Question No. 1

Defense against the cache server The main method of DNS request flood is to use the DNS source authentication technology:

ATRUE

BFALSE

Show Answer

Correct Answer: A

Question No. 2

The figure shows the data flow direction of the Bypass interface in the Bypass working mode and the non-Bypass working mode. What are the following statements about the working flow of the electrical Bypass interface?

AWhen the interface is in the non-bypass state, the traffic flows from the GE0 interface to the USG through Router_a. After the USG processes, the traffic flows from the GE1 interface to Router_B.

BWhen the interface is working in the Bypass state, the traffic is forwarded from the GE0 interface to the USG. The USG does not pass any processing and flows directly from the GE1 interface to Router_B.

CWhen the firewall is configured to implement the security priority, the uplink and downlink services are not interrupted when the interface works in the bypass state. Therefore, the device can be kept in the Bypass state.

DThe electrical bypass interface can only work in Layer 2 mode and has circuit bypass function.

Show Answer

Correct Answer: A, B

Question No. 3

What are the drainage schemes that can be used in the scenario of bypass deployment in Huawei's abnormal traffic cleaning solution?

Adynamic routing drainage

Bstatic policy routing drainage

Cstatic route drainage

DMPLS VPN drainage

Show Answer

Correct Answer: A, B, C, D

Question No. 4

A network is as follows: The l2tp vpn is established through the VPN Client and the USG (LNS). What are the reasons for the dialup failure?

AThe tunnel name of the A LNS is inconsistent with the tunnel name of the client.

BL2TP tunnel verification failed

C0PPP authentication failed, the PPP authentication mode set on the client PC and LNS is inconsistent.

DThe client PC cannot obtain the IP address assigned to it from the LNS.

Show Answer

Correct Answer: B, C, D

Question No. 5

Which of the following statements is correct about the IKE main mode and the aggressive mode?

AAll negotiation packets in the first phase of the aggressive mode are encrypted.

BAll the negotiation packets of the first phase in the main mode are encrypted.

Cbarbarian mode uses DH algorithm

Dwill enter the fast mode regardless of whether the negotiation is successful or not.

Show Answer

Correct Answer: C

Free Huawei H12-721 Exam Actual Questions

The questions for H12-721 were last updated On Apr 25, 2024