The document presents a series of practice exam questions and answers related to HCIA-Security certification, specifically focusing on VPN technologies and security protocols. Key topics include SSL VPN features, inconsistencies in L2TP VPN, protection levels according to TCSEC standards, user authentication methods, and the basic functionalities of antivirus software. Additional subjects cover Application Specific Packet Filtering (ASPF) and IPsec VPN transmission modes.

1. Free HCIA-Security
H12-711_V3.0-ENU
Practice Exam Q&As
HCIA-Security V3.0
https://www.passcert.com/H12-711_V3.0-ENU.html

2. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
1. Which item is correct about SSL VPN?
A. Can be used without the client
B. Can encrypt the IP layer
C. There is a NAT crossing problem
D. No authentication
Answer: A

3. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
2. Which of the following statement is wrong about the L2TP VPN of
Client-Initialized?
A. After the remote user access the Internet, the L2TP tunnel
connection request can be initiated directly from the remote LNS
through the client software.
B. The LNS device receives the user's L2TP connection request,
and the user can be verified according to the username and
password.
C. LNS assign private IP addresses for remote users.
D. The remote users do not need to install VPN client software
Answer: D

4. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
3. What protection levels are included in TCSEC standard? (Multiple
Choice)
A. Verification Protection
B. Forced Protection
C. Self-protection
D. Passive Protection
Answer: ABC

5. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
4. What protection levels are included in TCSEC standard? (Multiple
Choice)
A. Verification Protection
B. Forced Protection
C. Self-protection
D. Passive Protection
Answer: ABC

6. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
5. Which of the following is not used by the Detection link in the
P2DR model?
A. Real-time monitoring
B. Detection
C. Alarm
D. Close service
Answer: D

7. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
6. Which of the following is not a user authentication method in a
USG firewall?
A. Free certification
B. Password authentication
C. Single sign-in
D. Fingerprint certification
Answer: D

8. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
7. Which of the following is the basic function of anti-virus software?
(Multiple Choice)
A. Prevent virus
B. Find virus
C. Clear virus
D. Copy virus
Answer: ABC

9. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
8. ASPF (Application Specific Packet Filter) is a packet filtering
technology based on the application layer and implements a special
security mechanism through the server-map table.
Regarding ASPF and server-map tables, which of the following are
correct? (Multiple choice)
A. ASPF monitors the messages in the communication process
B. ASPF can dynamically create server-map tables
C. ASPF dynamically allows multi-channel protocol data to pass
through the server-map table
D. The five-tuple server-map table entry implements a function
similar to the session table
Answer: ABC

10. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
9. In the IPSec VPN transmission mode, which part of the data message is
encrypted?
A. Network layer and upper layer data packets
B. Original IP header
C. New IP header
D. Transport layer and upper layer data messages
Answer: D

11. Free HCIA-Security H12-711_V3.0-ENU Practice Exam From Passcert for Your Best Preparation
10. Which of the following is the status information that can be
backed up by the HRP (Huawei Redundancy Protocol) protocol?
(Multiple choice)
A. Session table
B. ServerMap table entries
C. Dynamic blacklist
D. Routing table
Answer: ABC