Free Access Huawei.H12-731-ENU.v2023-02-09.q68 Practice Test (Page 8)

Question 31

As shown in the figure, the corresponding defense methods are:

A.Payload Check Defense

B.Method defense through source authentication

C.Defense by TTL checking

D.Authenticate the user through the associated TCP protocol

E.Fingerprint Learning Defense

Question 32

An FTP server ( DMZ ) on the existing network of the enterprise provides FTP services to the outside ( Untrust ), and a USG firewall is deployed on the external network port.
The following information is obtained by capturing packets on the FTP server:
Sequence Number Source Address Destination Address Protocol Packet Summary
1 1.1.1.1 192.168.1.2 TCP 3318>21 [SYN] Seq=0 Len=0 MSS=1460
2 192.168.1.2 1.1.1.1 TCP 21>3318 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460
3 1.1.1.1 192.168.1.2 TCP 3318>21[SYN] Seq=1 Ack=1 Win=65535 Len=0
......
13 1.1.1.1 192.168.1.2 FTP Request: PASV
14 192.168.1.2 1.1.1.1 FTP Response: 227 Entering Passive Mode (192, 168, 1, 2, 4, 162)
15 1.1.1.1 192.168.1.2 TCP 3319>1186 [SYN] Seq=0 Len=0 MSS=1460
16 192.168.1.2 1.1.1.1 TCP 1186>3319 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460
17 1.1.1.1 192.168.1.2 TCP 3319>1186 [SYN] Seq=1 Ack=1 Win=65535 Len=0
.....
The following descriptions are correct:

A.The data channel has been established normally between the host 1.1.1.1 and the FFP server 192.168.1.2.

B.A servermap entry is automatically generated on the firewall.

C.The NAT configuration of nat-policy must be completed on the firewall.

D.FTP server FTP service is active mode.

Question 33

Which of the following descriptions are correct about the way SAC devices are connected to the network?

A.SACG devices are required to communicate with the Agile Controller at Layer 2.

B.SACG is usually side-mounted on the core switch device and uses policy routing to divert traffic.

C.SACG supports side-hook on non-Huawei devices.

D.SACG equipment is required to communicate with the terminal at Layer 2.

Question 34

The USG serves as the gateway of the headquarters. Users on business trips need to use the Internet to establish a VPN tunnel to access the resources of the headquarters, and users on business trips do not need to install any dial-up software. Which of the following VPN technologies is most suitable:

A.SSL VPN

B.IPsec VPN

C.GRE

D.L2TP

Question 35

A network expects to use URPF technology to improve network security. Which mode of URPF is used in the following networking scenarios:

A.strict mode

B.loose mode

C.According to the stem information, the corresponding mode cannot be judged

D.strict mode or loose mode

Latest Upload: 111Oracle.1z0-1196-25.v2025-09-12.q18; 110NetworkAppliance.NS0-162.v2025-09-12.q86; 151OCEG.GRCP.v2025-09-11.q211; 110HP.HPE0-V27.v2025-09-11.q78; 126Oracle.1Z0-1057-23.v2025-09-10.q47; 169Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 140SAP.C-S4EWM-2023.v2025-09-08.q83; 186TheSecOpsGroup.CNSP.v2025-09-08.q20; 282CFAInstitute.ESG-Investing.v2025-09-08.q173; 264PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 31

Question 32

Question 33

Question 34

Question 35

Download PDF File