Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Huawei H12-711_V4.0 Practice Exam with Questions & Answers | Set: 2

Questions 11

During the process of establishing IPSec VPN between peers FW_A and FW_B, two types of security associations need to be established in two stages. In the first stage, _____ is established to verify the identity of the peers.[fill in the blank]*

Options:
Huawei H12-711_V4.0 Premium Access
Questions 12

Which of the following statements are correct about firewall security zones?

Options:
A.

Security policies do not have to permit mutual access between users in the same zone.

B.

A security policy can permit traffic in one direction.

C.

By default, firewalls have only three security zones: Trust, Untrust, and DMZ.

D.

A firewall interface can be added to multiple security zones.

Questions 13

Which of the following is not an advantage of symmetric encryption algorithms?

Options:
A.

Suitable for encrypting large amounts of data

B.

Low overhead

C.

Good scalability

D.

High efficiency

Questions 14

Compared with the software architecture of C/S, B/S does not need to install a browser, and users are more flexible and convenient to use.

Options:
A.

TRUE

B.

FALSE

Questions 15

The initial priority of the USG9500VGMP group is related to which of the following factors ( )? *

Options:
A.

interface bandwidth

B.

VRRP priority

C.

Number of daughter cards on the interface board

D.

The number of CPUs on the D service board

Questions 16

The following description of the AH protocol in IPSec VPN, which one is wrong?

Options:
A.

Supports data source validation

B.

Supports data integrity checking

C.

Supports packet encryption

D.

Support anti-message replay

Questions 17

Which of the following are disadvantages of the packet filtering firewall?

Options:
A.

The software implementation limits the processing speed, making the firewall vulnerable to DoS attacks.

B.

An attacker can set the IP address of his/her host to an IP address permitted by a packet filter. In this way, packets from the attacker's host can easily pass through the packet filter.

C.

Static ACL rules cannot meet dynamic security requirements.

D.

The connection status list is dynamically managed.

Questions 18

Which of the following is not the default security zone of the firewall

Options:
A.

untrust trust

B.

trust zone

C.

dmz zone

D.

isp zone)

Questions 19

The following description of the intrusion fire protection system IPS, which is correct?

Options:
A.

The port IPS can be concatenated at the network boundary.

B.

The IPS cannot prevent intrusion from occurring in real time.

C.

The port IPS can be attached to the switch and port mirrored through the switch.

D.

Oral IPS has the ability to customize intrusion prevention rules.

Questions 20

Which of the following operating modes does NTP support?

Options:
A.

Mouth peer mode

B.

Mouth client/server mode

C.

Mouth broadcast mode

D.

Mouth multicast mode

Exam Code: H12-711_V4.0
Certification Provider: Huawei
Exam Name: HCIA-Security V4.0 Exam
Last Update: Apr 7, 2026
Questions: 153

Huawei Related Exams

H20-701_V2.0 - HCSE-Field-Intelligent Campus (Written) V2.0
H12-611_V2.0 - HCIA-openEuler V2.0
H21-285_V1.0 - HCSP-Presales-Service(Storage) V1.0
H13-431_V2.0 - HCIE-Data Center (Written) V2.0
H12-721_V3.0 - HCIP-Security-CISN V3.0
H20-684_V1.0 - HCSE-Field-Smart PV V1.0
H14-241_V1.0 - HCIP-HarmonyOS Device Developer V1.0
H19-101_V5.0 - HCSA-Sales-IP Network Certification V5.0
H19-438_V1.0 - HCSP-Presales-Cloud V1.0
H12-311_V3.0 - HCIA-WLAN V3.0
H35-942 - HCS - Home Service Activation
H19-371_V1.0 - HCS-Pre-sales-Digital Power V1.0
H12-521_V2.0 - HCIP-Intelligent Vision V2.0
Huawei Free Access
Get Huawei Full Access

Huawei Free Exams
Huawei Free Exams
Get free access to Huawei exam materials and practice tests at Examstrack. Enhance your preparation with reliable resources designed to help you succeed in your Huawei certification exams.