New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Huawei > HCIP-Security > H12-723

H12-723 Huawei Certified ICT Professional - Constructing Terminal Security System Question and Answers

Question # 4

Deploying on Windows platform, using SQL Server database About the HA function of Agile Cotoller-Campus, which of the following descriptions Is it correct? (multiple choice)

A.

Deployment Management Center MC Time, support HA, Provide based on Keepalived Technical HA Active/standby switchover.

B.

Deploy Business Manager SM Time, support HA, Provide based on Keepalived Technical HA Active/standby switchover.

C.

Deploy business controller 3SC Time, support HA, Provide a backup solution in resource pool mode, which needs to be deployed N+1 indivual SC

D.

Deploy the database DB Time, support HA use SQL Server Database mirroring technology requires the deployment of master DB+Mirroring DB+witness DB.

Full Access
Question # 5

About in WLAN User isolation technology is used in the networking environment. Which of the following statements is wrong?

A.

User isolation between groups means that users in different groups cannot communicate, but internal users in the same group can communicate

B.

Isolation within a user group means that users within the same group cannot communicate with each other.

C.

The user isolation function is related to the same AP Layer 2 packets between all wireless users on the Internet cannot be forwarded to each other

D.

Intra-group isolation and inter-group isolation cannot be used at the same time

Full Access
Question # 6

Regarding the basic principles of user access security, it is wrong not to list any description?

A.

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates with the authentication server to complete the user Authentication.

B.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, and terminal Information such as the patch version installed on the device.

C.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

D.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Full Access
Question # 7

URL filtering, remote classification list provided and maintained by a third-party classification servers, devices can be synchronous updated automatically or manually from third-party classification servers.

A.

TRUE

B.

FALSE

Full Access
Question # 8

Regarding patch management and Windows patch checking strategies, which of the following descriptions is wrong?

A.

Patch management and Windows The patch check strategy can check whether the terminal host has installed the specified Windows Make system patches.

B.

Windows Patch check strategy focuses on checking whether the terminal host is installed Windows Operating system patches.

C.

When the terminal host does not install the specified Windows When making a system patch, according to Windows The patch check policy prohibits terminal hosts from accessing the controlled network.

D.

Patch management focuses on checking whether the terminal host has installed the specified patch,Perform access control on the terminal host.

Full Access
Question # 9

Secure email is Any ffice Solution for corporate office 0A The killer application provided, it provides powerful email business capabilities and rich email strategies. For secure mail, which of the following descriptions are correct? (Multiple choice)

A.

Through the mail client, you can connect No or Exchange Mail system.

B.

Support automatic mail transmission encryption, transmission encryption method supports a full range of IPSec/TLS protocol.

C.

Online survey of attached documents is not supported.

D.

Support MAP4/SMTP/EAS Send and receive emails with standard protocols such as, and support real-time email push.

Full Access
Question # 10

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

A.

172.18.11.221 It is the server of the isolation domain.

B.

The escape route was opened.

C.

172.18.11.223 It is a post-domain server.

D.

The terminal host stream is the default ACL Blocked.

Full Access
Question # 11

Which of the following statement is correct IDS and IPS?

A.

IDS only supports Inline online deployment

B.

IPS deployed as a bypass mode is similar to the function of ID

C.

the core technology of IPS is deep packet inspection and bypass inspection

D.

With the IPS does not need to deploy a firewall and IDS

Full Access
Question # 12

In some scenarios, an anonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

A.

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

B.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

C.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

D.

Administrators cannot delete anonymous accounts"~anonymous*.

Full Access
Question # 13

Install Agile Controller-Campus Which of the following steps do not need to be completed before?

A.

Install the operating system

B.

Install the database

C.

Install antivirus software

D.

Import License

Full Access
Question # 14

Regarding the identity authentication method and authentication type, which of the following descriptions is correct?

A.

User passed web The method can support two authentication types: local authentication and digital certificate authentication.

B.

User passed web Agent The method can support two authentication types: digital certificate authentication and system authentication.

C.

User passed Agent The method can support three authentication types: local authentication, digital certificate authentication and system authentication.

D.

User passed web Agent The method can support two authentication types: digital certificate authentication and local authentication.

Full Access
Question # 15

Visitors can access the network through their registered account. Which of the following is not an account approval method?

A.

Exemption from approval

B.

Administrator approval

C.

Receptionist approval

D.

Self-approved by visitors

Full Access
Question # 16

SACG Inquire right-manager The information is as follows, which options are correct? (Multiple choice)

A.

SACG and IP Address is 2.1.1.1 The server linkage is unsuccessful.

B.

SACG The linkage with the controller is successful.

C.

main controller IP address is 1.1.1.2.

D.

main controller IP address is 2.1.1.1.

