Text Material Preview
H12-711_V4.0-ENU HCIA-Security V4.0 https://www.certspots.com/exam/h12-711_v4-0-enu/ H12-711_V4.0-ENU Exam Questions 1. Regarding the characteristics of the routing table, which of the following items is described correctly A. Port When a packet matches multiple entries in the routing table, it is forwarded based on the route entry with the largest metric. B. Port In the global routing table, there is at most one next hop to the same destination CIDR block. C. There may be multiple next hops in the global routing table to the same destination. D. Port When a packet matches multiple entries in the routing table, it is forwarded according to the longest mask. Answer: C,D H12-711_V4.0-ENU Exam Questions 2. Which of the following descriptions about the heartbeat interface is wrong? [Multiple choice] A. It is recommended to configure at least two heartbeat interfaces. - One heartbeat interface is used as the master, and the other heartbeat interface is used as the backup. B. The interface MTU value is greater than 1500 and cannot be used as a heartbeat interface C. The connection method of the heartbeat interface can be directly connected, or it can be connected through a switch or router D. MGMT interface (GigabitEthernet0/0/0) cannot be used as heartbeat interface Answer: B H12-711_V4.0-ENU Exam Questions 3. Which of the following descriptions of single sign-on is correct? A. The visitor recited the Portal authentication page and sent the username and password to FT to identify his/her identity, and the password was not stored on the FT, and the FI sent the username and password to the third-party authentication server, and the authentication process was carried out on the authentication server. B. The visitor sends the username and password that identifies his identity to the third- party authentication server, and after the authentication is passed, the third-party authentication server sends the visitor's identity information to FW. F7 only records the identity information of the visitor and does not participate in the authentication process C. Visitors obtain the SMS verification code through the Portal authentication page, and then enter the SMS verification code to pass the authentication. D. The visitor sends the username and password that identifies them to the FW through the portal authentication page, on which the password is stored and the verification process takes place on the FW. Answer: B H12-711_V4.0-ENU Exam Questions 4. We should choose the encryption algorithm according to our own use characteristics. When we need to encrypt a large amount of data, it is recommended to use the ____ encryption algorithm to improve the encryption and decryption speed. [fill in the blank] Answer: symmetry H12-711_V4.0-ENU Exam Questions 5. Among the various aspects of the risk assessment of IS027001, which of the following does not belong to the system design and release process? A. Hold a summary meeting of the project in the information security management stage B. Determine risk disposal measures and implement rectification plans C. Determine risk tolerance and risk appetite D. System integration and information security management system document preparation Answer: A H12-711_V4.0-ENU Exam Questions 6. Which of the following is not an advantage of symmetric encryption algorithms? A. Suitable for encrypting large amounts of data B. Low overhead C. Good scalability D. High efficiency Answer: C H12-711_V4.0-ENU Exam Questions 7. The following description of the AH protocol in IPSec VPN, which one is wrong? A. Supports data source validation B. Supports data integrity checking C. Supports packet encryption D. Support anti-message replay Answer: C H12-711_V4.0-ENU Exam Questions 8. The following description of the intrusion fire protection system IPS, which is correct? A. The port IPS can be concatenated at the network boundary. B. The IPS cannot prevent intrusion from occurring in real time. C. The port IPS can be attached to the switch and port mirrored through the switch. D. Oral IPS has the ability to customize intrusion prevention rules. Answer: A,C,D H12-711_V4.0-ENU Exam Questions 9. Which of the following are the backup items that HRP can provide? A. Mouth Server-map table entry B. Mouth No-PAT table entry C. Mouth ARP table entry D. Port TCP session table Answer: A,B,C,D H12-711_V4.0-ENU Exam Questions 10. For which of the following parameters can the packet filtering firewall filter? A. Port packet payload B. IP address of the port source destination C. The MAC address of the source destination D. Port number and protocol number of the port source Answer: B,D
