Huawei Certified Network Professional HCNP H12-721 Updated Exam

HCNP-Security-CISN (Huawei Certified Network Professional - Constructing Infrastructure of Security Network) Questions and Answers

Question 25

Run the display ike sa command to check the IKE SA information. The following statement is correct?

Options:

phase 1 and phase 2 have been established

negotiates through the IKE V2 protocol

VPN instance name is public

IPSec SA status is Ready

Question 26

The server health check mechanism is enabled on the USG firewall of an enterprise to detect the running status of the back-end real server (the three servers are Server A, Server B, and Server C). When the USG fails to receive the response from Server B multiple times. When the message is received, Server B will be disabled and the traffic will be distributed to other servers according to the configured policy.

Options:

TRUE

FALSE

Question 27

What is the correct statement about the ip-link feature?

Options:

ip-link is a function to detect link connectivity

ARP detection mode only supports detecting direct links (or forwarding through Layer 2 devices in the middle)

The firewall sends ICMP or ARP packets to a probe destination address to determine whether the destination address is reachable.

ip-link is associated with VGMP, the ip-link status is down, and the VGMP management group priority is lowered by default.

Question 28

Which attack method is CC attack?

Options:

denial of service attack

scan snooping attack

malformed packet attack

System-based vulnerability attacks

Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Huawei Certified Network Professional HCNP H12-721 Updated Exam

HCNP-Security-CISN (Huawei Certified Network Professional - Constructing Infrastructure of Security Network) Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce