最新的Huawei HCIE-Security (Huawei Certified Internetwork Expert-Security) - H12-731-ENU免費考試真題
問題1
The main differences between the RADIUS and HWTACACS protocols include:
The main differences between the RADIUS and HWTACACS protocols include:
正確答案: B,D
問題2
The correct statement of the principle of virtual firewall technology is:
The correct statement of the principle of virtual firewall technology is:
正確答案: A,B
問題3
What are the URL matching methods in the URL filtering function of the USG?
What are the URL matching methods in the URL filtering function of the USG?
正確答案: A,C,D,E
問題4
What functions does content filtering include in the Huawei USG firewall?
What functions does content filtering include in the Huawei USG firewall?
正確答案: C,D
問題5
In Agile Controller, what is the correct statement about the screen saver check policy ?
In Agile Controller, what is the correct statement about the screen saver check policy ?
正確答案: A,B,D
問題6
Regarding the firewall IP-Link feature, the following description is incorrect:
Regarding the firewall IP-Link feature, the following description is incorrect:
正確答案: A
問題7
In the scenario of dual-system hot backup, what is wrong about the description of the main firewall device and the standby device?
In the scenario of dual-system hot backup, what is wrong about the description of the main firewall device and the standby device?
正確答案: C,D
問題8
In the dual-system hot-standby network, the service interface works at Layer 3, and the uplink and downlink are connected to the switches:

In the dual-system hot-standby network, the service interface works at Layer 3, and the uplink and downlink are connected to the switches:

正確答案: C,D
問題9
When using which of the following functions of UTM, it is necessary to ensure that the device is connected to the security service center?
When using which of the following functions of UTM, it is necessary to ensure that the device is connected to the security service center?
正確答案: C,D,E
問題10
What protocols and ports need to be opened when the firewall uses the IPsec function?
What protocols and ports need to be opened when the firewall uses the IPsec function?
正確答案: B,C
問題11
The ARP protocol is used to map the IP address to the correct MAC address, so that the device can encapsulate the correct frame header on the data frame to complete the data forwarding.
If the ARP table is abnormal, it will directly cause the device to fail to forward packets. In the dual-system hot backup scenario, which of the following descriptions are correct when the active and standby firewalls respond to ARP?
The ARP protocol is used to map the IP address to the correct MAC address, so that the device can encapsulate the correct frame header on the data frame to complete the data forwarding.
If the ARP table is abnormal, it will directly cause the device to fail to forward packets. In the dual-system hot backup scenario, which of the following descriptions are correct when the active and standby firewalls respond to ARP?
正確答案: A,B
問題12
For some large IP data packets, in order to meet the requirements of the MTU (Maximum Transmission Unit) of the link layer, it needs to be fragmented and divided into several IP packets during the transmission process. In each IP header there is an offset field and a split flag (MF), where the offset field indicates the location of the fragment in the entire IP packet. If the attacker sets the offset field to an incorrect value after intercepting the IP data packet, the receiver cannot correctly combine the values of the offset field in the data packet after receiving the split data packets. In this way, the receiver will keep trying, and the operating system will crash due to resource exhaustion.
What is this attack method?
For some large IP data packets, in order to meet the requirements of the MTU (Maximum Transmission Unit) of the link layer, it needs to be fragmented and divided into several IP packets during the transmission process. In each IP header there is an offset field and a split flag (MF), where the offset field indicates the location of the fragment in the entire IP packet. If the attacker sets the offset field to an incorrect value after intercepting the IP data packet, the receiver cannot correctly combine the values of the offset field in the data packet after receiving the split data packets. In this way, the receiver will keep trying, and the operating system will crash due to resource exhaustion.
What is this attack method?
正確答案: B
問題13
Which of the following is a correct description of the stateful inspection firewall forwarding principle:
Which of the following is a correct description of the stateful inspection firewall forwarding principle:
正確答案: B,D,E