This page was exported from Top Exam Collection [ http://blog.topexamcollection.com ] Export date:Thu Apr 10 12:42:35 2025 / +0000 GMT ___________________________________________________ Title: Best Preparations of H12-711 Exam 2022 HCNA-Security Unlimited 290 Questions [Q26-Q48] --------------------------------------------------- Best Preparations of H12-711 Exam 2022 HCNA-Security Unlimited 290 Questions Focus on H12-711 All-in-One Exam Guide For Quick Preparation. NO.26 In IPSEC VPN, which of the following scenarios can be applied by tunnel mode?  between the host and the host  between hosts and security gateways  between security gateways  between tunnel mode and transport mode NO.27 The matching principle of the security policy is: firstly, find the inter-domain security policy configured manually, and if there is no match, the data packet is directly discarded  True  False NO.28 In the SSL handshake protocol, which of the following message is optional? (Choose two.)  Server Key Exchange  ChangeCipherSpec  Certificate verify  ServerHelloDone Explanation/Reference:NO.29 When you configure a firewall between the domain security policy, if the 192.168.0.0/24 network segment is set to match object, the following configuration, which is correct? (Choose two.)  policy 1policy source 192.168.0.0 mask 255.255.255.0  policy 1policy source 192.168.0.0 255.255.255.0  policy 1policy source 192.168.0.0 mask 0.0.0.255  policy 1policy source 192.168.0.0 0.0.0.255 NO.30 In most scenarios, NAT Inbound is used to the enterprise private network users to access the Internet scenario.  True  False NO.31 Electronic evidence preservation is directly related to the legal effect of evidence, in line with the preservation of legal procedures, and its authenticity and reliability are guaranteed. Which of the following is not anevidence preservation technology?  Encryption technology  Digital certificate technology  Digital signature technology  Message tag tracking technology NO.32 When establishing their own information systems, companies check each operation according to internationally established authoritative standards and can check whether their information systems are safe  True  False NO.33 Which of the following are multi-user operating systems? (Multiple choice)  MSDOS  UNIX  LINUX  Windows NO.34 Which of the following is correct for the command to view the number of security policy matches?  display firewall sesstion table  display security-policy all  display security-policy count  count security-policy hit NO.35 Which description about disconnect the TCP connection 4 times-handshake is wrong?  initiative to shut down the sender first FIN active closed, while theother received this FIN perform passive shut down  when passive close receipt the first FIN. it will send back an ACK, and randomly generated to confirm the serial number  passive closing party end need to send a file to the application, theapplication will close it connection and lead to send a FIN  in passive close the sender after the FIN. initiative to close must send back a confirmation, and will confirm the serial number is set to receive serial number 1 NO.36 Which of the following statement about the L2TP VPN of Clieit-initialized is wrong?  After the remote user access to internet, can initiate L2TPtunneling request to the remote LNS directly through the client software  LNS device receives user L2TPconnection request, can verify based on user name and password.  LNS assign a private IP address for remote users  remote users do not need to install VPN client software NO.37 Which of the following is the encryption technology used by digital envelopes?  Symmetric encryption algorithm  Asymmetric encryption algorithm  Hash algorithm  Stream encryption algorithm NO.38 Which of the following is the correct description of windows log event type? (Multiple Choice)  A warning event is a successful operation event of an application, driver, or service.  Error events usually refer to the loss of function and data. For example, if a service cannot be loaded as a system boot, an error event will be generated.  When the disk space is insufficient, it will be recorded as an “information event”  Failure audit event refers to a failed audit security login attempt, such as a failure when the user view accesses the network drive is logged as a failed audit event. NO.39 The process of electronic forensics includes: protecting the site, obtaining evidence, preserving evidence,identifying evidence, analyzing evidence, tracking and presenting evidence  True  False NO.40 The configuration commands for the NAT address pool are as follows: nat address-group 1 section 0 202.202.168.10 202.202.168.20 mode no-pat Of which, the meaning of no-pat parameters is:  Do not do address translation  Perform port multiplexing  Do not convert the source port  Do not convert the destination port NO.41 Which of the following description is wrong about the Internet users and VPN access user authentication?  The Internet user andthe VPN access user share data, and the users attribute check (user status, account expiration time, etc.) also takes effect on the VPN access.  The local authentication or server authentication process is basically the same for the Internet users. The authentication is performed on the user through the authentication domain.  After the VPN user accesses the network, it can access the network resources of the enterprise headquarters. The firewall can control the accessible network resources based on theuser name.  After the VPN access user passes the authentication, it will be online on the user online list. NO.42 Execute the command on the firewall and display the following information, which of the following description is correct? (Multiple Choice) HRP_A [USG_A] display vrrp interfaceGigabitEthernet 0/0/1 GigabitEthernet9/0/1 | Virtual Router 1VRRP Group: Active state: Active Virtual IP: 202.38.10.1 Virtual MAC: 0000-5e00-0101 Primary IP: 202 38.10.2 PriorityRun: 100 PriorityConfig: 100 MasterPriority: 100 Preempt: YES Delay Time: 10  The status of this firewall VGMP group is Active.  This firewall G1 / 0/1 virtual interface IP address 202.30.10.2  This firewall VRID is 1 the VRRP priority to backup g’oup 100  Will not switch when the primary device fails NO.43 Which of the following descriptions about IKE SA is wrong?  IKE SA is two-way  IKE is a UDP- based application layer protocol  IKE SA servers for IPSec SA  The encryption algorithm used by user data packets isdetermined by IKE SA. NO.44 Terminal security access control can support? (Choose three.)  SACG hardware (hardware security access control gateway)  802.1X  ARP control  Software SACG (host firewall) Explanation/Reference:NO.45 Which of the following description is correct about the sort of the call setup process for L2TP corridors?1. L2TP tunnel2. PPP connection3. LNS authenticates users4. Users accessintranet resources5. Establish an L2TP session  1->2->3->5->4  1->5->3->2->4  2->1->5->3->4 T NO.46 Data analysis technology is to find and -natch keywords or key ohrases in the acquired data stream or information flow, and analyze: he correlation of time. Which of the following is not an evidence analysis technique?  Password deciphering, data decryption technology  Document Digital Abstract Analysis Technology  Techniques for discovering the connections between different evidences  Spam tracking technology NO.47 Which VPN access modes are suitable for mobile office workers? (Choose three.)  GRE VPN  L2TP VPN  SSL VPN  L2TP over IPsec NO.48 What are the following values can be set as in USG series firewall security level definition from the security zone? (Choose two.)  150  100  80  40  Loading … Guaranteed Success with H12-711 Dumps: https://www.topexamcollection.com/H12-711-vce-collection.html --------------------------------------------------- Images: https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-05-17 18:03:13 Post date GMT: 2022-05-17 18:03:13 Post modified date: 2022-05-17 18:03:13 Post modified date GMT: 2022-05-17 18:03:13