H12-711_V4.0のPDF問題集で2023年04月30日最近更新された問題
H12-711_V4.0試験問題有効なH12-711_V4.0問題集PDF
華為H12-711_V4.0(HCIA-Security V4.0)認定試験は、サイバーセキュリティに関連する幅広いトピックをカバーする包括的なテストです。ネットワークセキュリティ、サイバーセキュリティ技術、セキュリティ管理、およびセキュリティオペレーションなどのトピックが含まれます。この試験は、セキュリティ脅威を特定し軽減する能力、セキュリティポリシーと手順を実装する能力、セキュアなネットワークアーキテクチャを開発する能力を持つプロフェッショナルのスキルをテストするために設計されています。認定プログラムは、エンタープライズネットワークをサイバー脅威から保護するために必要なスキルと知識を提供するために設計されています。
質問 # 37
Which of the following is not included in the Business Impact Analysis (BIA).
- A. Business priorities
- B. Incident handling priority
- C. Impact assessment
- D. Risk identification
正解:C
質問 # 38
Digital envelope technology means that the sender uses the receiver's public key to encrypt the data, and then sends the ciphertext to the receiver ( )[Multiple choice]*
- A. FALSE
- B. TRUE
正解:A
質問 # 39
The trigger modes of the built-in Portal authentication in the firewall include pre-authentication and ____ authentication[fill in the blank]*
- A. Portal
- B. session
正解:B
質問 # 40
Huawei Firewall only supports the inter-domain persistent connection function for TCP packets.
- A. FALSE
- B. TRUE
正解:A
質問 # 41
What are the correct entries in the following description of firewall security zones?
- A. Normally, the two communicating parties must exchange messages, that is, there are messages transmitted in both directions between security domains.
- B. The DMZ security zone solves the problem of server placement well, and this security area can place devices that need to provide network services to the outside world.
- C. Data flows between security domains are directional, including Inbound and Outbound.
- D. The Local zone is the highest security zone with a priority of 99.
正解:A、B、C
質問 # 42
When the Layer 2 switch receives a unicast frame and the MAC address table entry of the switch is empty, the switch discards the unicast frame.
- A. FALSE
- B. TRUE
正解:A
質問 # 43
Please classify the following security defenses into the correct classification.
正解:
解説:
質問 # 44
Drag the warning level of the network security emergency response on the left into the box on the right, and arrange it from top to bottom in order of severity.[fill in the blank]*
- A. 0
- B. 1
正解:A
質問 # 45
When IPSec VPN uses tunnel mode to encapsulate packets, which of the following is not within the encryption scope of the ESP security protocol? ( )[Multiple choice]*
- A. Raw IP Header
- B. TCP Header
- C. ESP Tail
- D. ESP Header
正解:D
質問 # 46
The following description of the construction of a digital certificate, which item is wrong
- A. The name of the device that issued the certificate can be different from the subject name in the issuer certificate.
- B. The simplest certificate consists of a public key, a name, and a digital signature from a certificate authority.
- C. The structure of the certificate follows the specification of the X.509 v3 version.
- D. The issuer signs the certificate information with the private key.
正解:A
質問 # 47
Which of the following is not an encryption algorithm in a VPN?
- A. AES
- B. The RIP
- C. DES
- D. 3DES
正解:B
質問 # 48
What type of ACL does ACL number 3001 correspond to?
- A. Advanced ACLs
- B. Layer 2 ACL
- C. interface ACL
- D. Basic ACL
正解:A
質問 # 49
An engineer needs to back up the firewall configuration. Now he wants to use a command to view all the current configurations of the firewall. May I ask the command he uses is ____[fill in the blank]*
- A. current-configuration
- B. display current-configuration
正解:B
質問 # 50
Among the various aspects of the risk assessment of IS027001, which of the following does not belong to the system design and release process?
- A. Determine risk disposal measures and implement rectification plans
- B. System integration and information security management system document preparation
- C. Determine risk tolerance and risk appetite
- D. Hold a summary meeting of the project in the information security management stage
正解:D
質問 # 51
ARP man-in-the-middle attacks are a type of spoofing attack technique.
- A. TRUE
- B. FALSE
正解:A
質問 # 52
Data monitoring can be divided into two types: active analysis and passive acquisition.
- A. TRUE
- B. FALSE
正解:A
質問 # 53
The network environment is becoming more and more complex, and network security incidents occur frequently. While accelerating the construction of informatization, enterprises must not only resist external attacks, but also prevent internal management personnel from being involved in data leakage and operation and maintenance accidents due to operational errors and other issues. Which of the following options might reduce operational risk?
- A. Oral Each department system is independently authenticated and uses a single static password for authentication.
- B. According to the administrator configuration, the O&M user corresponds to the background resource account, and restricts the unauthorized use of the account. mouth Based on the password security policy, the O&M security audit system automatically modifies the password of the background resource account at regular intervals.
- C. Each system is independently operated, maintained and managed, and the access process is not audited and monitored.
正解:B
質問 # 54
In the authentication policy of the firewall, _____ allows the user to not need to enter the user name and password, but can obtain the corresponding relationship between the user and the IP, so as to carry out policy management based on the user[fill in the blank]*
- A. Certification-free
- B. Certification
正解:A
質問 # 55
In the automatic backup mode of hot standby on the second machine, which of the following sessions is backed up?
- A. TCP half-connection session
- B. Self-session to the firewall
- C. ICMP session
- D. UDP first packet session
正解:C
質問 # 56
IP packets using the AH+ESP protocol? ( )[Multiple choice]*
- A. 0
- B. 1
- C. 2
- D. 3
正解:B
質問 # 57
......
H12-711_V4.0問題集合格確定させる練習には94問があります:https://www.goshiken.com/Huawei/H12-711_V4.0-mondaishu.html
H12-711_V4.0練習テスト問題解答更新された94問があります:https://drive.google.com/open?id=1i40jXsX96OYTPogO8tQeAyT_QwCrzDjI