H12-721 HCNP-Security-CISN (Huawei Certified Network Professional – Constructing Infrastructure of Security Network)

H12-721 HCNP-Security-CISN (Huawei Certified Network Professional – Constructing Infrastructure of Security Network)

1. Huawei H12-721-ENU HCNP-Security-CISN Certification Exam
This document mainly introduces H12-721 HCNP-Security-CISN exam outline. For other exam syllabus, you can refer to the corresponding training materials or through http://support.huawei.com/learning on the Huawei Online Training and Learning Platform.

Certification Exam Code Exam Name Duration Pass Score/
Total Score
HCNP-Security H12-721 HCNP-Security-CISN
(Huawei Certified Network Professional – Constructing Infrastructure of Security Network) 90 min 600/1000

2. HCNP-Security-CISN Exam Outline

2.1 Exam Content
HCNP-Security-CISN exam covers network security device management, firewall intelligent routing, firewall high availability, VPN technology and application, firewall bandwidth management and virtual firewall technology.

2.2 Key Points
Network Security Device Management
1.Network Security Device Management
2.Network Security Device Log Analysis
3.Network Security Device Unified Operation and Maintenance
Firewall Intelligent Routing
1.Principles of Intelligent Routing
2.Intelligent Routing Application Analysis
3.Intelligent Routing Troubleshooting
Server Load Balancing
1.Principles of SLB Technology
2.SLB Deployment
Firewall High Availability
1.IP-Link Technology
2.BFD Technology
3.Hot Standby
4.Link-group Technology
5.Eth-Trunk Technology
VPN Technology and Application
1.IPSec VPN Technology and Application
2.SSL VPN Technology and Application
Firewall Bandwidth Management
1.Principle of Firewall Bandwidth Management
2.Firewall Bandwidth Management Deployment
3.Firewall bandwidth management Troubleshooting
Firewall Virtual System
1.Principle of Firewall virtual system
2.Firewall Virtual System Deployment
3.Firewall Virtual System Troubleshooting

Note:
The exam content provided here serves only as a general guide to candidates. Other contents not mentioned here may also be included in the actual exam.

2.3 Reference
Huawei Certified HCNP-Security-CISN Training Materials(V3.0)
Huawei Certified HCNP-Security-CISN Lab Guide(V3.0)

2.4 Recommended Training Program
HCNP-Security-CISN Training

QUESTION 1
The main method of caching servers DNS Request Flood defense is the use of DNS source authentication.

A. TRUE
B. FALSE

Answer: A

Explanation:

QUESTION 2
Refer to the following diagram in regards to Bypass mode.
Which of the following statements is correct a few? (Choose two answers)

A. When the interface is operating in a non-Bypass state, the flow from the inflow of USG
Router_A interfaces from GE0, GE1 after USG treatment from the interface flow Router_B.
B. When the Interface works in Bypass state, traffic flow from the interface by the Router_A GE0
USG, USG without any treatment, flows directly Router_B flows from the GE1 interfaces.
C. When there are firewall requirements to achieve security policies, while working at the interface
Bypass state to operate without interruption. Therefore, the device can be maintained in the Bypass state job.
D. Power Bypass interface can work in bridge mode, and can work with the bypass circuit.

Answer: A,B
Explanation:

QUESTION 3
With the Huawei abnormal flow cleaning solution, deployed at the scene of a bypass, drainage
schemes can be used to have? (Choose three answers)

A. Dynamic routing drainage
B. Static routing strategy drainage
C. Static routing drainage
D. MPLS VPN cited

Answer: A,B,C
Explanation:

QUESTION 4
Regarding IKE main mode and aggressive modes, which of the following statements is correct?

A. In savage mode with the the first phase of negotiation, all packets are encrypted
B. All main mode packts under the first phase of negotiation are encrypted
C. The DH algorithm is used in aggressive mode
D. Whether the negotiation is successful or not, IKE will enter into fast mode

Answer: C
Explanation:

QUESTION 5
A network is shown below.
A dial customer cannot establish a connection via a VPN client PC and USG (LNS) l2tp vpn.
What are valid reasons for this failure? (Choose three answers)

A. LNS tunnel tunnel name change is inconsistent with the client name.
B. L2TP tunnel authentication failed.
C. PPP authentication fails, PPP authentication mode set on the client PC and LNS inconsistent.
D. Client PC can not obtain an IP address assigned to it from the LNS.

Answer: B,C,D
Explanation:

Click here to view complete Q&A of H12-721 exam
Certkingdom Review
, Certkingdom PDF Torrents

MCTS Training, MCITP Trainnig

Best Huawei H12-721 Certification, Huawei H12-721 Training at certkingdom.com

Click to rate this post!
[Total: 0 Average: 0]

Comments |0|

Legend *) Required fields are marked
**) You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>