Getting knowledge of the Huawei H12-711 exam structure and question format is vital in preparing for the Huawei Certified ICT Associate-Security certification exam. Our Huawei HCIA-Security sample questions offer you information regarding the question types and level of difficulty you will face in the real exam. The benefit of using these Huawei H12-711 sample questions is that you will get to check your preparation level or enhance your knowledge by learning the unknown questions. You will also get a clear idea of the exam environment and exam pattern you will face in the actual exam with the Huawei Certified ICT Associate-Security Sample Practice Test. Therefore, solve the Huawei HCIA-Security sample questions to stay one step forward in grabbing the Huawei Certified ICT Associate-Security credential.
These Huawei H12-711 sample questions are simple and basic questions similar to the actual Huawei HCIA-Security questions. If you want to evaluate your preparation level, we suggest taking our Huawei Certified ICT Associate-Security Premium Practice Test. You might face difficulties while solving the real-exam-like questions. But, you can work hard and build your confidence on the syllabus topics through unlimited practice attempts.
Huawei H12-711 Sample Questions:
01. Which of the following is an "information sabotage incident" in the classification of network security incidents?
a) Software and hardware failure
b) Information counterfeiting
c) Listen to Trojan attack
d) Internet Scanning for plagiarism
02. DDosWhich of the following attack types is an attack?
a) special packet attack
b) Malformed Packet Attack
c) traffic attack
d) snooping scan attack
03. When configuring security policies, you can control traffic based on the user's______.
a) Services and Apps
b) MAC Address
c) VLAN Tag
d) DNS Entries
04. Regarding the firewall security strategy, which of the following is wrong?
a) If the security policy is Permit, the discarded message will not be accumulated "hitting"
b) Adjust the order of the security policy, do not need to save the configuration file, take effect immediately
c) When configuring the security policy name, you cannot reuse the same name.
d) Huawei USG series firewall security strategy entry cannot exceed 128
05.What is the security level of the Untrust zone in Huawei firewalls?
a) 5
b) 20
c) 10
d) 15
06. ( ) means that the computer system has defects and deficiencies in the specific matters of hardware, software, protocols or system security policies.
a) Threat
b) Protocol
c) Encryption
d) Vulnerability
07. Clients in the Trust zone of the firewall can log in to the FTP server in the Untrust zone, but cannot download files. Which of the following methods can solve the problem?
(Multiple Choice)
a) When the FTP working mode is port mode, modify the security policy action from Trust to Untrust zone to allow
b) Release 21 port number between Trust and Untrust
c) When FTP working mode is Passive mode, modify the security policy action from Trust to Untrust zone to allow
d) Enable detect ftp
08. _________ Mode: Two devices, one active and one standby. Under normal circumstances, business traffic is handled by the main device. When the main equipment fails, the backup equipment takes over the main equipment to process business traffic to ensure uninterrupted business.
a) Session failover
b) Dual-system hot standby active/standby backup
c) Load balancing mode
d) Cluster mode
09. An employee of a company accesses the company's internal Web server through a firewall. The web page of the website can be opened using a browser, but the Pina command is used to test the reachability of the Web server, and it is displayed as unreachable. What is the possible reason?
a) The security policy deployed on the firewall allows the HTTP protocol, but not the ICMP protocol
b) WEB server is down
c) The security policy deployed on the firewall allows the TCP protocol, but not the ICMP protocol
d) The interface of the firewall connecting to the server is not added to the security zone
10.Terminal security access control can support?
(Choose three.)
a) SACG hardware (hardware security access control gateway)
b) 802.1X
c) ARP control
d) Software SACG (host firewall)
Answers:
|
Question: 01 Answer: b |
Question: 02 Answer: c |
Question: 03 Answer: a |
Question: 04 Answer: d |
Question: 05 Answer: a |
|
Question: 06 Answer: d |
Question: 07 Answer: c, d |
Question: 08 Answer: b |
Question: 09 Answer: c |
Question: 10 Answer: a, b, d |
Note: For any error in Huawei Certified ICT Associate-Security (H12-711) certification exam sample questions, please update us by writing an email on feedback@certfun.com.