H12-711 : HCNA-Security-CBSN (Huawei Certified Network Associate – Constructing Basic Security Network) : Part 01
H12-711
-
Which of the following can be supported by Policy Center access control? (Choose three.)
- Hardware SACG (hardware security access control gateway)
- 802.1X
- ARP control
- Software SACG (host firewall)
-
SSL VPN supported file sharing types can be divided into two kinds of SMB and NFS, SMB correspond Windows hosts, NFS correspond Linux host
- True
- False
-
Which user authentication methods can be supported by Policy Center system? (Choose three.)
- IP address authentication
- MAC address authentication
- Ordinary ID/password authentication
- LDAP authentication
-
Network administrators set up networking as follows:
LAN_A ——— (G0/0) USG_A (G0/1) ——— (G0/0) USG_B (G0/1) ————– LAN_B
USG_A divides firewall security zones, connects LAN_A areas Trust, connects USG_B area’s Untrust, according to the above description, which of the following statement is correct?
- USG_B G0/0 must join Untrust zone
- USG_B G0/0 must join the Trust zone
- USG_B G0/1 must join the Trust zone
- USG_B G0/0 can join any regional
-
In the first stage of IKE negotiation, which of the following IKE exchange mode does not provide identity protection features?
- Main Mode
- Aggressive Mode
- quick mode
- passive mode
-
Which of the following encryption algorithm, encryption and decryption keys are the same?
- DES
- RSA(1024)
- MD5
- SHA-1
-
Policy Center system can implement two dimensions’ management functions: organizational management and regional management
- True
- False
-
What does USG products business include? (Choose three.)
- Web Proxy
- Network Expansion
- Port sharing
- File Sharing
-
Which of the following components do consist of Policy Center system? (Choose three.)
- Anti-virus server
- SC control server
- Access control equipment
- SM management server
-
In IPSEC VPN, which of the following scenarios can be applied by tunnel mode?
- between the host and the host
- between hosts and security gateways
- between security gateways
- between tunnel mode and transport mode
-
Which of the following are included in the operating system patch violations level of Terminal security system? (Choose two.)
- Low
- Important
- Serious
- General
-
What does ACL 2999 belong to?
- Basic Access Control Lists
- Advanced Access Control Lists
- Access control list based on MAC address
- Time-based access control list
-
Which of the following scenarios does not support by IPSEC WEB configuration of USG6000 series firewall? (Choose two.)
- Gateway to Gateway
- Gateway Center
- Branch Gateway
- Host and Host
-
What port numbers may be used by FTP protocol? (Choose two.)
- 20
- 21
- 23
- 80
-
Some applications, such as Oracle database application, there is no data transfer for a long time, so that firewall session connection is interrupted, thus resulting in service interruption, which of the following technology can solve this problem?
- Configure a long business connection
- Configure default session aging time
- Optimization of packet filtering rules
- Turn fragment cache
-
Which of the following option belongs to DES key length?
- 56
- 64
- 128
- 192
-
Terminal security access control can support? (Choose three.)
- SACG hardware (hardware security access control gateway)
- 802.1X
- ARP control
- Software SACG (host firewall)
-
What are the main security capability of encryption service? (Choose three.)
- Confidentiality
- Integrity
- Non-repudiation
- Scalability
-
When Layer 2 switches (not configured VLAN) receiving a data frame, of no match is found in the MAC address table, it will forward the data frame to all ports (including Layer 2 switches receiving port).
- True
- False
-
How to view the matching number of security policy?
- display current-configuration
- display policy all
- display startup saved-configuration
- display device
H12-711
Subscribe
0 Comments
Newest