The safer , easier way to help you pass any IT exams.
Exam
: H12-711_V4.0-ENU
Title
: HCIA-Security V4.0 Exam
https://www.passcert.com/H12-711_V4.0-ENU.html
1/4
The safer , easier way to help you pass any IT exams.
1.Regarding the characteristics of the routing table, which of the following items is described correctly
A. Port When a packet matches multiple entries in the routing table, it is forwarded based on the route
entry with the largest metric.
B. Port In the global routing table, there is at most one next hop to the same destination CIDR block.
C. There may be multiple next hops in the global routing table to the same destination.
D. Port When a packet matches multiple entries in the routing table, it is forwarded according to the
longest mask.
Answer: C,D
2.The initial priority of the USG9500VGMP group is related to which of the following factors ()?
A. interface bandwidth
B. VRRP priority
C. Number of daughter cards on the interface board
D. The number of CPUs on the D service board
Answer: C,D
3.CORRECT TEXT
Database operation records can be used as ___ evidence to backtrack security events. [fill in the blank]
Answer: electronic
4.An enterprise wants to build a server system and requires the following functions:
1. The enterprise needs to have its own dedicated mailbox, and the sending and receiving of emails
needs to go through the enterprise's server;
2. The server must provide file transfer and access services. Users in different departments of the
enterprise provide accounts with different permissions:
3. When the enterprise accesses the internal webpage of the enterprise, the enterprise can directly enter
the domain name in the browser to access.
To meet the above requirements, which of the following servers do enterprises need to deploy? ()
A. Time synchronization server
B. FTP server (I)
C. DNS server
D. Mail server
Answer: B,C,D
5.Which of the following descriptions about the heartbeat interface is wrong ()? [Multiple choice]
A. It is recommended to configure at least two heartbeat interfaces. - One heartbeat interface is used as
the master, and the other heartbeat interface is used as the backup.
B. The interface MTU value is greater than 1500 and cannot be used as a heartbeat interface
C. The connection method of the heartbeat interface can be directly connected, or it can be connected
through a switch or router
D. MGMT interface (GigabitEthernet0/0/0) cannot be used as heartbeat interface
Answer: B
6.Which of the following is the numbering range of Layer 2 ACLs?
2/4
The safer , easier way to help you pass any IT exams.
A. The 3000~3999
B. The 4000~4999
C. The 1000~1999
D. @2000~2999
Answer: A
7.Which of the following descriptions of single sign-on is correct?
A. The visitor recited the Portal authentication page and sent the username and password to FT to identify
his/her identity, and the password was not stored on the FT, and the FI sent the username and password
to the third-party authentication server, and the authentication process was carried out on the
authentication server.
B. The visitor sends the username and password that identifies his identity to the third-party
authentication server, and after the authentication is passed, the third-party authentication server sends
the visitor's identity information to FW. F7 only records the identity information of the visitor and does not
participate in the authentication process
C. Visitors obtain the SMS verification code through the Portal authentication page, and then enter the
SMS verification code to pass the authentication.
D. The visitor sends the username and password that identifies them to the FW through the portal
authentication page, on which the password is stored and the verification process takes place on the FW.
Answer: B
8.CORRECT TEXT
Drag the phases of the cybersecurity emergency response on the left into the box on the right, and
arrange them from top to bottom in the order of execution.
1. Inhibition stage,
2. recovery phase,
3. Detection stage,
4. eradication phase [fill in the blank]
Answer: 3142
9.CORRECT TEXT
We should choose the encryption algorithm according to our own use characteristics. When we need to
encrypt a large amount of data, it is recommended to use the ____ encryption algorithm to improve the
encryption and decryption speed. [fill in the blank]
Answer: symmetry
10.CORRECT TEXT
The keys used by the IPSec encryption and authentication algorithms can be configured manually or
dynamically negotiated via the ____ protocol. (abbreviation, all uppercase).
Answer: IKE
11.CORRECT TEXT
Please order the following steps in the PKI life cycle correctly,
1. Issued,
3/4
The safer , easier way to help you pass any IT exams.
2. storage,
3. Update,
4. verify [fill in the blank] *
Answer: 1243
12.CORRECT TEXT
Please match the following information security risks to information security incidents one by one. [fill in
the blank]
physical security riskEnterprise server permissions are loosely set
Information Security Management RiskInfected Panda Burning Incense
Information Access RiskFire destroyed equipment in computer room
application riskTalk to people about leaking company secrets
Answer: 2413
13.CORRECT TEXT
Under normal circumstances, the Emai1 protocols we often talk about include ____, POP3, and SMTP.
[fill in the blank]
Answer: IMAP
14.Digital envelope technology means that the sender uses the receiver's public key to encrypt the data,
and then sends the ciphertext to the receiver () [Multiple choice] *
A. TRUE
B. FALSE
Answer: B
15.Huawei Firewall only supports the inter-domain persistent connection function for TCP packets.
A. TRUE
B. FALSE
Answer: B
16.Among the various aspects of the risk assessment of IS027001, which of the following does not belong
to the system design and release process?
A. Hold a summary meeting of the project in the information security management stage
B. Determine risk disposal measures and implement rectification plans
C. Determine risk tolerance and risk appetite
D. System integration and information security management system document preparation
Answer: A
4/4