March Sale Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Huawei H12-723 Dumps

Page: 1 / 8
Total 201 questions

Huawei Certified ICT Professional - Constructing Terminal Security System Questions and Answers

Question 1

For security priority application environment, should be closed Huawei firewall UTM overload protection function.

Options:

A.

TRUE

B.

FALSE

Question 2

A university user requirements are as follows:

1. The environmental flow is larger, two-way add up to OOOM, UTM deployed in its network node.

2. The intranet is divided into students zones, server zones, etc., users are most concerned about the security of the server area, to avoid all kinds of the threat of attack.

3. At the same time to ban students area some pornographic websites.

In UTM configured Extranet for untrust domain, Intranet for trust domain, how to deploy the UTM strategy? (Select 2 answers)

Options:

A.

can be directly under the global open AV, PS protective function, URL filtering function, then it can be realized

B.

Outbound direction only open AV, IPS protective function for server areas, protected server

C.

inboud direction only open AV, IPS protective function for server areas, protected server

D.

Outbound direction open URL filtering function for the entire campus network, and filtering of part classification website

Question 3

URL filtering configure exact match field, then not meet the URL of the filtering strategy include:

Options:

C.

WWW.TEST.COM/news

Question 4

Deployed by an enterprise network managerAgile Controller-Campus withSACG Later;Identity authentication is successful but cannot access the post-authentication domain, This phenomenon may be caused by any reason? (Multiple choice)

Options:

A.

A serious violation will prohibit access to the post-authentication domain.

B.

The access control list of the post-authentication domain has not been delivered SACG.

C.

ALC The number of rules issued is too many, and a lot of time is required to match, causing interruption of access services.

D.

Agile Controller-Campus Wrong post-authentication domain resources are configured on the server.

Question 5

What are the three main steps of business free deployment? (Multiple choice)

Options:

A.

Define security group

B.

Define and deploy group policies

C.

The system runs automatically

D.

Security group reported by the system

E.

Define user groups

Question 6

Which of the following options belongs to MC prioritized pail Authentication application scenarios?

Options:

A.

User use portal Page for authentication

B.

Users follow WeChat for authentication.

C.

User use IAC Client authentication

D.

User use Pota At the first certification,RAOIUS Used by the server cache terminal MAC Address, if the terminal goes offline and then goes online again within the validity period of the cache,RAIUS The server directly searches the cache for the terminal's MAC The address is discussed.

Question 7

Use the command on the switch to view the status of free mobility deployment, the command is as follows:

For the above command, which of the following descriptions is correct?

Options:

A.

The control server address is 10.1.10.34

B.

The authentication device address is 10.1.31.78

C.

Status is"Working"Indicates that the switch and Controller Linkage is successful

D.

current Controller The server is backup n

Question 8

Regarding asset management, which of the following descriptions is wrong?

Options:

A.

Asset management can register assets automatically or manually.

B.

Enable the automatic asset registration mode, the asset registration process does not require end users to participate.

C.

Automatic registration of assets is suitable for situations where the asset number is automatically maintained by the business manager.

D.

Manually registering assets means that the administrator I Way to create an asset record on the business manager, and put the asset number in Any Office Enter it to complete the asset registration

process.

Question 9

Agile Controller-Campus All components are supported Windows System and Linux system.

Options:

A.

right

B.

wrong

Question 10

According to different reliability requirements, centralized networking can provide different reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Options:

A.

Basic networking includes deploying one SM Server, one SC Server, one DB and a AE server.

B.

AE In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SC server.

C.

SC In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SM server.

D.

DB In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup DB..

Question 11

How to check whether the MC service has started 20?

Options:

A.

View in task manager TMCSever Whether the service is started.

B.

View in task manager TMCServerDaemon Whether the service is started.

C.

View in task manager TMCServer with TMCSeverDaemon Whether the service is started.

D.

Select on the server"Start>all programs> Huawei> Agile Cortroler> Sever rtrller",an examination MC Whether the status is"run".

Question 12

Regarding CAPWAP encryption, which of the following statements is wrong?

Options:

A.

CAPWAP The data tunnel can be used DTLS Encrypted.

B.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Question 13

Agile Controller-Campus Which deployment mode is not supported?

Options:

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Two-machine deployment

Question 14

Regarding MAC authentication and MAC bypass authentication, which of the following descriptions are correct? (multiple choice)

Options:

A.

The biggest difference between the two is MAC Bypass authentication belongs to 802 1X Certification, while MAC Certification does not belong to 802 1X Certification.

B.

If a network can connect to dumb terminals(printer,IP telephone), The text may be connected to a portable computer, please use MAC Bypass authentication:First try 802 1X Authentication, try again if authentication fails MAC Certification

C.

If a network will only connect to dumb terminals(printer,IP telephone),please use MAC Certification in order to shorten the certification time.

