Huawei H12-721 Exam Questions Free Practice Test

Viewing page 2 out of 7 pages

Viewing questions 11-20 out of questions

Questions # 11:

When the user's SSL VPN has been successfully authenticated, the user cannot access the Web-link resource. On the Web server, view the information as follows: netstat -anp tcp With the following information, which of the following statements is correct?

Question # 11

Options:

intranet server does not open web service

virtual gateway policy configuration error

The connection between the virtual gateway and the intranet server is incorrect.

Virtual gateway and intranet server are unreachable

Expert Solution

Questions # 12:

Which of the following encryption methods does IPSec VPN use to encrypt communication traffic?

Options:

public key encryption

private key encryption

symmetric key encryption

pre-shared key encryption

Expert Solution

Questions # 13:

The interaction process of the firewall linkage NIP intrusion detection device is: 1. record the intrusion process, alarm log record; 2. NIP for attack detection; 3. reconfigure the firewall; 4 terminate the intrusion Which of the following correct interaction sequences is the same?

Options:

1 2 3 4

2 1 3 4

3 1 2 4

1 2 4 3

Expert Solution

Questions # 14:

Using the virtual firewall technology, users on the two VPNs can log in to their private VPNs through the Root VFW on the public network to directly access private network resources. What are the following statements about the characteristics of the VPN multi-instance service provided by the firewall?

Options:

security is high, VPN users access through the firewall authentication and authorization, access after access is to use a separate virtual firewall system to manage users, the resources of different VPN users are completely isolated

VPN access mode is flexible and reliable. It can support from public network to VPN, and can also support from VPN to VPN.

is easy to maintain, users can manage the entire firewall (including each virtual firewall) without a system administrator account with super user privileges.

The access control authority is strict. The firewall can control the access rights of the VPN according to the user name and password. This allows different users such as travel employees and super users (need to access different VPN resources) to have different access rights.

Expert Solution

Questions # 15:

In the abnormal traffic cleaning solution, to ensure that the attack traffic can be imported into the cleaning center for cleaning, the VRRP is implemented in Step 12 as shown in the figure. The management center adopts the following configuration: Select Configuration-->Anti-DDoS- -> "Drainage management", create a drainage task, configure the protected IP address to 10.1.3.10/32. What kind of route will the cleaning center generate after the above steps are configured?

Question # 15

Options:

destination address is the 32-bit static host routed by the attacker.

Destination address is routed by the attacker's 0-bit iEGP host

destination address is routed by the attacker's 32-bit eBGP host.

source address is the attacker's 32-bit static host route

Expert Solution

Questions # 16:

With regard to the Radius agreement, what are the following statements correct?

Options:

uses the UDP protocol to transmit Radius packets.

authentication and authorization port number can be 1812

Encrypt the account when transferring user accounts and passwords using the Radius protocol

authentication and authorization port number can be 1645

Expert Solution

Questions # 17:

134. Which of the following is the connection status data to be backed up in the HRP function?

Options:

ServerMap entry

port mapping table

dynamic blacklist

Session entry

Expert Solution

Questions # 18:

The topology diagram of the BFD-bound static route is as follows: The administrator has configured the following on firewall A: [USG9000_A] bfd [USG9000_A-bfd] quit [USG9000_A] bfd aa bind peer-ip 1.1.1.2 [USG9000_A- Bfd session-aa] discriminator local 10 [USG9000_A-bfd session-aa] discriminator remote 20 [USG9000_A-bfd session-aa] commit [USG9000_A-bfd session-aa] quit What are the correct statements about this segment?

Question # 18

Options:

command bfd aa bind peer-ip 1.1.1.2 is used to create a BFD session binding policy for detecting link status.

"[USG9000_A] bfd" is incorrectly configured in this command and should be changed to [USG9000_A] bfd enable to enable BFD function.

[USG9000_A-bfd session-aa] commit is optional. If no system is configured, the system will submit the BFD session log information by default.

The command to bind a BFD session to a static route is also required: [USG9000_A]ip route-static 0.0.0.0 0 1.1.1.2 track bfd-session aa

Expert Solution

Questions # 19:

An administrator can view the status of the device components by the following command: The status of the Slot3 board is Abnormal. What are the possible causes of the following faults?

Question # 19

Options:

This slot is not supported in this slot of device A.

interface card is damaged

The pin on the backplane or motherboard is damaged. If the incorrect board is installed, the pin is tilted.

ADSL telephone line failure

Expert Solution

Questions # 20:

After the BFD session is established, the two systems periodically send BFD control packets. If a system does not receive any packets from the peer within the detection time, the status of the BFD session is considered to be Down. Which mode of detection is this mode called BFD?

Options:

sync mode

detection mode

asynchronous mode

query mode

Expert Solution

Viewing page 2 out of 7 pages

Viewing questions 11-20 out of questions

Pass the Huawei Huawei Certified Network Professional HCNP H12-721 Questions and answers with CertsForce