Huawei H12-721 Real Exam Questions Guaranteed Updated Dump from Actual4Exams
Verified Pass H12-721 Exam in First Attempt Guaranteed
Huawei H12-721 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION 104
For the FireHunter 6000 Sandbox to detect files transmitted on the network in a virtual environment, which of the following file types can be detected? (Multiple choice)
- A. word file or PDF document
- B. Staff's game account
- C. Web page content, such as JavaScript, Flash, Java Applet, etc.
- D. MP4 file
Answer: A,C
NEW QUESTION 105
The following attacks have special packets? (Choose three answers)
- A. Tracert packet attack
- B. ICMP unreachable packet attack
- C. Ping of Death attack
- D. Large ICMP packet attack
Answer: A,B,D
NEW QUESTION 106
When traffic is finally sent from the outgoing interface, it is limited by the bandwidth of the outgoing interface. If the traffic is greater than the outbound interface bandwidth, which of the following will be used to do queue scheduling for traffic to ensure that high-priority packets are sent preferentially?
- A. Forwarding priority
- B. QoS
- C. Remark DSCP priority
- D. Bandwidth policy matching order
Answer: A
NEW QUESTION 107
In standby IPsec link backup scenarios like the one shown below, you can use the link IPsec tunneling technology.
- A. TRUE
- B. FALSE
Answer: A
NEW QUESTION 108
After the link-group is configured on the device, use the display link-group 1 command to obtain the following information. What information can I get?
- A. GigabitEthernet 0/0/1 has failed.
- B. GigabitEthernet 0/0/2 interface has failed.
- C. GigabitEthernet 0/0/1 is forcibly converted to fault state because other interfaces in the group are faulty.
- D. GigabitEthernet 0/0/2 is forcibly converted to fault state because other interfaces in the group are faulty.
Answer: A,D
NEW QUESTION 109
Huawei abnormal flow cleaning solution is characterized by relatively straight bypass deployment. Which of the statement is correct?
- A. bypass deployment requires separate deployment testing equipment.
- B. Straight deployment Anti-DDoS equipment for all traffic in real-time drainage.
- C. straight deployment requires separate deployment testing equipment.
- D. relatively straight bypass deployment deployment, more flexible, both static and drainage ways, and can use dynamic drainage ways.
Answer: D
NEW QUESTION 110
A network is as follows: The l2tp vpn is established through the VPN Client and the USG (LNS). What are the reasons for the dialup failure?
- A. 0PPP authentication failed, the PPP authentication mode set on the client PC and LNS is inconsistent.
- B. The tunnel name of the A LNS is inconsistent with the tunnel name of the client.
- C. The client PC cannot obtain the IP address assigned to it from the LNS.
- D. L2TP tunnel verification failed
Answer: A,C,D
NEW QUESTION 111
Which of the following is a disadvantage of L2TP VPN?
- A. must use L2TP Over IPSec to use
- B. no encryption
- C. has no authentication function
- D. working on layer 2 cannot be routed
Answer: B
NEW QUESTION 112
After the BFD session is established, the two systems periodically send BFD control packets. If a system does not receive any packets from the peer within the detection time, the status of the BFD session is considered to be Down. Which mode of detection is this mode called BFD?
- A. asynchronous mode
- B. query mode
- C. detection mode
- D. sync mode
Answer: A
NEW QUESTION 113
Which ofthe following statements is correct about the blacklist? (Choose three answers)
- A. Blacklist is divided into static and dynamic.
- B. When the packet reaches the firewall, the first thing to check for is packet filtering, and then it will match the blacklist.
- C. When you log into a device and incorrectly enter the username/password three times, the IP address of the administrator will be added to the blacklist via Web or Telnet.
- D. When the device is perceived to have behavioral characteristics of packets to a user's attempt to attack a specific IP address, it will use a dynamic IP address blacklist technology.
Answer: A,C,D
NEW QUESTION 114
Which is wrong about the description of the virtual system?
- A. If the virtual system function is not enabled, the root system does not exist.
- B. Separately running logical device which is divided on the NGFW are called virtual systems.
- C. There are two types of virtual systems, the root system and the virtual system on the NGFW.
- D. A special virtual system that exists by default on the NGFW is called the root system.
Answer: A
NEW QUESTION 115
USG device can be factory reset by holding down the Reset button for 1-3 seconds to recover the console password.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 116
The default interval for sending VGMP hello packets is 1 second. That is, when the hello packet sent by the peer is not received within the range of three hello packets, the peer is considered to be faulty. Master status.
- A. TRUE
- B. FALSE
Answer: A
NEW QUESTION 117
A firewall device can create multiple virtual gateways. Each virtual gateway is independent and does not affect each other. Administrators can configure their own users, resources, and policies under the virtual gateway for independent management.
- A. TRUE
- B. FALSE
Answer: A
NEW QUESTION 118
Which of the following is correct about packet encapsulation order of L2TP over IPSec?
- A. The sequence from the first encapsulation to the post encapsulation is IPSec>PPP->L2TP->UDP
- B. The sequence from the first encapsulation to the post encapsulation is PPP>L2TP->UDP->IPSec
- C. The sequence from the first encapsulation to the post encapsulation is PPP>UDP->L2TP->IPSec
- D. The sequence from the first encapsulation to the post encapsulation is IPSec>L2TP->UDP->PPP
Answer: B
NEW QUESTION 119
In the headquarters-branch IPsec VPN network, when the headquarters is configured, when the headquarters adopts the IPSec policy template, which of the following are mandatory items? (Multiple choice)
- A. proposal proposal-name
- B. ipsec policy-template template-name sec-number
- C. policy enable
- D. ipsec policy policy-name sec-number isakmp template template-name
Answer: A,B,D
NEW QUESTION 120
In a Dual hot standby SSL VPN scenario as shown, the network administrator has enabled SSL extensions. Which of the following information about the configuration of SSL VPN functionality is correct?
- A. When you create a virtual gateway the Master will not be synchronized to the Slave.
- B. USG_ A virtual SSL VPN gateway must use IP address 202.38.10.2
- C. USG_B virtual SSL VPN gateway must use IP address 10.100.10.2
- D. When configuring the network extension, the address pool with binds to theVRRP backup group number 2.
Answer: D
NEW QUESTION 121
......
Download Real Huawei H12-721 Exam Dumps Test Engine Exam Questions: https://www.actual4exams.com/H12-721-valid-dump.html