1. Home
  2. Huawei
  3. H12-721

HCIP-Security-CISN V3.0

Exam Details

  • Exam Code
    :H12-721
  • Exam Name
    :HCIP-Security-CISN V3.0
  • Certification
    :Huawei Certification
  • Vendor
    :Huawei
  • Total Questions
    :65 Q&As
  • Last Updated
    :Nov 05, 2023

Huawei Huawei Certification H12-721 Questions & Answers

  • Question 201:

    With the USG firewall, which two commands can be used to view equipment components (control board, fans, power supplies, etc.) run state and memory / CPU usage? (Choose two answers)

    A. display device

    B. display environment

    C. display version

    D. dir

  • Question 202:

    In USG equipment, which statement is correct on current-configuration files and saved- configuration profile? (Choose two answers)

    A. ELI administrators to configure a feature USG device, the device will modify Saved- configuration immediately.

    B. See the next startup configuration file to load the device display saved-configuration.

    C. When executing the Save command, the device will be current-configuration is copied to the saved-configuration.

    D. When executing the Save command, current-configuration commands to take effect.

  • Question 203:

    From the branch offices, servers are accessed from the Headquarters via IPsec VPN. An IPSEC tunnel can be established at this time, but communication to the servers fails. What are the possible reasons? (Choose three answers)

    A. Packet fragmentation, the fragmented packets are discarded on the link.

    B. Presence opf dual-link load balancing, where the path back and forth may be inconsistent.

    C. Route flapping.

    D. Both ends of the DPD detection parameters are inconsistent.

  • Question 204:

    With the Huawei abnormal flow cleaning solution, deployed at the scene of a bypass, drainage schemes can be used to have? (Choose three answers)

    A. Dynamic routing drainage

    B. Static routing strategy drainage

    C. Static routing drainage

    D. MPLS VPN cited

  • Question 205:

    When an attack occurs, the attacked host (1.1.129.32) was able to capture many packets as shown. Based on the information shown, what kind of attack is this?

    A. Smurf attack

    B. Land Attack

    C. WinNuke

    D. Ping of Death attack

  • Question 206:

    Regarding IKE DPD, which statement is incorrect?

    A. IKE is used to detect the state of a neighbor

    B. DPD regularly send messages between IKE peers.

    C. When DPD messages are not received within the specified time DPD sends a request to the remote side and waits for response packets.

    D. DPD sends encrypted queries only when the timer expires.

  • Question 207:

    As shown below, the trust area has two PC machines, PC1 10.1.1.1, PC2 10.1.155.1 and the Untrust zone has one server 10.2.2.2.

    PC1 can not access 10.2.2.2, 10.2.2.2 and PC2 actively access each other. Through configuration analysis, how will you fix the following problems?

    A. image075

    B. image077

    C. image079

    D. image081

  • Question 208:

    In the firewall DDos attack prevention technology, the Anti-DDoS prevents attacks based on what?

    A. Based on the ability of the application to authenticate the source address of the packet, the application, and the cleaning equipment source by sending probe packets to prevent the attack traffic source.

    B. session-based concurrent connections to the defense, where the new connection or abnormal connections exceeds the threshold levels..

    C. Mainly by fingerprint analysis to study and get traffic capture feature to prevent bots or initiate the attack traffic through a proxy to distinguish normal user access behavior.

    D. By detecting the session using filter scanning packets and special control packets.

  • Question 209:

    DDos attacks work through the network to the target (usually a server, such as DNS server, WEB server) and sends a small amount of abnormal packets of non-traffic, so that the attacked server parses the message, causing the system to crash or become busy.

    A. TRUE

    B. FALSE

  • Question 210:

    In the Huawei abnormal flow cleaning solution, deployed at the scene of a bypass, the re- injection scheme can be used to have which of the following? (Choose three answers)

    A. routing strategy

    B. MPLS VPN tunnel mode

    C. routing

    D. Layer 2 VPN mode

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Huawei exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your H12-721 exam preparations and Huawei certification application, do not hesitate to visit our Vcedump.com to find your solutions here.