H12-724 HCIP-Security (Fast track) V1.0 Question and Answers

SACG and IP address 2.1.1.1 server linkage is not successful

SACG linkage success with controller.

master controller IP address is 1.1.1.2.

master controller IP address is 2.1.1.1.

A What is configured on the device is MAC Bypass authentication

B What is configured on the device is MAC Bypass authentication o

A On the device 2GE1/01 Can access PC Can also access dumb terminal equipment

B On the device GE1/0/1 Can access PC It can also access dumb terminal equipment. Upper

Threaten the security of the user's host and network.

Some viruses can be used as intrusion tools, such as Trojan horse viruses,

Control the host computer's accumulated limit and the user's data, and some viruses may even cause damage to the host's hardware.

Can easily pass the defense of Huawei USG6000 products

www file

PE file

Picture file

Mail

Keywords contained in the content of the uploaded file

Keywords contained in the downloaded file

File type

File upload direction 335

True

False

802.1X Authentication can only be initiated by the client.

802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate

8021X The client can trigger authentication through multicast or broadcast.

The authentication equipment department triggers authentication through multicast or unicast.

Visitor online and offline records

Force users to go offline

Account deactivation 1 reset Password

Send a warning message to the user

1812

1813

8443

8080

WIDS Is a wireless intrusion prevention system

WIPS Wireless intrusion detection system

WIDS Is a wireless intrusion countermeasure system

WIPS Is a wireless intrusion prevention system

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

Administrators cannot delete anonymous accounts"~anonymous*.

MAC Certification

Password authentication

Not certified:

SN Certification

172.18.11.221 It is the server of the isolation domain.

The escape route was opened.

172.18.11.223 It is a post-domain server.

The terminal host stream is the default ACL Blocked.

AP Certification

Link authentication

User access authentication

data encryption

True

False

Centralized deployment

Distributed deployment

Hierarchical deployment

Both centralized deployment and distributed deployment are possible

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

True

False

The user distribution range is large, and the access control requirements are high.

The deployment of the access control strategy is significant.

Access rights are difficult to control.

User experience technology

Host

A group of users

Single user

A key program and file in the system

The data boy is huge

A wide variety of data

Low value density

Slow processing speed

The access layer switch does not start EAP Transparent transmission function.

wireless 02K In the scenario, the access control device is not equipped with a security board

AD The service controller is not added in the authentication scenario AD area.

The user account or password is incorrectly configured.

True

155955cc-666171a2-20fac832-0c042c0421

False

The main function is to prevent network attacks based on source address spoofing.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

WhoTo determine the ownership of the access device(Company standard,BYOD Wait)

WhoseTo determine the identity of the access person(member I, Visitors, etc.)

How Determine the access method(Wired, wireless, etc.)

WhatTo determine the access device(PC,iOS Wait)

True

False

True

False

AE Server priority use)SC server.

Install AE When the server, you need to configure the main and standby SC Server IP address.

If the Lord SC After the server fails,AE The server will use the backup SC server.

host SC After the server is restored,AE Server will not switch back to master SC The server handles the business.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

Intrusion prevention can block attacks in real time.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Terminal and Agile Controller-Campus Server communication SSL encryption

Authentication fails, end users can only access resources in the pre-authentication domain

Security check passed,Agile Controller-Campus Server notification SACG Will end user's IP Address switch to isolated domain

Agile Controller-Campus Server gives SACG Carrying domain parameters in the message

True

False

True

False

True

False

Computer is infected by U disk virus

Abnormal power interruption in the computer room

Tampering with Web pages

Copy/view sensitive data

Easy to implement

Accurate detection

Effective detection of impersonation detection of legitimate users

Easy to upgrade

Direction is not enabled

The direction is turned on, but no specific direction is selected

The severity level of the configuration is too high

The protocol selection technique is correct

abcde

abcdde

abclde

abc+de

Configure RADIUS authentication and accounting on the RADIUS server.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

Configure RADIUS authentication and accounting on the device side. W"

Configure RADIUS authentication and authorization on the Agile Controller-Campus.

The automatic account lock and manual account lock functions cannot be activated at the same time.

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

Manually lock the account and delete it from the list, the lock of the account will be released.

Portal gateway initiates Radius Challenge request message, including user name and password information

The ACL issued by the server to the access gateway is carried in the Portal protocol message

Issue policies while performing identity authentication

The Portal server needs to pass the security check result to the access gateway device

account>user group>terminal IP Address range

By the end P Address range>account number>user group

account>Terminal protection address range>user group

user group>terminal P Address range>Account

The user domain is generally composed of various terminal users. The terminals in this area have the characteristics of large numbers, wide distribution, and strong mobility.

The business domain is a platform for the heavy load of business flows. According to the needs of the enterprise, security technology is used to logically divide the business to realize the security of the network.

The network domain is the most concerned security protection area of various enterprises, and it carries the important and core information assets of the enterprise.

The service domain is the area that provides security services for the corporate intranet. This area is generally composed of systems that provide security services such as antivirus servers, patch management servers, and terminal security servers.

The administrator has not set the time to vote every day from 9:00 to 18:00

The shopping website does not belong to the predefined shopping website category

The administrator did not submit the configuration after completing the configuration.

The administrator has not applied the URL pass-through configuration file to the security policy.

The file filtering configuration file is not referenced in the security policy

File filtering configuration file is incorrect

License is not activated.

The action configuration of the file extension does not match is incorrect

Enhanced mode refers to the authentication method using verification code.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

The enhanced mode is superior to the basic mode in terms of user experience.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

The virus detection system cannot directly detect compressed files

The anti-virus engine can detect the file type through the file extension

Gateway antivirus default file maximum decompression layer is 3 layers

The implementation of gateway antivirus is based on proxy scanning and stream scanning

True

False

Assign to user

Assigned to account

Assign to terminal IP Address range

Assigned to places

Configure drainage and re-injection on the testing equipment.

Configure port mirroring on the cleaning device.

Add protection objects on the management center.

Configure drainage and re-injection on the management center.

True

False

strategy management center only support the default place

The default place only support by way of cable access network scenario

can be customized places

when allocation strategy template for the end user, need to select the corresponding places