure NAT ALG.
D . The firewall does not support NAPT conversion of ESP and AH packets.

Question #28

Regarding the difference between packet filtering firewalls and application proxy firewalls, which of the following descriptions is incorrect?

A . Applying proxy firewall can speed up intranet users’ access to commonly used websites.
B . Packet filtering firewalls are usually implemented below the transport layer, and application proxy firewalls are usually implemented above the session layer.
C . Application layer proxy firewall can provide user authentication.
D . Packet filtering firewalls do not have data forwarding capabilities and must be deployed in conjunction with routers.

Question #29

Regarding the description of vulnerability scanning, which of the following is incorrect?

A . Vulnerability scanning is a network-based technology that remotely monitors the security performance vulnerabilities of a target network or host. It can be used to conduct simulated attack experiments and security audits.
B . Vulnerability scanning is used to detect whether there are vulnerabilities in the target host system. Generally, it scans the target host for specific vulnerabilities.
C . Vulnerability scanning is a passive prevention measure that can effectively avoid hacker attacks.
D . Vulnerability scanning can be performed based on the results of ping scan and port scan

Question #30

In which of the following stages does the L2TP protocol allocate IP addresses?