New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

H12-723 Huawei Certified ICT Professional - Constructing Terminal Security System Questions and Answers

Questions 4

In a WLAN network, when the AP is in monitoring mode, what kind of packets does the AP use to determine the device type?

Options:

A.

DHCP

B.

ARP

C.

CAPWAP

D.

802.11MAC

Buy Now
Questions 5

Regarding the description of the logic architecture of the business accompanying, which of the following options is correct?

Options:

A.

The business management plane focuses on administrators, authentication servers, and policy servers.

B.

The network equipment plane focuses on user terminals and static resources.

C.

The user plane focuses on authentication points and policy enforcement points.

D.

The business free mobility logic architecture includes a management subsystem, an authentication and authorization subsystem, and a business strategy subsystem.

Buy Now
Questions 6

In order to increase AP The security can be AC Going online AP Perform authentication. Currently Huawei AC What are the supported authentication methods? (Multiple choice)

Options:

A.

MAC Certification

B.

Password authentication

C.

Not certified:

D.

SN Certification

Buy Now
Questions 7

Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Options:

A.

right

B.

wrong

Buy Now
Questions 8

Use hardware SACG Access control,,In hardware SACG View the results of the conversation table on the deduction.

Which of the following statements are correct? (Multiple choice)

Options:

A.

192.168.1.0 definitely is Agile Controller-Campus Manager IP address

B.

if 192.126.200.11 Is the server of the post-authentication domain, then IP Address is 192.18.0.1 If your terminal has not passed the authentication, it is possible to access the server.

C.

192.168.100.1 definitely is Agile Controller-Campus Controller IP address.

D.

If in 6 Within minutes of the conversation 192.168.0.19 154->/192.162.0.11: 15080 Not refreshed,IP Address is 192.168.0.119 If the device wants to IP Address is 192.168.200.11 For device communication, the session must be re-established.

Buy Now
Questions 9

In the Agile Controller-Campus admission control technology framework, regarding the description of RADIUS, which of the following options is correct?

Options:

A.

PADIUS Used on the client and 802.1X Information such as user names and passwords are passed between switches.

B.

PADIUS Used in 802.1X Switch and AAA Information such as user name and password are passed between servers.

C.

PADIUS Used for Portal Server pushes to users Web page.

D.

PADIUS Used for server to SACG Security policy issued by the device

Buy Now
Questions 10

There is a three-layer forwarding device between the authentication client and the admission control device:If at this time Portal The certified three-layer authentication device can also obtain the authentication client's MAC address,So you can use IP Address and MC The address serves as the information to identify the user.

Options:

A.

right

B.

wrong

Buy Now
Questions 11

Guest management is Agile Controller-Campus Important function of, regarding visitor management, which of the following statements are correct? (Multiple choice)

Options:

A.

Visitors can use their mobile phone number to quickly register an account

B.

The administrator can assign different permissions to each visitor

C.

Reception staff cannot create guest accounts

D.

There is a violation of the guest account, and the administrator cannot retrospectively

Buy Now
Questions 12

In the terminal security management, the black and white list mode is used to check the terminal host software installation status. Which of the following situations is a compliant behavior?

Options:

A.

The terminal host does not install the software in the whitelist, nor the software in the blacklist.

B.

The terminal host installs all the software in the whitelist, but does not install the software in the blacklist.

C.

The terminal host installs part of the software in the whitelist, but does not install the software in the blacklist.

D.

The terminal host installs all the software in the whitelist, and also installs some of the software in the blacklist.

Buy Now
Questions 13

According to the user’s access5W1H Conditions determine access rights andQoS Strategy for5W1Ho[Which of the following descriptions are correct? (Multiple choice)

Options:

A.

WhoTo determine the ownership of the access device(Company standard,BYOD Wait)

B.

WhoseTo determine the identity of the access person(member I, Visitors, etc.)

C.

How Determine the access method(Wired, wireless, etc.)

D.

WhatTo determine the access device(PC,iOS Wait)

Buy Now
Questions 14

The user accesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

Options:

A.

Configure RADIUS authentication and accounting on the RADIUS server.

B.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

C.

Configure RADIUS authentication and accounting on the device side. W"

D.

Configure RADIUS authentication and authorization on the Agile Controller-Campus.

Buy Now
Questions 15

When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

Options:

A.

Discard message

B.

URL Address redirected to Portal Authentication page

C.

Direct travel

D.

Send authentication information to authentication server

Buy Now
Questions 16

If the self-determined meter function is enabled on the Agile Controller-Campus and the account PMAC address is bound, Within a period of time, the number of incorrect cipher input by the end user during authentication exceeds the limit. Which of the following descriptions is correct? (multiple choice)

Options:

A.

When the account number is reserved, only the sword type number cannot be authenticated on the bound terminal device, and it can be authenticated normally on other terminal devices.

B.

