H12-721 Exam Details

  • Exam Code
    :H12-721
  • Exam Name
    :HCIP-Security-CISN V3.0
  • Certification
    :Huawei Certifications
  • Vendor
    :Huawei
  • Total Questions
    :245 Q&As
  • Last Updated
    :Nov 05, 2023

Huawei H12-721 Online Questions & Answers

  • Question 11:

    For a virtual service technology, which of the following statements is correct?

    A. For multiple real servers, real servers need to be in the same network and the same security zone
    B. For multiple real servers, real servers may not be in the same segment, but must be in the same security zone
    C. For multiple real servers, real servers may not be in the same security zone, but must be in the same segment
    D. For multiple real servers, network and security zone where the real server load balancing does not affect

  • Question 12:

    An attack will fake a source server to send a large number of SYN-ACK packet to the target network or server. If the packet destination port is a TCP service port to be attacked, it will cause the server's TCP protocol stack to handle exceptions.

    What attacking technique is this?

    A. SYN Flood
    B. SYN-ACK Flood
    C. ACK-Flood
    D. Connection Flood

  • Question 13:

    At headquarters - when configuring branching structure IPsec VPN network (pre-shared key + wells NAT traversal case), IKE Peer needs to be referenced to the ipsec policy templates. Which of the following must be configured with the template? (choose two answers)

    A. ipsec proposal
    B. exchange-mode aggressive
    C. pre-shared-key
    D. remote-address

  • Question 14:

    In DDos attack prevention technology, the firewall will not establish the session table for packets, if the session has been established for packets that were directly released.

    A. TRUE
    B. FALSE

  • Question 15:

    Network attacks include flood attacks, scanning and sniffing attacks, malformed-packet attacks, and special-packet attacks.

    A. TRUE
    B. FALSE

  • Question 16:

    As shown below for the L2TP over IPsec scenarios, the client uses pre-shared-key manner IPsec authentication. Which of the statements are correct to implement IPSec Security policy? (Choose two answers)

    A. using IKE main mode negotiation
    B. using IKE aggressive mode negotiation
    C. IPsec security policy
    D. configure IPsec policy template

  • Question 17:

    As shown below, for the L2TP over IPsec scenarios, the following configuration shows how to protect data on the IPsec flow. Which one is correct?

    A. [LNS] acl number 2001 [LNS-acl-basic-2001] rule permit udp source 10.10.1.0 0.0.0.255
    B. [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit source 10.10.1.0 0.0.0.255 destination 10.10.2.0 0.0.0.255
    C. [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit tcp source-port 1701
    D. [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit udp source-port eq 1701

  • Question 18:

    When using optical Bypass Interface, Bypass link has two operating modes, automatic mode and forced mode.

    A. TRUE
    B. FALSE

  • Question 19:

    SSL works at the application layer and is encrypted for specific applications, while IPsec operates at which layer and provides transparent encryption protection for this level and above?

    A. The data link layer
    B. Network Layer
    C. Transport Layer
    D. Presentation Layer

  • Question 20:

    In a stateful standby failover switchover what will the firewall do? (Choose two answers)

    A. Send a gratuitous ARP
    B. Send proxy ARP
    C. The VRRP backup group virtual address will be unavailable
    D. The switchover automatically updates the relevant MAC table

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Huawei exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your H12-721 exam preparations and Huawei certification application, do not hesitate to visit our Vcedump.com to find your solutions here.