최신 H12-711_V4.0 무료덤프 - Huawei HCIA-Security V4.0
Which of the following login methods can implement AD single sign-on? (Multiple Choice)
정답: A,B,C
Which of the following descriptions of the active and standby firewall session tables are correct?
(Multiple Choice)
(Multiple Choice)
정답: B,C
() is a type of malicious code that can infect or be attached to applications or files. It is generally spread through protocols such as email or file sharing, threatening the security of user hosts and networks.
정답:
Virus
Which of the following is not part of the digital certificate?
정답: A
The main reason why NAPT can achieve one-to-many address translation is that () is also translated when the address is translated, so multiple private network addresses can share one public network address.
정답:
Port number
Intrusion prevention detects and analyzes all passing packets through a complete detection mechanism, and decides to allow or block them in real time.
Please sort the following processes according to the basic implementation mechanism of intrusion prevention.
Please sort the following processes according to the basic implementation mechanism of intrusion prevention.
정답:
Regarding the description of the firewall shard cache function, which of the following options are correct? (Multiple Choice)
정답: C,D
The "Caesar Cipher" basically encrypts data using a stick of specific specifications.
정답: B
According to the logical architecture of the HiSec solution, please drag the levels divided by the HiSec solution on the left to the box on the right, and arrange them in order from top to bottom.
정답:
1---Analysis layer
2---Control layer
3---Execution layer
2---Control layer
3---Execution layer
SH3 is a commercial algorithm compiled by the State Cryptozoology Administration. It is used for digital signature and verification, message authentication code generation and verification, and random number generation in cryptographic applications. It can meet the security needs of a variety of cryptographic applications.
정답: A
Which of the following information is not included in the DHCP binding table?
정답: B
Intrusion prevention is a security mechanism that analyzes network traffic, detects intrusions (including buffer overflow attacks, Trojans, worms, etc.), and terminates intrusions in real time through a certain response method to protect enterprise information systems from infringement.
정답: A
In the process of establishing IPsec VPN between peers FWA and FW B, they need to go through two stages to establish two types of security associations. In the first stage, establish () and verify the identity of the peers.
정답:
IKE SA
Which of the following options belongs to Layer 2 VPN technology?
정답: D
Cooperating with other institutions to provide training services is not the business scope of the National Internet Emergency Center.
정답: A
Please match the following NAT technologies and the functions they implement one by one.
정답:
NAT To-PAT - Only the address is translated during translation, but the port is not translated. Realize one-to-one conversion from private network address to public network address. If all addresses in the address pool have been allocated, NAL translation will not be performed when the remaining internal network hosts access the external network. NAT translation will not occur until there is a free address in the address pool.
NAPI - The NAT address pool can contain one or more public network addresses. The address and port are translated simultaneously during translation. This can realize the need for multiple private network addresses to share one or more public network addresses.
Easy IP - directly uses the public network address of the interface as the translated address, without configuring a NAT address pool. The address and port are translated simultaneously during translation.
This can realize the need for multiple private network addresses to share the public network address of the external network interface.
NAl Server - The firewall converts the destination address of the external user's request message into the private address of the internal server.
NAPI - The NAT address pool can contain one or more public network addresses. The address and port are translated simultaneously during translation. This can realize the need for multiple private network addresses to share one or more public network addresses.
Easy IP - directly uses the public network address of the interface as the translated address, without configuring a NAT address pool. The address and port are translated simultaneously during translation.
This can realize the need for multiple private network addresses to share the public network address of the external network interface.
NAl Server - The firewall converts the destination address of the external user's request message into the private address of the internal server.
In IPsec VPN transmission mode, which part of the data packet is encrypted?
정답: B
Which of the following aspects does the basic implementation mechanism of intrusion prevention include? (Multiple Choice)
정답: A,B,C,D
The configuration command for the NAT address pool is as follows: nat address-group 1 section 0
202.202.168.10 202.202.168.20 mode no-pat. Among them, the meaning of the no-pat parameter is:
202.202.168.10 202.202.168.20 mode no-pat. Among them, the meaning of the no-pat parameter is:
정답: B
Which of the following behaviors will be recognized as intrusions by the intrusion detection system?
(Multiple Choice)
(Multiple Choice)
정답: A,B,C,D