New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Huawei Certified Network Professional HCNP H12-721 Updated Exam

Page: 7 / 8
Total 245 questions

HCNP-Security-CISN (Huawei Certified Network Professional - Constructing Infrastructure of Security Network) Questions and Answers

Question 25

Run the display ike sa command to check the IKE SA information. The following statement is correct?

Options:

A.

phase 1 and phase 2 have been established

B.

negotiates through the IKE V2 protocol

C.

VPN instance name is public

D.

IPSec SA status is Ready

Question 26

The server health check mechanism is enabled on the USG firewall of an enterprise to detect the running status of the back-end real server (the three servers are Server A, Server B, and Server C). When the USG fails to receive the response from Server B multiple times. When the message is received, Server B will be disabled and the traffic will be distributed to other servers according to the configured policy.

Options:

A.

TRUE

B.

FALSE

Question 27

What is the correct statement about the ip-link feature?

Options:

A.

ip-link is a function to detect link connectivity

B.

ARP detection mode only supports detecting direct links (or forwarding through Layer 2 devices in the middle)

C.

The firewall sends ICMP or ARP packets to a probe destination address to determine whether the destination address is reachable.

D.

ip-link is associated with VGMP, the ip-link status is down, and the VGMP management group priority is lowered by default.

 

Question 28

Which attack method is CC attack?

Options:

A.

denial of service attack

B.

scan snooping attack

C.

malformed packet attack

D.

System-based vulnerability attacks

Page: 7 / 8
Total 245 questions