H12-711_V4.0 Sample Questions Answers

The network environment is becoming more and more complex, and network security incidents occur frequently. While accelerating the construction of informatization, enterprises must not only resist external attacks, but also prevent internal management personnel from being involved in data leakage and operation and maintenance accidents due to operational errors and other issues. Which of the following options might reduce operational risk?

When IPSec VPN uses tunnel mode to encapsulate packets, which of the following is not within the encryption scope of the ESP security protocol? ( )[Multiple choice]*

What is the protocol number of the GRE protocol?

In the authentication policy of the firewall, _____ allows the user to not need to enter the user name and password, but can obtain the corresponding relationship between the user and the IP, so as to carry out policy management based on the user[fill in the blank]*

Which of the following protocols is a file transfer protocol?

IPSec VPN uses an asymmetric algorithm to calculate the ___ key to encrypt data packets.[fill in the blank]

Drag the phases of the cybersecurity emergency response on the left into the box on the right, and arrange them from top to bottom in the order of execution. 1. Inhibition stage, 2. recovery phase, 3. Detection stage, 4. eradication phase[fill in the blank]*

What is correct about the following description of device management in the operating system?

Which layer of the protocol stack does SSL provide end-to-end encrypted transmission services?

Which of the following descriptions of single sign-on is correct?

Which of the following is the correct sequence for incident response management

1. Detection 2 Report 3 Mitigation 4 Lessons learned 5 Fix 6 Recovery 7 Response

Which of the following NAT technologies can implement a public network address to provide source address translation for multiple private network addresses ( )*

Please order the following steps in the PKI life cycle correctly, 1. Issued, 2. storage, 3. Update, 4. verify[fill in the blank]*

A Web server is deployed in an enterprise intranet to provide Web access services to Internet users, and in order to protect the access security of the server, it should be divided into the _____ area of the firewall.

Among the various aspects of the risk assessment of IS027001, which of the following does not belong to the system design and release process?

Data monitoring can be divided into two types: active analysis and passive acquisition.

Under normal circumstances, the Emai1 protocols we often talk about include ____, POP3, and SMTP.[fill in the blank]*

Please match the following information security risks to information security incidents one by one.[fill in the blank]*

physical security riskEnterprise server permissions are loosely set

Information Security Management RiskInfected Panda Burning Incense

Information Access RiskFire destroyed equipment in computer room

application riskTalk to people about leaking company secrets

The following description of the AH protocol in IPSec VPN, which one is wrong?

In the Linux system, which of the following is the command to query the P address information? ( )[Multiple choice]*

IKE SA is a one-way logical connection, and only one IKE SA needs to be established between two peers.

What is correct in the following description of Security Alliance in IPSec?

There are two ways to set up an IPSec SA

Huawei Firewall only supports the inter-domain persistent connection function for TCP packets.

In the automatic backup mode of hot standby on the second machine, which of the following sessions is backed up?