Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Huawei H12-721 Exam -

Free H12-721 Sample Questions:

Q: 1
Which of the following are malformed packet attacks? (Choose two answers)
A. Smurf attack
B. Fraggle attack
C. Large ICMP packet attack
D. Router IP packet attacks recorded items
Answer: A, B

Q: 2
With regard to the firewall configuration interface binding VPN instance, which configuration is correct?
A. ip binding vpn-instance vpn-id
B. ip binding vpn-instance vpn-instance-name
C. ip binding vpn-id
D. ip binding vpn-id vpn-instance-name
Answer: B

Q: 3
Which of the following VPN protocols do not provide encryption? (Choose three answers)
Answer: B, C, D

Q: 4
The KIE first stage main mode negotiation process includes the following information? (Choose three answers)
A. IKE proposal set
B. IPsec proposal set
C. DH key exchange public information
D. Both sides identity
Answer: A, C, D

Q: 5
IPsec VPN using digital certificates for authentication has the following steps:
1. Certificate signature verification
2. Find the certificate serial number in the CRL
3. Both devices share their entity certificate
4. Verify the certificate is valid
5. Establish a VPN tunnel
Which of the following is the correct pattern?
A. 3-2-1-4-5
B. 1-3-2-4-5
C. 3-1-4-2-5
D. 2-4-3-1-5
Answer: C

Q: 6
Testing Center is responsible for flow testing, and test results sent to the management center.
Answer: A

Q: 7
Which of the statement is correct about the Eth-trunk function? (Choose three answers)
A. It improves communication bandwidth of the link
B. It improves data security
C. Traffic load balancing
D. It improves the reliability of the link
Answer: A, C, D

Q: 8
IPSec NAT traversal is not supported in IKE main mode and aggressive mode of IP addresses + pre-shared key authentication mode, because the pre-shared key authentication requires the extraction of IP packets in order to find the IP address of the source address of the corresponding pre-shared secret key, and the presence of NAT causes a change to make the device unable to find the address of a pre-shared key.
Answer: A

Q: 9
USG two ways to build a firewall to Site IPsec VPN through the Site, when viewing a USGA state as follows:

display ipsec statistics
the security packet statistics:
input / output security packets: 4/0
input / output security bytes: 400/0
input / output dropped security packets: 0/0

After viewing the state above, what information do you get? (Choose two answers)
A. USGA encrypted data packets 4; USGA decrypt the packet is set 0.
B. USGA has decrypted packet is 4, USGA already encrypted data packet is 0.
C. Site A network device, there is no route, leading to the protection of the data may not be sent to the USGA.
D. IPsec tunnel is not established.
Answer: B, C

© 2014, All Rights Reserved