HC-711 Q&As HCNA-CBSN (Constructing Basic Security Network) - CHS Pass Huawei HC-711 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money Back Assurance Following Questions and Answers are all new published by Huawei Official Exam Center HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 1 / 13
QUESTION 1 Here on the NAS-Initialized the L2TP VPN, correct statement are: (Choose three) A. Remote users via PSTN / ISDN access NAS (LAC), LAC determine whether the L2TP users. B. L2TP remote user to user,lac to the LNS initiates channel connection establishment request. C. LNS assigns a private IP address for remote dial-up users D. Validation of remote dial-up users can only be done at the LNS BC QUESTION 2 As a kind of generic GRE VPN encapsulation protocol encapsulated in the VPN can include multicast packets, including all L3 packets. QUESTION 3 L2TP supports the following protocols that load data. A. IP B. IPX C. NetBEUI D. More support Correct Answer: D QUESTION 4 Proxy Firewall role in the transport layer of the network, its essence is the business directly between the internal network and external network users by the proxy firewall takes over. HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 2 / 13
QUESTION 5 In the inter-domain packet filtering, and firewall into the direction of data flow (Inbound) refers to the direction of data from high to low security zones security zone transfer. QUESTION 6 About NAT argument error are: (Choose two) A. NAT Outbound refers to the source IP address conversion,nat Inbound refers to the destination IP address conversion B. NAT Inbound NAT Server commands and command consistent feature configuration can be selected according to personal preference C. Outbound direction NAT supports the following applications: one -many,many-to- D. NAT technology to support multi-channel protocols, such as FTP and other standard multi- channel protocol B QUESTION 7 Which of the following are VPDN tunneling protocol? (Choose two) A. PPPOE B. L2TP C. PPTP D. IPSec C QUESTION 8 Which of the following types of Ethernet switch ports, after the data flow out of the port may also carry VLAN identification? (Choose two) A. Access Port B. Trunk port HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 3 / 13
C. Hybrid port D. Switch port C QUESTION 9 TSM system to prohibit end users to copy important data to the storage medium of information security incidents caused, but the business needs to allow end users to read data stored inside, enable Which of the following strategies? A. Disable removable storage devices B. Read-only removable storage devices C. Monitoring removable storage devices D. Write encrypted removable storage devices QUESTION 10 Normal access to the user Wang credited l2tp vpn from outside the network address, found inside the firewall can ping the network port, but cannot access the network server, check the configuration discovery, Virtual-Template is added to the untrust zone within the network port in trust area, resulting in the cause cannot access the server, the following statements is correct? (Choose two) A. The server is not configured gateway B. Untrust and trust between domain rules unopened C. Untrust and local inter-domain rules unopened D. The other three options are correct B QUESTION 11 GRE Tunnel ends of the device if configured to identify keyword, keyword identification must be consistent in order to pass validation. HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 4 / 13
QUESTION 12 Users log in via TELNET device, because many times forgotten password login authentication fails, resulting in the account is frozen for several minutes, what is the role of technology? A. ACL B. Attack prevention C. Blacklist D. Account frozen Correct Answer: C QUESTION 13 The following types of firewall packet processing speed is the fastest non-first? A. Packet filtering firewall B. Proxy Firewall C. Stateful inspection firewall D. Software firewalls Correct Answer: C QUESTION 14 L2TP user authentication statement is correct: A. In the LAC can authenticate the user B. The LNS can authenticate the user C. After LAC authenticates the user,lns can authenticate the user again D. All other options are on the argument Correct Answer: D QUESTION 15 SSL and IPSec security protocols, encryption and authentication. However, SSL protocol only on the application of both data communications transmission is encrypted, but not all of the data from one host to another is encrypted (such as TCP / IP and application layer protocol). HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 5 / 13
QUESTION 16 Which of the following security zones can be conditionally deleted? A. Regional Security B. trust region C. untrust area D. dmz area QUESTION 17 The following types of interfaces can handle PPP protocol packets? A. interface Virtual-Template 1 B. interface Ethernet 0/0(within the network) C. interface Ethernet 0/0(external network) D. interface loopback 1 QUESTION 18 Firewall configured nat server global 202.106.1.1 inside 10.10.1.1, and now need to filter through the interface technology package allows users of the public network WWW server access is correct. A. rule permit TCP source 202.106.1.1 0 source-port 80 B. rule permit TCP source 10.10.1.1 0 source-port 80 C. rule permit TCP destination 202.106.1.1 0 destination-port 80 D. rule permit TCP destination 10.10.1.1 0 destination-port 80 Correct Answer: D QUESTION 19 HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 6 / 13
Which of the following devices will not be affected "Monitoring USB storage device " policy control? A. USB mouse B. U disk C. USB drive D. USB hard drives QUESTION 20 In the system view, execute the command reset saved-configuration, the configuration file will be erased. QUESTION 21 Huawei firewall nat outbound which supports the following scenario? (Choose three) A. One address translation B. -Many address translation C. -Many address translation D. Many-to- address translation CD QUESTION 22 SVN3000 port forwarding is based on the way the port control access to network resources for what applications? A. TCP B. UDP C. TCP or UDP D. SPX HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 7 / 13
