New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

H12-723_V3.0 HCIP-Security-CTSS V3.0 Questions and Answers

Questions 4

The useraccesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

Options:

A.

Configure RADIUS authentication and accountingon the RADIUS server.

B.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

C.

Configure RADIUS authentication and accounting on the device side. W"

D.

ConfigureRADIUS authentication and authorization on the Agile Controller-Campus.

Buy Now
Questions 5

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

Options:

A.

172.18.11.221 It is the server of the isolation domain.

B.

The escape route wasopened.

C.

172.18.11.223 It is a post-domain server.

D.

The terminal host stream is the default ACL Blocked.

Buy Now
Questions 6

According to different reliability requirements, centralized networking can providedifferent reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Options:

A.

Basic networking includes deploying one SM Server, one SC Server, one DB and a AE server.

B.

AE In addition to thedeployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SC server.

C.

SC In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SM server.

D.

DB In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup DB..

Buy Now
Questions 7

Which of the following options is right PKI The sequence description of the work process is correct?

1. PKI Entity direction CA ask CA Certificate. .

2. PKI Entity received CA After the certificate, install CA Certificate.

3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.

4. PKI Entity direction CA Send a certificate registration request message.

5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.

6. PKI Entity received CA The certificate information sent.

7. PKI After the entity installs the localcertificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.

8. CA receive PKI The entity's certificate registration request message.

Options:

A.

1-3-5-4-2-6-7-8

B.

1-3-5-6-7-4-8-2

C.

1-3-2-7-6-4-5-8

D.

1-3-2-4-8-6-5-7

Buy Now
Questions 8

802.1X During the authentication, if the authentication point is at the aggregation switch, in addition to RADIUS,AAA,802.1X In addition to theconventional configuration, what special configuration is needed?

Options:

A.

Both the aggregation layer and the access layer switches need to be turned on 802.1X Function.

B.

Access layer switch needs to be configured 802. 1X Transparent transmission of messages.

C.

The aggregation switch needs to be configured 802 1X Transparent transmission of messages.

D.

No special configuration required

Buy Now
Questions 9

Security authentication is mainly achieved through security policies. The terminal host support management for the security checkof monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

Options:

A.

True

B.

False

Buy Now
Questions 10

An enterprise adopts hardware SACG access method for admission control. The configuration commands are as follows, among which Key; Admin@123

[USG] right-manager server-group

[USG-rightm] localip 10.1.10.2

[USG-rightm]serverip 10. 1.31.78 shared-key AdnIn@123

[USG2100-rightm] right-manager server-group enable.

Assuming that the other configurations are correct, based on the above configuration only, which of the following options is correct?

Options:

A.

After completing the configuration, SACG can successfully link with the Agile Controller-Campus.

B.

After completing the configuration, SACG cannot successfully link with Agile Contrlle-Campus. P

C.

Can issue pre-authentication domain ACL.

D.

The linkage cannot be successful but the terminal can access the pre-authentication domain server.

Buy Now
Questions 11

On WIDS functional WLAN Regarding the judgment of illegal devices in the network, which of the following statements are correct? (Multiple choice)

Options:

A.

all Ad-hoc The device will be directly judged as an illegal device

B.

Not this AC Access AP Is illegal AP

C.

Not this AC Access STA Is illegal STA

D.

Not this AC Access STA,Also need to check access AP Does it contain law

Buy Now
Questions 12

When managing guest accounts, you need to create a guest account policy and set the account creation method. For the account creation method, which of the following descriptions is wrong?

Options:

A.

When adding accounts individually, you can choose to create them individually.

B.

If there are a lot of users, you can choose to create in batches.

C.

If there are many users, you can choose database synchronization

D.

In order to facilitate management andimprove user experience, self-registration can be used.

Buy Now
Questions 13

Visitor management can authorize visitors based on their account number,time, location, terminal type, access method, etc., and can also push personalized pages to visitors based on time, location, and terminal type.

Options:

A.

True

B.

False

Buy Now
Questions 14

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Options:

A.

As Agile Controller-Campus The management center is responsible for formulating the overallstrategy.

B.

As Agile Controller-Campus The management interface is used to configure and monitor the system.

C.

Integrated with standards RADIUS server,Porta Server, etc., responsible for linking with network access equipment to realize user-based networkaccess control Strategy.

