H12-711_V4.0 Exam Questions

The world's first worm - the "Morris Worm" made people realize that as people become increasingly dependent on computers, the possibility of computer networks being attacked is als...

The proxy scanning technology of gateway anti-virus refers to simply extracting file characteristics and matching them with the local signature library through state detection tech...

SA is uniquely identified by a triplet. This triplet includes the security parameter index SPI, source IP address, and destination IP address.

Special network security incidents do not belong to the levels classified in network security incidents.

IPS supports customized intrusion prevention rules to respond to the latest threats to the greatest extent.

After the automatic backup function is enabled, both commands and status information will be periodically backed up to the backup device.

UDP port scanning means that the attacker sends a zero-byte length UDP message to a specific port of the target host. If the port is open, an ICMP port reachable data message will...

Use VGMP to uniformly manage VRRP backup groups to achieve consistent VRRP backup group status switching.

NAT Server technology maps internal server addresses to public network addresses and publishes them to the outside world.

A standard Linux system generally has a set of programs called applications, which includes text editors, programming languages, Window7, office suites, Internet tools, databases,...

Compared with asymmetric encryption algorithms, symmetric encryption algorithms have fast encryption speed and high efficiency.

The scalability of servers is higher than that of personal computers.

Information security prevention technologies include : data encryption, identity authentication, intrusion prevention, anti-virus, etc.

The European TCSEC guidelines are divided into two modules, functional and evaluation, and are mainly used in the military, government and commercial fields.

The repair of anti-virus software only needs to be able to repair some system files accidentally deleted when checking for viruses to prevent system crashes.

Because NAT technology can realize one-to-many address translation, with NAT technology, you no longer have to worry about insufficient IPv4 addresses.

In addition to supporting built-in Portal authentication, the firewall also supports custom Portal authentication. When custom Portal authentication is used, there is no need to de...

Internet user single sign-on function. Users authenticate directly to the AD server. The device does not interfere with the user authentication process. The AD monitoring service n...

Netstream can perform traffic classification statistics based on the five-tuple in IPv4 packets.

Social engineering is a means of deceiving, harming, and other harmful means through psychological traps such as psychological weaknesses, instinctive reactions, curiosity, trust,...

NAPT can map different internal addresses to the same public address to achieve many-to-one address translation.

When configuring a security policy, a security policy can reference an address set or configure multiple destination IP addresses.

IDS is usually hung on the switch to detect intrusions and avoid single points of failure affecting the normal operation of the network.

If there are actual changes to the company structure, the feasibility of the business continuity plan needs to be retested

The log of the application system is mainly a transaction log, which is used to record all transactions and the modifications made to the database by each transaction.

Intrusion prevention system (IPS, intrusion prevention system) is a defense system that can block intrusions in real time when it detects intrusions.

Being observant and skeptical can help us better identify security threats in the online world

The most common level 3 standard for classification protection includes three aspects: physical security, data security and network security.

Information security level protection is to improve the overall security level of the country, and at the same time reasonably optimize the allocation of security resources to maxi...

Equipment destruction attacks generally do not easily lead to information leakage, but usually cause interruption of network communication services.

In information security prevention, commonly used security products include firewalls, Anti-DDos devices and IPS/IDS devices

In the Client-Initiated VPN configuration, it is generally recommended to plan the address pool and the headquarters network address as different network segments. Otherwise, the p...

Host firewall is mainly used to protect the host from attacks and intrusions from the network.

Encryption technology can convert readable information into unreadable information through certain methods.

Certificates saved in ER format may or may not contain the private key.

Denial of service attacks harm the availability of information systems.

Information security level protection is the basic system for national information security work

In IPsec, data encapsulation has two modes: transmission and tunnel.

In the construction of information security system, a security model is needed to accurately describe the relationship between important aspects of security and system behavior.

In tunnel encapsulation mode. When configuring IPsec, there is no need to have a route to the destination private network segment, because the data will be re-encapsulated and the...

Fragment caching technology will always wait for the arrival of the first fragmented message, then reassemble and decrypt all the messages, and then the device will perform subsequ...

The key used for IPsec encryption can only be configured manually.

The reason why OSPF is more commonly used than RIP is that OSPF has the device authentication function and is more secure.

In PKI, RA must be bound to the CA to help reduce the pressure on the CA and enhance the security of the CA system.

WAF can precisely control and manage users' online behavior and user traffic.

Huawei NIP6000 can form an interface pair between two interfaces of the same type. Traffic entering from one interface is always forwarded through the other interface without query...

Adware is not considered a type of malicious code because it does not cause substantial harm to users.

The limitation of misuse detection technology is that it only detects suspicious behaviors in the system based on known intrusion sequences and system defect patterns, but cannot h...

In Huawei Cloud Data Center SDN network solution, USG6000V cannot protect east-west traffic between one network segment in the same VPC intranet.

The server can set or read the information contained in the cookie to maintain the state of the session between the user and the server.