• Home
  • Blogs
  • Huawei H12-711-ENU Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q25-Q41]

Huawei H12-711-ENU Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q25-Q41]

Share

[Sep-2021] Pass Huawei H12-711-ENU Exam in First Attempt Guaranteed!

Full H12-711-ENU Practice Test and 290 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 25
About the descriptions of windows Firewall Advanced Settings, which of the following is wrong? (Multiple choice)

  • A. When setting the pop-up rule, only the local port can be restricted, and the remote port cannot be restricted.
  • B. When setting the pop-up rule, both local ports and remote ports can be restricted.
  • C. When setting the stacking rule, only the local port can be restricted, and the remote port cannot be restricted.
  • D. When setting the stacking rule, both the local port and the remote port can be restricted.

Answer: B,D

 

NEW QUESTION 26
Which of the following descriptions is wrong about the root CA certificate?

  • A. Signature is generated by CA public key encryption
  • B. The certificate subject name is CA.
  • C. Public key information is the public key of the CA
  • D. The issuer is CA

Answer: A

 

NEW QUESTION 27
Under the tunnel encapsulation mode, IPSec configuration does not need to have a route to the destination private network segment, because the data will be re-encapsulated using the new IP header to find the routing table.

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 28
Which of the following statement about the NAT is wrong?

  • A. Address Translation can follow the needs of users, providing FTP, WWW, Telnet and other services outside the LAN
  • B. Some application layer protocols carry IP address information in the data, but also modify the IP address information in the data of the upper layer when they are as NAT
  • C. NAT technology can effectively hide the hosts of the LAN, it is an effective network security protection technology
  • D. For some non-TCP, UDP protocols (such as ICMP, PPTP), unable to do the NAT translation

Answer: D

 

NEW QUESTION 29
Which of the following options are correct about the NAT policy processing flow? (Multiple Choice)

  • A. Server-map is processed after status detection
  • B. The source NAT policy is processed after the security policy is matched.
  • C. Server-map is processed before the security policy matches
  • D. Source NAT policy query is processed after the session is created

Answer: A,B,C

 

NEW QUESTION 30
Which of the following operations are necessary during the administrator upgrade of the USG firewall software version? (Multiple Choice)

  • A. Specify the next time you start loading the software version.
  • B. Upload the firewall version software
  • C. Restart the device
  • D. Device factory reset

Answer: A,B,C

 

NEW QUESTION 31
Fire Trust domain FTP client wants to access an Untrust server FTP service has allowed the client to access the server TCP 21 port, the client in the Windows command line window can log into the FTP server, but can not download the file, what are the following solutions? (Multiple choice)

  • A. Trust Untrust domain configuration is enabled detect ftp
  • B. FTP works with Passive mode modify the domain inbound direction between the Untrust Trust default access policy to allow
  • C. the FTP works with the port mode modify the Untrust Trust domain to allow the inbound direction between the default access strategy
  • D. take the Trust between Untrust domain to allow two-way default access strategy

Answer: A,C,D

 

NEW QUESTION 32
Which of the following attacks is not a cyber-attack?

  • A. Smurf attack
  • B. MAC address spoofing attack
  • C. IP spoofing attack
  • D. ICMP attack

Answer: B

 

NEW QUESTION 33
Which of the following options are correct about the control actions permit and deny of the firewall interzone forwarding security policy? (Multiple Choice)

  • A. The action of the firewall default security policy is deny
  • B. Whether the message matches the permit action of the security policy or the deny action, the message will be processed by the UTM module.
  • C. Even if the packet matches the permit action of the security policy, it will not necessarily be forwarded by the firewall.
  • D. The packet is matched immediately after the inter-domain security policy deny action, and the other interzone security policy will not be executed.

Answer: A,C,D

 

NEW QUESTION 34
Which of the following are core elements of the IATF (Information Assurance Technology Framework) model? (Multiple choice)

  • A. Technology
  • B. person
  • C. Operation
  • D. Environment

Answer: A,B,C

 

NEW QUESTION 35
In practical applications, asymmetric encryption is mainly used to encrypt user data.

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 36
Some applications, such as Oracle database application, there is no data transfer for a long time, so that firewall session connection is interrupted, thus resulting in service interruption, which of the following technology can solve this problem?

  • A. Turn fragment cache
  • B. Configure default session aging time
  • C. Configure a long business connection
  • D. Optimization of packet filtering rules

Answer: C

 

NEW QUESTION 37
Which of the following descriptions about IKE SA is wrong?

  • A. IKE SA servers for IPSec SA
  • B. IKE SA is two-way
  • C. IKE is a UDP- based application layer protocol
  • D. The encryption algorithm used by user data packets is determined by IKE SA.

Answer: D

 

NEW QUESTION 38
Which of the following is not a key technology for anti-virus software?

  • A. Shelling technology
  • B. Self-protection
  • C. Real-time upgrade of the virus database
  • D. Format the disk

Answer: D

 

NEW QUESTION 39
A company employee account authority expires, but can still use the account to access the company server.
What are the security risks of the above scenarios? (Multiple Choice)

  • A. Managing security risk
  • B. System security risk
  • C. Physical security risk
  • D. Access security risk

Answer: A,B,D

 

NEW QUESTION 40
Which of the following statement about the L2TP VPN of Client-initialized is wrong?

  • A. remote users do not need to install VPN client software
  • B. LNS assign a private IP address for remote users
  • C. LNS device receives user L2TPconnection request, can verify based on user name and password.
  • D. After the remote user access to internet, can initiate L2TP tunneling request to the remote LNS directly through the client software

Answer: A

 

NEW QUESTION 41
......

Get Latest H12-711-ENU Dumps Exam Questions in here: https://www.exam4docs.com/H12-711-ENU-study-questions.html

Related Blogs

more
Huawei H12-711-ENU Certification Practice Exam

Our study guide torrent covers most questions of real test and can help you pass exam certainly. The high pass rate bring help you pass at the first attempt.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 EXAM4DOCS.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor. Privacy Policy