New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Huawei > HCIP-Security > H12-724

H12-724 HCIP-Security (Fast track) V1.0 Question and Answers

Question # 4

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

A.

SACG and IP address 2.1.1.1 server linkage is not successful

B.

SACG linkage success with controller.

C.

master controller IP address is 1.1.1.2.

D.

master controller IP address is 2.1.1.1.

Full Access
Question # 5

The following configuration is in A with B The authentication commands are configured on the two admission control devices. For the analysis of the following configuration commands, which ones are correct? (Multiple choice)

A.

A What is configured on the device is MAC Bypass authentication

B.

B What is configured on the device is MAC Bypass authentication o

C.

A On the device 2GE1/01 Can access PC Can also access dumb terminal equipment

D.

B On the device GE1/0/1 Can access PC It can also access dumb terminal equipment. Upper

Full Access
Question # 6

With the continuous development of the network and the rapid development of applications, companies are making users more and more frequently start to transfer files on the network.

Virus threats are becoming more and more serious. Only by rejecting the virus outside the network can data security and system stability be guaranteed. So, which of the following are

What harm might be caused by illness? (multiple choices)

A.

Threaten the security of the user's host and network.

B.

Some viruses can be used as intrusion tools, such as Trojan horse viruses,

C.

Control the host computer's accumulated limit and the user's data, and some viruses may even cause damage to the host's hardware.

D.

Can easily pass the defense of Huawei USG6000 products

Full Access
Question # 7

Which of the following files can the sandbox detect? (multiple choice)

A.

www file

B.

PE file

C.

Picture file

D.

Mail

Full Access
Question # 8

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

A.

Keywords contained in the content of the uploaded file

B.

Keywords contained in the downloaded file

C.

File type

D.

File upload direction 335

Full Access
Question # 9

MAC Certification refers to 802.1x In the protocol authentication environment, the terminal does not respond to the connection control device after accessing the network 802.1x When protocol authentication is requested, the access control does not automatically obtain the terminal’s MAC The address is sent as a credential to access the network RADIUS The server performs verification.

A.

True

B.

False

Full Access
Question # 10

Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct? (multiple choice)

A.

802.1X Authentication can only be initiated by the client.

B.

802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate

C.

8021X The client can trigger authentication through multicast or broadcast.

D.

The authentication equipment department triggers authentication through multicast or unicast.

Full Access
Question # 11

When the account assigned by the administrator for the guest is connected to the network, the audit action that the administrator can perform on the guest does not include which of the following options?

A.

Visitor online and offline records

B.

Force users to go offline

C.

Account deactivation 1 reset Password

D.

Send a warning message to the user

Full Access
Question # 12

Agile Controller-Campus As RADIUS When the server performs authentication, how many ends need to be configured for authentication on the admission control device?

A.

1812

B.

1813

C.

8443

D.

8080

Full Access
Question # 13

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

A.

WIDS Is a wireless intrusion prevention system

B.

WIPS Wireless intrusion detection system

C.

WIDS Is a wireless intrusion countermeasure system

D.

WIPS Is a wireless intrusion prevention system

Full Access
Question # 14

In some scenarios, an anonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

A.

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

B.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

C.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

D.

Administrators cannot delete anonymous accounts"~anonymous*.

Full Access
Question # 15

In order to increase AP The security can be AC Going online AP Perform authentication. Currently Huawei AC What are the supported authentication methods? (Multiple choice)

A.

MAC Certification

B.

Password authentication

C.

Not certified:

D.

SN Certification

Full Access
Question # 16

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

A.

172.18.11.221 It is the server of the isolation domain.

B.

The escape route was opened.

C.

172.18.11.223 It is a post-domain server.

D.

The terminal host stream is the default ACL Blocked.

Full Access
Question # 17

In the WLAN wireless access scenario, which of the following network security technologies belong to user access security? (Multiple choice)

A.

AP Certification

B.

Link authentication

C.

User access authentication

D.

data encryption

Full Access
Question # 18

BY00 The products and textiles provided by the history solution program cover the entire terminal network\Application and management and other fields/include: Serialization BC Equipment, paperless network system network access support, VPN Gateway, terminal security customer ladder software, authentication system, mobile device management(MDN),move eSpace UC.

A.

True

B.

False

Full Access
Question # 19

An enterprise has a large number of mobile office employees, and a mobile office system needs to be deployed to manage the employees. The number of employees in this enterprise exceeds 2000 People, and the employees’ working areas are distributed all over the country. In order to facilitate management, which deployment method is adopted?

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Both centralized deployment and distributed deployment are possible

Full Access
Question # 20

For the description of the principles of HTTP Flood and HTTPS Flood blow defense, which of the following options are correct? (multiple choice)

A.

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

B.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

C.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

D.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Full Access
Question # 21

Attacks on the Web can be divided into three types of attacks on the client, server, or communication channel.

A.

True

B.

False

Full Access
Question # 22

The traditional campus network is based on IP As the core network, if there are mobile office users, which of the following options is not the problem that mobile office users face when deploying access authentication?

