H12-723_V3.0 HCIP-Security-CTSS V3.0 Questions and Answers

The useraccesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

According to different reliability requirements, centralized networking can providedifferent reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Which of the following options is right PKI The sequence description of the work process is correct?

1. PKI Entity direction CA ask CA Certificate. .

2. PKI Entity received CA After the certificate, install CA Certificate.

3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.

4. PKI Entity direction CA Send a certificate registration request message.

5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.

6. PKI Entity received CA The certificate information sent.

7. PKI After the entity installs the localcertificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.

8. CA receive PKI The entity's certificate registration request message.

802.1X During the authentication, if the authentication point is at the aggregation switch, in addition to RADIUS,AAA,802.1X In addition to theconventional configuration, what special configuration is needed?

Security authentication is mainly achieved through security policies. The terminal host support management for the security checkof monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

An enterprise adopts hardware SACG access method for admission control. The configuration commands are as follows, among which Key; Admin@123

[USG] right-manager server-group

[USG-rightm] localip 10.1.10.2

[USG-rightm]serverip 10. 1.31.78 shared-key AdnIn@123

[USG2100-rightm] right-manager server-group enable.

Assuming that the other configurations are correct, based on the above configuration only, which of the following options is correct?

On WIDS functional WLAN Regarding the judgment of illegal devices in the network, which of the following statements are correct? (Multiple choice)

When managing guest accounts, you need to create a guest account policy and set the account creation method. For the account creation method, which of the following descriptions is wrong?

Visitor management can authorize visitors based on their account number,time, location, terminal type, access method, etc., and can also push personalized pages to visitors based on time, location, and terminal type.

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Regarding the identity authentication method and authenticationtype, which of the following descriptions is correct?

Use hardware SACG Access control,,In hardware SACG View the results of the conversation table on the deduction.

Which of the following statements are correct? (Multiple choice)

The following configuration is in A with B The authentication commands are configured on the two admission control devices. For the analysis of the following configuration commands, which ones are correct? (Multiple choice)

Identity authentication determines whether to allow access by identifying the identity of the access device or user.

Which of the following equipment is suitable for use MAC Authentication access network?

After an enterprise deployed antivirus software, it was discovered that virus infections stilloccurred on a large scale. In addition to the limitations of the product's own technology, the reason for the problem is weak personal terminal security protection, which is also an important factor.

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct? (multiple choice)

Regarding the description of the ACL used in the linkage between SACG equipment and the TSM system, which of the following statements is correct!?

In the Agile Controller-Campus solution, which device is usually used as the hardwareSACG?