D.

As Agile Controller-Campus ’S security assistance server, responsible for iRadar Analysis and calculation of reported security incidents.

Buy Now
Questions 15

Regarding the identity authentication method and authenticationtype, which of the following descriptions is correct?

Options:

A.

User passed web The method can support two authentication types: local authentication and digital certificate authentication.

B.

User passed web Agent The method can support two authentication types:digital certificate authentication and system authentication.

C.

User passed Agent The method can support three authentication types: local authentication, digital certificate authentication and system authentication.

D.

User passed web Agent The method can support two authentication types: digital certificate authentication and local authentication.

Buy Now
Questions 16

Use hardware SACG Access control,,In hardware SACG View the results of the conversation table on the deduction.

Which of the following statements are correct? (Multiple choice)

Options:

A.

192.168.1.0 definitely is Agile Controller-Campus Manager IP address

B.

if 192.126.200.11 Is the server of the post-authentication domain, then IP Address is 192.18.0.1 If your terminal has not passed the authentication, it is possible to access the server.

C.

192.168.100.1 definitely is Agile Controller-Campus Controller IP address.

D.

Ifin 6 Within minutes of the conversation 192.168.0.19 154->/192.162.0.11: 15080 Not refreshed,IP Address is 192.168.0.119 If the device wants to IP Address is 192.168.200.11 For device communication, the session must be re-established.

Buy Now
Questions 17

The following configuration is in A with B The authentication commands are configured on the two admission control devices. For the analysis of the following configuration commands, which ones are correct? (Multiple choice)

Options:

A.

A What is configured on the device is MAC Bypass authentication

B.

B What is configured on the device is MAC Bypass authentication o

C.

A On the device 2GE1/01 Can access PC Can also access dumb terminal equipment

D.

B On the device GE1/0/1 Can access PC It can also access dumb terminal equipment. Upper

Buy Now
Questions 18

Identity authentication determines whether to allow access by identifying the identity of the access device or user.

Options:

A.

True

B.

False

Buy Now
Questions 19

Which of the following equipment is suitable for use MAC Authentication access network?

Options:

A.

Office Windows Systemhost

B.

For testing Linux System host

C.

Mobile client, such as smart phone, etc

D.

Network printer 232335

Buy Now
Questions 20

After an enterprise deployed antivirus software, it was discovered that virus infections stilloccurred on a large scale. In addition to the limitations of the product's own technology, the reason for the problem is weak personal terminal security protection, which is also an important factor.

Options:

A.

True

B.

False

Buy Now
Questions 21

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

Options:

A.

True

B.

False

Buy Now
Questions 22

When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Options:

A.

Create new account

B.

Use existing socialmedia accounts

C.

No authentication, no account required

D.

Scan public QR code

Buy Now
Questions 23

Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct? (multiple choice)

Options:

A.

802.1X Authentication can only be initiated by the client.

B.

802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate

C.

8021X The client can trigger authentication through multicast or broadcast.

D.

The authentication equipment department triggers authentication through multicast orunicast.

Buy Now
Questions 24

Regarding the description of the ACL used in the linkage between SACG equipment and the TSM system, which of the following statements is correct!?

Options:

A.

default ACL The rule group number can be arbitrarily specified.

B.

default ACL The rule group number can only be 3999.

C.

due to SACG Need to use ACL3099-3999 To pick TSM The rules issued by the system, so in the configuration TSM Before linkage, you needto ensure these ACL Not referenced by other functions.

D.

The original group number is 3099-3999 of ACL Even if it is occupied, it can be successfully activated TSM Linkage.

Buy Now
Questions 25

In the Agile Controller-Campus solution, which device is usually used as the hardwareSACG?

Options:

A.

router

B.

switch

C.

Firewall

D.

IPS

Buy Now
Exam Code: H12-723_V3.0
Exam Name: HCIP-Security-CTSS V3.0
Last Update: Dec 27, 2024
Questions: 169
H12-723_V3.0 pdf

H12-723_V3.0 PDF

$25.5  $84.99
H12-723_V3.0 Engine

H12-723_V3.0 Testing Engine

$30  $99.99
H12-723_V3.0 PDF + Engine

H12-723_V3.0 PDF + Testing Engine

$40.5  $134.99