D.

MAC Authentication MAC One more bypass authentication 802 In the instrument certification process, the open time is longer than MAC The bypass authentication time is long.

Question 15

Visitors can access the network through their registered account. Which of the following is not an account approval method?

Options:

A.

Exemption from approval

B.

Administrator approval

C.

Receptionist approval

D.

Self-approved by visitors

Question 16

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

Options:

A.

The access layer switch does not start EAP Transparent transmission function.

B.

wireless 02K In the scenario, the access control device is not equipped with a security board

C.

AD The service controller is not added in the authentication scenario AD area.

D.

The user account or password is incorrectly configured.

Question 17

MAC Certification refers to 802.1x In the protocol authentication environment, the terminal does not respond to the connection control device after accessing the network 802.1x When protocol authentication is requested, the access control does not automatically obtain the terminal’s MAC The address is sent as a credential to access the network RADIUS The server performs verification.

Options:

A.

right

B.

wrong

Question 18

An enterprise has a large number of mobile office employees, and a mobile office system needs to be deployed to manage the employees. The number of employees in this enterprise exceeds 2000 People, and the employees’ working areas are distributed all over the country. In order to facilitate management, which deployment method is adopted?

Options:

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Both centralized deployment and distributed deployment are possible

Question 19

In the Agile Controller-Campus solution, which device is usually used as the hardware SACG?

Options:

A.

router

B.

switch

C.

Firewall

D.

IPS

Question 20

View on the switch Agile Controller-Campus The policy issued by the server is as follows:

For this strategy, which of the following options are correct? (Multiple choice)

Options:

A.

Common_ user Users can access Internet www H.

B.

VIP Users can access Internet w H.

C.

VIP Can visit Mail Server H.

D.

Common user Users can access Mail_ Sever resource.

Question 21

Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

Options:

A.

Short message

B.

E-mail

C.

Web Print

D.

Voicemail

Question 22

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Options:

A.

As Agile Controller-Campus The management center is responsible for formulating the overall strategy.

B.

As Agile Controller-Campus The management interface is used to configure and monitor the system.

C.

Integrated with standards RADIUS server,Porta Server, etc., responsible for linking with network access equipment to realize user-based network access control Strategy.

D.

As Agile Controller-Campus ’S security assistance server, responsible for iRadar Analysis and calculation of reported security incidents.

Question 23

Regarding the use of MAC authentication to access the network in the WLAN networking environment, which of the following statements is wrong en.

Options:

A.

MAC authentication does not require users to install any client software.

B.

The user name format used by MAC authentication is only one of MAC address user name format.

C.

MAC authentication actually uses 802 1X authentication method.

D.

MAC bypass authentication solves the situation of both 802.1x client authentication and MAC authentication in the same network environment.

Question 24

In the Agile Controller-Campus admission control technology framework, regarding the description of RADIUS, which of the following options is correct?

Options:

A.

PADIUS Used on the client and 802.1X Information such as user names and passwords are passed between switches.

B.

PADIUS Used in 802.1X Switch and AAA Information such as user name and password are passed between servers.

C.

PADIUS Used for Portal Server pushes to users Web page.

D.

PADIUS Used for server to SACG Security policy issued by the device

Question 25

Which of the following cybersecurity threats exist only in WLAN In the network?

Options:

A.

Brute force

B.

Crowd attack

C.

DoS Denial of service attack

D.

Weak IV attack

Question 26

When using the misuse of inspection technology, normal user behavior and invasion characteristics knowledge base match successfully will be false positives.

Options:

A.

TRUE

B.

FALSE

Question 27

Regarding the way SACG devices connect to the network, which of the following descriptions are correct? (multiple choice)

Options:

A.

SACG The equipment requires Layer 3 intercommunication with the terminal.

B.

SACG It is usually connected to the core switch equipment and uses policy routing to divert traffic.

C.

SACG Support hanging on non-Huawei devices.

D.

SACG Equipment requirements and Agile Controller-Campus Interoperability on the second floor.

Question 28

Regarding the policy for checking account security, which of the following descriptions are correct? (Multiple choice)

Options:

A.

You can check whether there is a weak password.

B.

You can check whether the account has joined a specific group.

C.

It cannot be repaired automatically._

D.

It is not possible to check whether the password length meets the requirements.

Question 29

Install Agile Controller-Campus Which of the following steps do not need to be completed before?

Options:

A.

Install the operating system

B.

Install the database

C.

Install antivirus software

D.

Import License

Question 30

Mobile smartphone, tablet PC users through Any Office Client and AE Establish IPSec Encrypted tunnel, After passing the certification and compliance check, visit the enterprise business.

Options:

A.

right

B.

wrong

Page: 1 / 8
Total 201 questions