The account is locked on all terminal devices and cannot be recognized.

C.

If you want to lock out the account, the administrator can only delete the account from the list.

D.

After the lock time, the account will be automatically unlocked

Buy Now
Questions 17

By default, the device file, there is a knowledge base file in device, during the upgrade, the device will automatically update the knowledge base files and backups.

Options:

A.

TRUE

B.

FALSE

Buy Now
Questions 18

The use of the 802.1X authentication scheme generally requires the terminal to install specific client software. For large-scale deployment of client software, the methods that can be taken. What are the cases? (multiple choices)

Options:

A.

Enable Guest VLAN so that users can obtain the installation package in Guest VLAN

B.

Configure Free-rule and web push functions on the switch to push the installation package to users.

C.

Copy the installation packages to each other via U disk.

D.

Installed by the administrator for each user.

Buy Now
Questions 19

Which of the following options are right 802. 1X The description of the access process is correct? (Multiple choice).

Options:

A.

Through the entire authentication process, the terminal passes EAP The message exchanges information with the server.

B.

Terminal and 802.1X Switch EAP Message interaction,802.1X Switch and server use Radius Message exchange information

C.

802.1X Authentication does not require security policy checks.

D.

use MD5 The algorithm checks the information.

Buy Now
Questions 20

Which of the following series of devices does not support the function of accompanying business?

Options:

A.

S5720HI Series Switch:

B.

AR Series router

C.

USG6000 Series firewall

D.

SVN5600 series

Buy Now
Questions 21

A university user requirements are as follows:

1. The environmental flow is larger, two-way add up to OOOM, UTM deployed in its network node.

2. The intranet is divided into students zones, server zones, etc., users are most concerned about the security of the server area, to avoid all kinds of the threat of attack.

3. At the same time to ban students area some pornographic websites.

In UTM configured Extranet for untrust domain, Intranet for trust domain, how to deploy the UTM strategy? (Select 2 answers)

Options:

A.

can be directly under the global open AV, PS protective function, URL filtering function, then it can be realized

B.

Outbound direction only open AV, IPS protective function for server areas, protected server

C.

inboud direction only open AV, IPS protective function for server areas, protected server

D.

Outbound direction open URL filtering function for the entire campus network, and filtering of part classification website

Buy Now
Questions 22

About WEB URL filtering technology audit function, which of the following description is correct? (Choose 3 answers)

Options:

A.

URL audit function is used to record the user's HTTP Internet behavior as the basis for the audit.

B.

The user can configure the web type to be audited, WEB types to distinguish with file extensions, including html, jsp, aspx, etc.

C.

can audit user HTTP access in the specific content of the Post, as a user Internet censorship

D.

internal users access to the specified type of WEB resource, the firewall will be logged and sent to log server.

Buy Now
Questions 23

Which of the following options cannot be triggered MAC Certification?

Options:

A.

ARP Message

B.

DHCP Message P

C.

DHCPv6 Message

D.

ICMP Message

Buy Now
Questions 24

Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

Options:

A.

right

B.

wrong

Buy Now
Questions 25

Which of the following options are correct for the description of visitor management? (Multiple choice)

Options:

A.

Visitor registration account can be configured to be exempt from approval

B.

Guest login can only be configured as Web Way of webpage

C.

Anonymous account authentication cannot be performed on the guest authentication page

D.

Visitor account approval information can be notified to visitors via SMS

Buy Now
Questions 26

Agile Controller-Campus Which deployment mode is not supported?

Options:

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Two-machine deployment

Buy Now
Questions 27

In the WLAN wireless access scenario, which of the following network security technologies belong to user access security? (Multiple choice)

Options:

A.

AP Certification

B.

Link authentication

C.

User access authentication

D.

data encryption

Buy Now
Questions 28

IPS custom signature in UTM supports you to set direction and protocol type.

Options:

A.

TRUE

B.

FALSE

Buy Now
Questions 29

Perform the UTM upgrade in the process of operation, appeared the following information:

Error: Executing the update, please wait.

USG may be executed (choose 3 answers)

Options:

A.

online upgrade

B.

there are business flow being processed

C.

local upgrade

D.

install the factory default version

Buy Now
Questions 30

Regarding the description of the account blacklist, which of the following options is wrong?

Options:

A.

The automatic account lock and manual account lock functions cannot be activated at the same time.

B.

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

C.

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

D.

Manually lock the account and delete it from the list, the lock of the account will be released.

Buy Now
Exam Code: H12-723
Exam Name: Huawei Certified ICT Professional - Constructing Terminal Security System
Last Update: Dec 27, 2024
Questions: 201
H12-723 pdf

H12-723 PDF

$25.5  $84.99
H12-723 Engine

H12-723 Testing Engine

$30  $99.99
H12-723 PDF + Engine

H12-723 PDF + Testing Engine

$40.5  $134.99