A.

The user distribution range is large, and the access control requirements are high.

B.

The deployment of the access control strategy is significant.

C.

Access rights are difficult to control.

D.

User experience technology

Full Access
Question # 23

Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system

If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)

A.

Host

B.

A group of users

C.

Single user

D.

A key program and file in the system

Full Access
Question # 24

Which of the following options is not a feature of big data technology?

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Full Access
Question # 25

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

A.

The access layer switch does not start EAP Transparent transmission function.

B.

wireless 02K In the scenario, the access control device is not equipped with a security board

C.

AD The service controller is not added in the authentication scenario AD area.

D.

The user account or password is incorrectly configured.

Full Access
Question # 26

Anti-DDoS defense system includes: management center, detection center and cleaning center.

A.

True

155955cc-666171a2-20fac832-0c042c0421

B.

False

Full Access
Question # 27

For the description of URPF technology, which of the following options are correct? (multiple choice)

A.

The main function is to prevent network attacks based on source address spoofing.

B.

In strict mode, it does not check whether the interface matches. As long as there is a route to the source address, the message can pass.

C.

The loose mode not only requires corresponding entries in the forwarding table, but also requires that the interface must match to pass the URPF check.

D.

Use URPF's loose mode in an environment where routing symmetry cannot be guaranteed.

Full Access
Question # 28

According to the user’s access5W1H Conditions determine access rights andQoS Strategy for5W1Ho[Which of the following descriptions are correct? (Multiple choice)

A.

WhoTo determine the ownership of the access device(Company standard,BYOD Wait)

B.

WhoseTo determine the identity of the access person(member I, Visitors, etc.)

C.

How Determine the access method(Wired, wireless, etc.)

D.

WhatTo determine the access device(PC,iOS Wait)

Full Access
Question # 29

Web Standards that come with the client and operating system 8021 The instrument client only has the function of identity authentication: It does not support the execution of inspection strategies and monitoring strategies. Any Office The client supports all inspection strategies and monitoring strategies.

A.

True

B.

False

Full Access
Question # 30

When using the misuse check technology, if the normal user behavior is successfully matched with the intrusion feature knowledge base, it will be falsely reported.

A.

True

B.

False

Full Access
Question # 31

If you are deploying BYOD When the system is installed, use a stand-alone installation SM, Dual-machine installation SC, Stand-alone hardware deployment AE,Which of the following descriptions are correct? (Multiple choice)

A.

AE Server priority use)SC server.

B.

Install AE When the server, you need to configure the main and standby SC Server IP address.

C.

If the Lord SC After the server fails,AE The server will use the backup SC server.

D.

host SC After the server is restored,AE Server will not switch back to master SC The server handles the business.

Full Access
Question # 32

Regarding intrusion prevention, which of the following option descriptions is wrong

A.

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.

Intrusion prevention can block attacks in real time.

D.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Full Access
Question # 33

The user needs of a university are as follows:

1. The environment is large, and the total number of two-way traffic can reach 800M. Huawei USG6000 series firewall is deployed at its network node.

2. The intranet is divided into student area, server area, etc., users are most concerned about the security of the server area to avoid attacks from various threats.

3. At the same time, some pornographic websites in the student area are prohibited.

The external network has been configured as an untrust zone and the internal network has been configured as a trust zone on the firewall. How to configure the firewall to meet the above requirements?

155955cc-666171a2-20fac832-0c042c0415

A.

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

B.

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

C.

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

D.

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

Full Access
Question # 34

Which of the following options is about SACG The description of the online process is wrong?

A.

Terminal and Agile Controller-Campus Server communication SSL encryption

B.

Authentication fails, end users can only access resources in the pre-authentication domain

C.

Security check passed,Agile Controller-Campus Server notification SACG Will end user's IP Address switch to isolated domain

D.

Agile Controller-Campus Server gives SACG Carrying domain parameters in the message

Full Access
Question # 35

Fage attack means that the original address and target address of TOP are both set to the IP address of a certain victim. This behavior will cause the victim to report to it.

SYN-ACK message is sent from the address, and this address sends back an ACK message and creates an empty connection, which causes the system resource board to occupy or target

The host crashed.

A.

True

B.

False

Full Access
Question # 36

There are three roles in the XMPP protocol: server, gateway, and client. Corresponding to the free mobility solution: Agile Controller-Campus as For the server, Huawei USG6000 series firewall acts as the gateway; the agile switch acts as the client.

A.

True

B.

False

Full Access
Question # 37

Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

A.

True

B.

False

Full Access
Question # 38

Which of the following are typical intrusions? "Multiple choice)

A.

Computer is infected by U disk virus

B.

Abnormal power interruption in the computer room

C.

Tampering with Web pages

D.

Copy/view sensitive data

Full Access
Question # 39

Misuse detection is through the detection of similar intrusions in user behavior, or those that use system flaws to indirectly violate system security rules

To detect intrusions in the system. Which of the following is not a feature of misuse detection 2

A.

Easy to implement

B.

