Huawei H12-711 問題集

質問 1：
Which of the following description is wrong about the Internet users and VPN access user authentication?
A. After the VPN user accesses the network, it can access the network resources of the enterprise headquarters. The firewall can control the accessible network resources based on the user name.
B. The Internet user and the VPN access user share data, and the user's attribute check (user status, account expiration time, etc.) also takes effect on the VPN access.
C. After the VPN access user passes the authentication, it will be online on the user online list.
D. The local authentication or server authentication process is basically the same for the Internet users. The authentication is performed on the user through the authentication domain.
正解：C

質問 2：
If the administrator uses the default authentication domain to authenticate a user, you only need to enter a user name when the user logs, if administrators use the newly created authentication domain to authenticate the user, the user will need to enter login "username @ Certified domain name"
A. False
B. True
正解：B

質問 3：
Which of the following description about the VGMP protocol is wrong?
A. By default, when three HELLO packet cycle of Standby end does not receive HELLO packets which are sent from the opposite end, the opposite end will be considered a failure, which will switch itself to the Active state
B. State of VGMP group is active, which will periodically send HELLO packets to the opposite end, Stdandby end only monitors the HELLO packets, which will not respond
C. VGMP add multiple VRRP backup groups on the same firewall to a management group, uniformly manage all the VRRP group by management group.
D. VGMP ensure that all VRRP backup groups state are the same through a unified control of the switching of each VRRP backup group state
正解：B

質問 4：
Which of the following descriptions about windows logs is wrong?
A. windows server 2008 system logs stored in the Application.evtx
B. The application log contains events logged by the application or system program, mainly recording events in the running of the program.
C. windows server 2008 security log is stored in security.evtx
D. The system log is used to record the events generated by the operating system components, including the crash of the driver, system components and application software, and data.
正解：A

質問 5：
Both the GE1/0/1 and GE1/0/2 ports of the firewall belong to the DMZ. If the area connected to GE1/0/1 can access the area connected to GE1/0/2, which of the following is correct?
A. Need to configure the security policy from Local to DMZ
B. Need to configure an interzone security policy
C. Need to configure security policy from DMZ to local
D. No need to do any configuration
正解：D

質問 6：
When the firewall hard disk is in place, which of the following is correct description for the firewall log?
A. The administrator can learn the security policy of the traffic hit through the policy hit log, and use it for fault location when the problem occurs.
B. The administrator can advertise the content log to view the detection and defense records of network threats.
C. The administrator can use the threat log to understand the user's security risk behavior and the reason for being alarmed or blocked.
D. The administrator knows the user's behavior, the keywords explored, and the effectiveness of the audit policy configuration through the user activity log.
正解：A

質問 7：
On the USG series firewalls, the default security policy does not support modification.
A. False
B. True
正解：A