This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Sat Sep 21 11:49:40 2024 / +0000 GMT ___________________________________________________ Title: [Q84-Q101] 2022 Updated H12-721 PDF for the H12-721 Tests Free Updated Today! --------------------------------------------------- 2022 Updated H12-721 PDF for the H12-721 Tests Free Updated Today! Fully Updated Dumps PDF - Latest H12-721 Exam Questions and Answers NEW QUESTION 84The VGMP HELLO packets default time is 1 second, that is, when the end of the three HELLO Slave cycle range, if packets do not received HELLO packets sent to the client, it will consider the peer as dead, and it will switch them to Master-like State.  TRUE  FALSE NEW QUESTION 85There are three physical interfaces in the Link-Group group. When any of these interfaces fails, which of the following statements is correct? (Multiple Choice)  If any interface in the group fails, the system sets the status of other interfaces in the group to Down.  If any interface in the group fails, the status of other interfaces in the group does not change.  After some interfaces in the group are restored to normal, the interface status in the entire group is set to Up again.  After all the interfaces in the group are restored to normal, the interface status in the entire group is set to Up again. NEW QUESTION 86Regarding GRE Over IPSec, which of the following statements is wrong?  IP header added in the IPSec encapsulation process is the source IP address of the interface to which the IPSec gateway applies the IPSec policy. The destination address is the address of the interface to which the IPSec policy is applied in the IPSec peer.  The data flow that IPSec needs to protect is the data flow from the GRE starting point to the GRE destination.  IP header added in the GR encapsulation process is the source address of the GRE tunnel, and the destination address is the destination address of the GRE tunnel.  When GRE over IPSec is used between gateways, IPSec encapsulation is performed before GRE encapsulation. NEW QUESTION 8787. The SSL VPN scenario under dual-system hot standby is shown in the following figure. The administrator has enabled the SSL network extension function. The following is about the configuration of the SSL VPN function.  virtual gateway created on the master side will not be synchronized to the slave side.  Bind the address pool to VRRP backup group 2 when configuring network extensions.  The virtual gateway IP address of the SSL VPN in C USG_A must use 202.38.10.2  The virtual gateway IP address of the SSL VPN in D USG_B must use 10.100.10.2. NEW QUESTION 88What is the correct statement about the ip-link feature?  ip-link is a function to detect link connectivity  ARP detection mode only supports detecting direct links (or forwarding through Layer 2 devices in the middle)  The firewall sends ICMP or ARP packets to a probe destination address to determine whether the destination address is reachable.  ip-link is associated with VGMP, the ip-link status is down, and the VGMP management group priority is lowered by default. ExplanationNote: VGMP management group priority is lowered by default 2NEW QUESTION 89In Hot standby, the backup channel must be the primary interface to the interface board.Which type is not supported?  Ethernet  GigabitEthernet  E1  vlan-if NEW QUESTION 90In the USG firewall, which two commands can be used to view the running status and memory/CPU usage of the device components (main control board, board, fan, power supply, etc.)?  display device  display environment  display version  dir NEW QUESTION 91The following figure shows the L2TP over IPSec application scenario. Which of the following is correct about the configuration of the IPSec protection data flow?  [LNS] acl number 2001 [LNS-acl-basic-2001] rule permit udp source 10.10.1.0 0.0.0.255  [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit source 10.10.1.0 0.0.0.255 destination 10.10.2.0 0.0.0.255  [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit tcp source-port 1701  [LNS] acl number 3001 [LNS-acl-adv-3001] rule permit udp source-port eq 1701 NEW QUESTION 92On the USG, you need to delete sslconfig.cfg in the hda1:/ directory. Which of the following commands can complete the operation?  cd hda 1:/remove sslconfig.cfg  cd hda 1:/delete sslconfig.cfg  cd hda 1:/rmdir sslconfig.cfg  cd hda 1:/mkdir sslconfig.cfg NEW QUESTION 93The global routing means that when there are multiple equal-cost routes to the destination network, the Huawei USG6000 firewall can dynamically select the outbound interface according to the link bandwidth, weight, priority, or automatically detected link quality set by the administrator, to achieve the reasonable use of link resources and improve the user experience.  True  False NEW QUESTION 94Which of the following security services can a secure multi-instance provide for a virtual firewall?  address binding  blacklist  ASPF  VPN routing NEW QUESTION 95Hot Standby networking environment is shown in Figure 1 and 2 backup group joined VGMP management group, USG_A main equipment, USG_B as a backup device.When USG_A is in failed state, such as power failure, this time USG_B state switched from Slave to Master.When USG_A firewall recovers, it switches back to its state Master, and USG_B status remains as Master.What has caused this phenomenon?  Two firewall load balancing mode, both in the same backup set is configured to master, also configure the Slave  USGA after the failure to restore its priority VRRP backup group did not recover in time  After the USGA recover from a failure, malfunction heartbeat  No configuration hrp track NEW QUESTION 96Ensure that the traffic is not affected by the server or link failure. The administrator has configured the link health check. However, after the configuration is complete, the health check status is still Down. What are the possible causes? (Multiple Choice)  The peer device did not release the corresponding protocol and port  Security policy did not release traffic  The link for the health check has failed  Health check is not invoked on the interface NEW QUESTION 97Which of the following are the contents of quota allocation? (Multiple choices)  SSL VPN virtual gateway  Security area  Interface  vlan NEW QUESTION 98Before using SSL VPN to communicate, the client and server establish a session through the Handshake protocol to negotiate the relevant security parameters to be used in data transmission.  True  False NEW QUESTION 99When configured behind a firewall stateful failover, in the Web configuration interface, select “System> High Reliability> hot standby”, click “Check HRP configuration consistency” corresponding “check” button.Pop-up window, as shown, which of the following configurations can solve the problem (assuming heartbeat interface is added to the DMZ zone)?  firewall packet-filter default permit interzone trust locaI  firewall packet-filter default permit interzone trust dmz  firewall packet-filter default permit interzone untrust dmz  firewall packet-filter default permit interzone local NEW QUESTION 100Below displays the IKE V1 first stage pre-shared key mode during the main mode packet switching crawl. Based on the information shown, the crawl occurs under which packet?  IKE first or second Message  IKE third or fourth Message  IKE fifth or sixth Message  IKE seventh or eighth Message NEW QUESTION 101If you use SSL VPN to provide file sharing, all files in the shared directory are visible to end users.Which of the following descriptions is correct for the configuration of the file share path?  The format of the SMB type resource is: //IP address (host name)/shared folder. The SMB type resource path can be a multi-level shared folder directory.  The format of the NFS type resource is: //IP address (host name)/dir1/dir2/shared folder. The NFS type resource path can only have one-level shared folder directory.  Select SMB for file sharing resources under Windows.  Select SMB for file sharing resources under Linux.  Loading … Free H12-721 Exam Questions H12-721 Actual Free Exam Questions: https://www.vceprep.com/H12-721-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-11-21 14:03:34 Post date GMT: 2022-11-21 14:03:34 Post modified date: 2022-11-21 14:03:34 Post modified date GMT: 2022-11-21 14:03:34