QUESTION 23 Virtual private network (Virtual Private Network) is a "private data channel established through shared public network, each virtual network require access to this network or a terminal connected through tunnels (channels), constituting a dedicated, having certain security and quality of service network. QUESTION 24 The following statement about the NAT address translation Which is correct: (Choose three) A. NAT technology can effectively hide the hosts on the LAN,is an effective network security technology. B. NAT can follow the user\\'s needs, providing FTP, WWW, Telnet and other services outside the LAN. C. Some application layer protocols carry IP address information in the data,but also to modify the data in the upper IP address information when they make NAT. D. For some non- TCP, UDP protocol(such as ICMP, PPTP), NATcannotdo the conversion. BC QUESTION 25 When the host receives the ARP response packet, it will not be sent to verify whether they had the ARP request, but the response bag MAC address and IP corresponding relationship directly replace the original ARP cache table out QUESTION 26 SVN TCP port forwarding applications include three static ports: single-port single-server, single- port multi-server, multiport multi-server. The following are single-port single server? A. Outlook B. FTP C. Lotus Notes D. Http HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 8 / 13
Correct Answer: D QUESTION 27 Tunnel interface (Tunnel Interface) is a virtual interface to achieve multipoint type of packet encapsulation provided. QUESTION 28 VPN by business use classification does not include which of the following? A. Access VPN B. Intranet VPN C. Internet VPN D. Extranet VPN Correct Answer: C QUESTION 29 The following are the main features stateful inspection firewall is which? A. Processing speed B. Excellent follow-up packet processing performance C. Only detect the network layer D. Packet filtering detection for each package QUESTION 30 The vast majority of endpoint security threats from Internet, internal network only need to deploy anti-virus software can solve the problem. HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 9 / 13
QUESTION 31 L2TP technology, LAC client uses port number protocol encapsulated packets. A. TCP 51 B. UDP 51 C. UDP 1701 D. TCP 1701 Correct Answer: C QUESTION 32 Seen through the display ike sa result follows statements is correct? (Choose two) current ike sa number: 1 connectionid peer vpn flag phase doi 0x1f1 2.2.2.1 0 RD ST v1: 1 IPSEC 0x60436dc4 flag meaning RD - READY ST - STAYALIVE RL - REPLACED FD - FADING TO - TIMEOUT A. The first phase has been successfully established ike sa B. The second phase has been successfully established ipsec sa C. ike using version V1 D. ike using version V2 C QUESTION 33 L2TP VPN, and L2TP tunnels and sessions on the statement is correct: (Choose two) A. Between the same pair of LAC and LNS can create multiple L2TP tunnel,the tunnel consists of a control connection and at least one session (Session) composition B. Tunnel multiplexed on the session connection for the session,said carrying PPP tunnel connecting each C. After the session connection must be established successfully in the tunnel D. L2TP tunnel control message transmission, data message transmission in the session C QUESTION 34 HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 10 / 13
About GRE checksum verification techniques, when the end of the configuration checksum while the client does not check and when configured correctly described below have () (Choose two) A. The end of paper checks and verification of a received message B. Peer checks the received packet checksum C. The end of the checksum is calculated and sent packets D. For end-to- send packets to calculate the checksum C QUESTION 35 Security Alliance (SA) is the basis of IPSec is agreement between the communicating peers on certain safety elements. QUESTION 36 The following agreements, in the application layer have? (Choose two) A. ARP B. IGMP C. TELNET D. TFTP Correct Answer: CD QUESTION 37 When you configure NAT through the web, you need to configure the trust and untrust regional inbound direction, you need to select the security domain trust area in front, untrust area on the back. QUESTION 38 HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 11 / 13
Proxy firewalls need to develop a protocol for each application layer proxy, long development cycle, but it is difficult to upgrade. QUESTION 39 Outbound NAT configuration based on the direction, in the case of no-pat configuration commands, the following description of what is wrong? (Choose three) A. Conducted only source IP address translation B. Conducted only destination IP address translation C. The source IP address and source port translation D. Be the destination IP address and destination port translation CD QUESTION 40 Local firewall security zones do not contain any interface. Ping firewall on the firewall when an interface IP address, the packet will be given to those inside the firewall module for processing, not to be forwarded. Because they belong to the same security zone, so no need to configure interzone packet filtering can communicate properly. HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 12 / 13
Powered by TCPDF (www.tcpdf.org) To Read the Whole Q&As, please purchase the Complete Version from Our website. Try our product! 100% Guaranteed Success 100% Money Back Guarantee 365 Days Free Update Instant Download After Purchase 24x7 Customer Support Average 99.9% Success Rate More than 800,000 Satisfied Customers Worldwide Multi-Platform capabilities - Windows, Mac, Android, iphone, ipod, ipad, Kindle We provide exam PDF and VCE of Cisco, Microsoft, IBM, CompTIA, Oracle and other IT Certifications. You can view Vendor list of All Certification Exams offered: https://www.pass4lead.com/allproducts Need Help Please provide as much detail as possible so we can best assist you. To update a previously submitted ticket: Any charges made through this site will appear as Global Simulators Limited. All trademarks are the property of their respective owners. Copyright pass4lead, All Rights Reserved. HC-711 VCE Dumps HC-711 Practice Test HC-711 Study Guide 13 / 13