Huawei H12-721 HCIP-Security-CISN Exam Practice Test Instant Access

Question 1

The following figure shows the data packet of the pre-shared key mode main mode exchange process in the first phase of IKE V1. What is captured below?

Aexchange D-H public value and various auxiliary data

BSA suggested strategy

Cauthentication

Dencryption transformation strategy

Answer : A

Question 2

What actions will be performed when the firewall hot standby sends the active/standby switchover?

Asend free ARP

BSend proxy ARP

CVRRP backup group virtual address is unavailable

Drelated switch automatically updates the MAC table

Answer : A, D

Question 3

When the firewall works in the dual-system hot backup load balancing environment, if the upstream and downstream routers are working in the routing mode, you need to adjust the OSPF cost based on HRP.

ATRUE

BFALSE

Answer : B

Note: When dual-system hot backup load balancing is configured, the upstream and downstream routers are configured with equal-cost routes, and no HRP OSPF cost is required. When the dual-system hot standby network is deployed, the standby firewall automatically adds a COST value when it routes routes to the outside (the default is 65500).

Question 4

When the user's SSL VPN has been successfully authenticated, the user cannot access the Web-link resource. On the Web server, view the information as follows: netstat -anp tcp With the following information, which of the following statements is correct?

Aintranet server does not open web service

Bvirtual gateway policy configuration error

CThe connection between the virtual gateway and the intranet server is incorrect.

DVirtual gateway and intranet server are unreachable

Answer : A

Question 5

Which of the following methods is used to switch between active and standby links in the IPSec backup and backup system?

Ahot standby

Blink-group

CEth-trunk

Dip-link

Answer : D

Question 6

The USG series firewall is deployed on an enterprise network. You need to log in to the USG through telnet or ssh. Each command entered by the user must be authorized by the server to continue. Which of the following authentication methods can meet the requirements of the enterprise?

ARadius

BLDAP

CHWTACACS

DAD

Answer : C

Question 7

Man-in-the-middle attacks are: the middleman completes the data exchange between the server and the client. In the server's view, all messages are sent or sent to the client. From the client's point of view, all messages are also sent or sent.

APacket 1: Source IP 1.1.1.1 Source MAC C-C-C Destination IP 1.1.1.2 Destination MAC B-B-B

BPacket 1: Source IP 1.1.1.3 Source MAC C-C-C Destination IP 1.1.1.2 Destination MAC B-B-B

CPacket 2: Source IP 1.1.1.2 Source MAC C-C-C Destination IP 1.1.1.1 Destination MAC A-A-A

DPacket 2: Source IP 1.1.1.3 Source MAC C-C-C Destination IP 1.1.1.1 Destination MAC A-A-A

Answer : A, C

Huawei H12-721 HCIP-Security-CISN V3.0 HCIP-Security-CISN Exam Practice Test