The HCNA-Security-CBSN exam covers network security basis, firewall basis such as package filter, NAT, etc. and VPN technologies such as IPSec, SSL etc., as well as their implementation in Huawei firewall products, firewall user management technology, UTM technology and implementation, and also terminal security with security policy configurations.
How to use our Huawei H12-711-ENU zip file easily?
When you download Huawei H12-711-ENU HCNA-Security-CBSN zip file successfully. You will find the following three: "www" folder, dumpsbase.exe and the other one file in the zip. file. Click dumpsbase.exe and run it.
Please Kindly Note:
1. Keep the two files and one folder in the same location. Do Not move any of them to anywhere. And in the directory, there should be no other files but only these three.
2. Make sure your task bar must be located at the bottom of your screen (not the side of your screen)
3. Not available on mac OS, only available on Windows OS. If you are mac OS please contact [email protected] .
Dumpsbase only provide you Huawei H12-711-ENU HCNA-Security-CBSN exam in SOFT format. We don't offer you Huawei H12-711-ENU PDF file.
Question No : 1
Symmetric encryption algorithm encryption key and decryption key are the same, asymmetric encryption algorithm encryption key and decryption key are not the same. IPsec in business data encryption and decryption use symmetric encryption algorithm.
Question No : 2
SVN products extend the network function, the need to implement the user can only access the remote enterprise Intranet, cannot access to the local LAN and the Internet, you need to use the client routing is:
A. Full Tunnel
B. Split Tunnel
C. Route Tunnel
D. Manual Tunnel
Question No : 3
Which statement about L2TP message is wrong ?
A. L2TP attached on PPP for account authentication
B. control message can only be used for the establishment of the tunnel and session connection, maintenance, and transmission control
C. Data messages can only be used to encapsulate PPP frame and transmission in tunnels
D. Control messages and data messages can provide flow control and congestion control functions
Question No : 4
General in the company or organization can sometimes have such kind of user, they are not employees, they only visit the company temporarily, need to use the company network to the Internet, they don't have their own account,can't be authenticated, but the equipment will control their network privileges. User management for these users, support automatically created for its corresponding casual users, and use its IP address as the user name.
Administrator user management in planning, this type of user authentication generally be divided into:
A. no authentication
B. Single-point authentication
C. password authentication
D. temporary authentication
Question No : 5
Which of the following components are terminal security system mainly composed of ? ( multiple choice)
A. Anti-virus server
B. SC control server
C. Access control equipment
D. SM management server
Question No : 6
Which of the following items does the five elements of terminal security system not include?
A. Identity authentication
B. Business isolation
C. Safety certification
D. Business authorization
Question No : 7
Which of the following does not belong to UTM (Unified Threat Management) function?
A. IPS intrusion defense
B. Internet behavior management
C. Terminal security management
D. AV gateway anti-virus
Question No : 8
Precedence relation between firewall strategy of IPS signature filter, in the same IPS strategy, small number of signature filter is greater than number of signatures filter of high priority.
Question No : 9
Which of the following options is AH protocol number ?
Question No : 10
Take the initiative to attack the most important feature is to listen information, to obtain confidential information, while the data owner or legitimate user, this kind of activities can not know.
Question No : 11
To establish TCP connection between client A and server B, in the three-way handshake, B sent A SYN + ACK (seq=b £¬ ack=a+1), which of the following statements are correct?
A. the packet is to confirm the SYN packet of series number b
B. the packet is to confirm the SYN packet of serial number a+1
C. B next wish to receive an ACK packet series number of B
D. B next wish to receive an ACK packet series number of a+1
Question No : 12
Typical remote authentication mode are :( multiple choice)
Question No : 13
The attacker by sending ICMP response request, and will request packet destination address set to suffer Internet radio address.
Which kind of attack does this behavior belong to?
A. IP spoofing attack
B. Smurf attack
C. ICMP redirect attack
D. SYN flood attack
Question No : 14
In IPsec VPN configuration if you use pre-shared key way to verify, you can choose whether to configure the secret key for the opposite end, but if you configured the secret key, the secret key must be the same on both sides.
Question No : 15
How to view the matching number of security policy?
A. display firewall sesstion table
B. display security policy all
C. display security-policy count
D. count security policy hit
Question No : 16
When you configure source NAT strategy, the configuration of destination area can be used to replace configuration flow outbound interface information .
Question No : 17
ASPF (Application Specific Packet Filter) is a kind of packet filtering based on the application layer, it checks the application layer protocol information and monitor the connection state of the application layer protocol. ASPF by Server Map table achieves a special security mechanism.
Which statement about ASPF and Server map table are correct? (Multiple choice)
A. ASPF monitors the packets in the process of communication
B. ASPF dynamically create and delete filtering rules
C. ASPF through server map table realize dynamic to allow multi-channel protocol data to pass
D. quintuple server-map entries achieve a similar functionality with session table
Question No : 18
In USG series firewall, use non-well-known port provides well-known application service, can adopt the following techniques:
A. port mapping
B. the MAC and IP address binding
C. packet filter
D. long connection
Question No : 19
In VRRP (Virtual Router Redundancy Protocol), the master router periodically sends notification message(HELLO) to the backup router, the backup router is only responsible for monitoring notification message, not to respond.
Question No : 20
SA uniquely identified by a triplet, which of the following does not belong to the SA triplet?
A. security protocol
B. source IP address
C. destination IP address
D. Security parameters index
20 Jun, 2018 11:58am
I passed H12-711-ENU exam with such a high score.
19 Jun, 2018 2:29pm
Now i will be one of your loyal customers.
18 Jun, 2018 1:53pm
Will come to your site again.
17 Jun, 2018 12:03pm
Exactly the same as the actual exam.
17 Jun, 2018 3:34am
You are my big helper.
16 Jun, 2018 8:10am
I never think that I can achieve this, but I do it.
13 Jun, 2018 9:49pm
I failed once but luckily you sent the updated version to me before i took twice.
11 May, 2018 10:35pm
I really appreciate your assistance to send me the update version H12-711 questions you have. Because of my job, i need to pass exam in June.
11 May, 2018 9:34pm
hello. thanks for Huawei HCNA-Security H12-711-enu dumps, I passed my exam.
11 May, 2018 9:20pm
Hello Please send me the latest dumps for the Huawei HCNA-Security H12-711. I have exam in two weeks. thanks in a million.
11 May, 2018 8:35pm
Passed Huawei H12-711-enu exam test today with 932/1000! Thank you so much.
11 May, 2018 6:31pm
I Pass HCNA Security H12-711 exam with 930/1000. your version is valid and all the question from it, but not all the answers are right! Anyway you can still pass it and that the important thing.best wishes.
11 May, 2018 6:31pm
I passed H12-711-ENU exam with 912/1000
HCNA-Security H12-711 exam questions are 100% valid. Best of Luck guys who is preparing the Exam.Thanks All.
02 May, 2018 7:04pm
H12-711 dumps is still valid passed today 940. Thanks for your site service.
Some similar or invalid comments have been hidden.