Full Access
Question # 17

A network adopts 802. 1X To authenticate access users, the access control equipment is deployed at the convergence layer, and after the deployment is completed, it is used on the access control equipment t-aa The command test is successful, but the user cannot access the network. The failure may be caused by the following reasons? (Multiple choice)

A.

The aggregation layer device is not configured RADIUS Certification template.

B.

Agile Controller-Campus The switch is not added on NAS equipment.

C.

Connect to the terminal on the device to open 802.1X Function.

D.

The Layer 2 link is used between the access device and the aggregation device, and it is not turned on 802 Instrument transparent transmission function

Full Access
Question # 18

Regarding the application scenarios of Agile Controller-Campus centralized deployment and distributed deployment, which of the following options are correct? (Multiple select)

A.

If most end users work in one area and a few end users work in branch offices, centralized deployment is recommended.

B.

If most end users are concentrated on--Offices in several regions, and a small number of end users work in branches. Distributed deployment is recommended.

C.

If end users are scattered in different geographical locations, a distributed deployment solution is recommended.

D.

If end users are scattered in different regions, a centralized deployment solution is recommended.

Full Access
Question # 19

The greater Virus Scan rating value, the higher the virus detection rate, but the smaller the probability of false positives.

A.

TRUE

B.

FALSE

Full Access
Question # 20

Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

A.

right

B.

wrong

Full Access
Question # 21

About the software SACG And hardware SACG Description, which of the following is correct?

A.

hardware SACG use Any Office Perform admission control.

B.

software SACG use Any Office Perform admission control.

C.

hardware SACG Than software SACG cut costs.

D.

hardware SACG The security is higher.

Full Access
Question # 22

An enterprise has a large number of mobile office employees, and a mobile office system needs to be deployed to manage the employees. The number of employees in this enterprise exceeds 2000 People, and the employees’ working areas are distributed all over the country. In order to facilitate management, which deployment method is adopted?

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Both centralized deployment and distributed deployment are possible

Full Access
Question # 23

When the account assigned by the administrator for the guest is connected to the network, the audit action that the administrator can perform on the guest does not include which of the following options?

A.

Visitor online and offline records

B.

Force users to go offline

C.

Account deactivation 1 reset Password

D.

Send a warning message to the user

Full Access
Question # 24

Agile Controller-Campus The department includes four parts of the management center(MC)Business manager(SM)And business controller(SC)And client network access equipment (NAD)As a component of the solution, it is linked with the service controller to realize user access control and free mobility.

A.

right

B.

wrong

Full Access
Question # 25

Traditional access control policy passed ACL or VLAN Can not be achieved with IP Address decoupling, in IP The maintenance workload is heavy when the address changes. And because the agile network introduces the concept of security group, it can achieve the same IP Address decoupling.

A.

right

B.

wrong

Full Access
Question # 26

The AD/LDAP account can be synchronized to the Agile Controller-Campus or not to the Agile Controller-Campus. Synchronize.

The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.

Authorization

A.

right

B.

wrong

Full Access
Question # 27

For the terminal Wi-Fi The order of the push, which of the following is correct?

1. Any Office Mobile office system push Wi-Fi Configuration

2. Any Office The mobile office department automatically applies for a certificate.

3. The administrator configures the enterprise Wi-Fi Push.

4. The terminal automatically connects to the enterprise Wi-Fi.

A.

1-2-3-4

B.

4-2-3-1

C.

3-2-1-4

D.

2-3-1-4

Full Access
Question # 28

An enterprise adopts hardware SACG access method for admission control. The configuration commands are as follows, among which Key; Admin@123

[USG] right-manager server-group

[USG-rightm] localip 10.1.10.2

[USG-rightm]serverip 10. 1.31.78 shared-key AdnIn@123

[USG2100-rightm] right-manager server-group enable.

Assuming that the other configurations are correct, based on the above configuration only, which of the following options is correct?

A.

After completing the configuration, SACG can successfully link with the Agile Controller-Campus.

B.

After completing the configuration, SACG cannot successfully link with Agile Contrlle-Campus. P

C.

Can issue pre-authentication domain ACL.

D.

The linkage cannot be successful but the terminal can access the pre-authentication domain server.

Full Access
Question # 29

Regarding asset management, which of the following descriptions is wrong?

A.

Asset management can register assets automatically or manually.

B.

Enable the automatic asset registration mode, the asset registration process does not require end users to participate.

C.

Automatic registration of assets is suitable for situations where the asset number is automatically maintained by the business manager.

D.

Manually registering assets means that the administrator I Way to create an asset record on the business manager, and put the asset number in Any Office Enter it to complete the asset registration

process.

Full Access
Question # 30

VIP Experience guarantee, from which two aspects are the main guarantees VIP User experience? (Multiple choice)

A.

bandwidth

B.

Forwarding priority

C.

Authority

D.

Strategy

Full Access