Accurate detection

C.

Effective detection of impersonation detection of legitimate users

D.

Easy to upgrade

Full Access
Question # 40

Which of the following options are the possible reasons why a certain signature is not included after the IPS policy configuration is completed? (multiple choice)

A.

Direction is not enabled

B.

The direction is turned on, but no specific direction is selected

C.

The severity level of the configuration is too high

D.

The protocol selection technique is correct

Full Access
Question # 41

If the regular expression is "abc. de", which of the following will not match the regular expression?

A.

abcde

B.

abcdde

C.

abclde

D.

abc+de

Full Access
Question # 42

The user accesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

A.

Configure RADIUS authentication and accounting on the RADIUS server.

B.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

C.

Configure RADIUS authentication and accounting on the device side. W"

D.

Configure RADIUS authentication and authorization on the Agile Controller-Campus.

Full Access
Question # 43

Regarding the description of the account blacklist, which of the following options is wrong?

A.

The automatic account lock and manual account lock functions cannot be activated at the same time.

B.

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

C.

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

D.

Manually lock the account and delete it from the list, the lock of the account will be released.

Full Access
Question # 44

Which of the following options is for Portal The statement of the gateway access process is correct?

A.

Portal gateway initiates Radius Challenge request message, including user name and password information

B.

The ACL issued by the server to the access gateway is carried in the Portal protocol message

C.

Issue policies while performing identity authentication

D.

The Portal server needs to pass the security check result to the access gateway device

Full Access
Question # 45

Sort all services according to user group and account: By the end IP The address range is time-sharing, if it is a user group, a small terminal with an account IP Address range allocation for the same business(Chen Gongji outside business) I The business assigned to the one with the highest priority will take effect.

Which of the following is correct regarding the order of priority?

A.

account>user group>terminal IP Address range

B.

By the end P Address range>account number>user group

C.

account>Terminal protection address range>user group

D.

user group>terminal P Address range>Account

Full Access
Question # 46

Regarding the description of the security zone in the Agile Controller-Campus, which of the following options are correct? (multiple choice)

A.

The user domain is generally composed of various terminal users. The terminals in this area have the characteristics of large numbers, wide distribution, and strong mobility.

B.

The business domain is a platform for the heavy load of business flows. According to the needs of the enterprise, security technology is used to logically divide the business to realize the security of the network.

C.

The network domain is the most concerned security protection area of various enterprises, and it carries the important and core information assets of the enterprise.

D.

The service domain is the area that provides security services for the corporate intranet. This area is generally composed of systems that provide security services such as antivirus servers, patch management servers, and terminal security servers.

Full Access
Question # 47

The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined

The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons

some?

A.

The administrator has not set the time to vote every day from 9:00 to 18:00

B.

The shopping website does not belong to the predefined shopping website category

C.

The administrator did not submit the configuration after completing the configuration.

D.

The administrator has not applied the URL pass-through configuration file to the security policy.

Full Access
Question # 48

The administrator has configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not allowed Can the reason?

A.

The file filtering configuration file is not referenced in the security policy

B.

File filtering configuration file is incorrect

C.

License is not activated.

D.

The action configuration of the file extension does not match is incorrect

Full Access
Question # 49

Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices

A.

Enhanced mode refers to the authentication method using verification code.

B.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

C.

The enhanced mode is superior to the basic mode in terms of user experience.

D.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

Full Access
Question # 50

Regarding Huawei's anti-virus technology, which of the following statements is wrong?

A.

The virus detection system cannot directly detect compressed files

B.

The anti-virus engine can detect the file type through the file extension

C.

Gateway antivirus default file maximum decompression layer is 3 layers

D.

The implementation of gateway antivirus is based on proxy scanning and stream scanning

Full Access
Question # 51

When the license of Huawei USG6000 product expires, the RBL function will be unavailable, and users can only use the local black and white list to filter junk mail.

155955cc-666171a2-20fac832-0c042c0435

A.

True

B.

False

Full Access
Question # 52

After configuring the announcement,Agile Controller-Campus The system cannot assign this announcement to which of the following objects?

A.

Assign to user

B.

Assigned to account

C.

Assign to terminal IP Address range

D.

Assigned to places

Full Access
Question # 53

Which of the following options is correct for the description of the Anti DDoS system configuration?

A.

Configure drainage and re-injection on the testing equipment.

B.

Configure port mirroring on the cleaning device.

C.

Add protection objects on the management center.

D.

Configure drainage and re-injection on the management center.

Full Access
Question # 54

The access control server is the implementer of the corporate security policy, responsible for implementing the corresponding access control in accordance with the security policy formulated by the customer's network(Allow, deny, leave or restrict).

A.

True

B.

False

Full Access
Question # 55

Place refers to the terminal environment when end-user use strategy management center access to

controlled network office, which options are correct about place? (Choose 2 answers)

A.

strategy management center only support the default place

B.

The default place only support by way of cable access network scenario

C.

can be customized places

D.

when allocation strategy template for the end user, need to select the corresponding places

Full Access