New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

H12-724 HCIP-Security (Fast track) V1.0 Questions and Answers

Questions 4

Which of the following options is not a challenge brought by mobile office?

Options:

A.

The mobile office platform is safe and reliable and goes online quickly.

B.

Users can access the network safely and quickly.

C.

Unified terminal management and fine control.

D.

Network gateway deployment

Buy Now
Questions 5

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:

A.

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.

DF bit is 0, and Fragment Offset + Length> 65535.

D.

The DF bit is 1, and Fragment Ofset + Length <65535.

Buy Now
Questions 6

Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Options:

A.

Different places can have different security policies.

B.

The location has nothing to do with safety.

C.

There can only be one place in the company.

D.

Place and location have nothing to do.

Buy Now
Questions 7

Regarding intrusion detection I defense equipment, which of the following statements are correct? (multiple choice)

Options:

A.

It cannot effectively prevent the virus from spreading from the Internet to the intranet.

B.

The number of applications that NIP6000 can recognize reaches 6000+, which realizes refined application protection, saves export bandwidth, and guarantees key business services

Experience.

C.

Protect the intranet from external attacks, and inhibit malicious flows, such as spyware, worms, etc. from flooding and spreading to the intranet.

D.

Ability to quickly adapt to threat changes

Buy Now
Questions 8

The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

Options:

A.

True

B.

False

Buy Now
Questions 9

Visitors refer to users who need temporary access to the network at a specific location.

Options:

A.

True

B.

False

Buy Now
Questions 10

Regarding the basic principles of user access security, it is wrong not to list any description?

Options:

A.

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates with the authentication server to complete the user Authentication.

B.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, and terminal Information such as the patch version installed on the device.

C.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

D.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Buy Now
Questions 11

Regarding the description of the logic architecture of the business accompanying, which of the following options is correct?

Options:

A.

The business management plane focuses on administrators, authentication servers, and policy servers.

B.

The network equipment plane focuses on user terminals and static resources.

C.

The user plane focuses on authentication points and policy enforcement points.

D.

The business free mobility logic architecture includes a management subsystem, an authentication and authorization subsystem, and a business strategy subsystem.

Buy Now
Questions 12

Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

Options:

A.

True

B.

False

Buy Now
Questions 13

Security authentication is mainly achieved through security policies. The terminal host support management for the security check of monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

Options:

A.

True

B.

False

Buy Now
Questions 14

Use the command on the switch to view the status of free mobility deployment, the command is as follows:

For the above command, which of the following descriptions is correct?

Options:

A.

The control server address is 10.1.10.34

B.

The authentication device address is 10.1.31.78

C.

Status is"Working"Indicates that the switch and Controller Linkage is successful

D.

current Controller The server is backup n

Buy Now
Questions 15

The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined

The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons

some?

Options:

A.

The administrator has not set the time to vote every day from 9:00 to 18:00

B.

The shopping website does not belong to the predefined shopping website category

C.

The administrator did not submit the configuration after completing the configuration.

D.

The administrator has not applied the URL pass-through configuration file to the security policy.

Buy Now
Questions 16

There is a three-layer forwarding device between the authentication client and the admission control device:If at this time Portal The certified three-layer authentication device can also obtain the authentication client's MAC address,So you can use IP Address and MC The address serves as the information to identify the user.

Options:

A.

True

B.

False

Buy Now
Questions 17

Regarding firewall and IDS, which of the following statements is correct?

Options:

A.

The firewall is a bypass device, used for fine-grained detection

B.

IDS is a straight line equipment and cannot be used for in-depth inspection

C.

The firewall cannot detect malicious operations or misoperations by insiders

D.

IDS cannot be linked with firewall

Buy Now
Questions 18

An enterprise has a large number of mobile office employees, and a mobile office system needs to be deployed to manage the employees. The number of employees in this enterprise exceeds 2000 People, and the employees’ working areas are distributed all over the country. In order to facilitate management, which deployment method is adopted?

Options:

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Both centralized deployment and distributed deployment are possible

Buy Now
Questions 19

Which of the following options is right PKI The sequence description of the work process is correct?

1. PKI Entity direction CA ask CA Certificate. .

2. PKI Entity received CA After the certificate, install CA Certificate.

3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.

4. PKI Entity direction CA Send a certificate registration request message.

5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.

6. PKI Entity received CA The certificate information sent.

7. PKI After the entity installs the local certificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.

8. CA receive PKI The entity's certificate registration request message.

Options:

A.

1-3-5-4-2-6-7-8

B.

1-3-5-6-7-4-8-2

C.

1-3-2-7-6-4-5-8

D.

1-3-2-4-8-6-5-7

Buy Now
Questions 20

Terminal security access technology does not include which of the following options?

Options:

A.

Access control

B.

safety certificate

C.

Authentication

D.

System Management

Buy Now
Questions 21

Free mobility is a special access control method, according to the user’s access location, access time, access method and terminal authorization instructions. Set permissions, as long as the user’s access conditions remain unchanged, the permissions and network experience after accessing the network--To q

Options:

A.

True

B.

False

Buy Now
Questions 22

Which patches does Policy Center support to management?(Choose 3 answers)

Options:

A.

Microsoft Windows operating system patches

B.

Microsoft SQL Windows database patch

C.

Microsoft Internet Explorer patches

D.

android system patches

Buy Now
Questions 23

Web Standards that come with the client and operating system 8021 The instrument client only has the function of identity authentication: It does not support the execution of inspection strategies and monitoring strategies. Any Office The client supports all inspection strategies and monitoring strategies.

Options:

A.

True

B.

False

Buy Now
Questions 24

Which of the following attacks are attacks against web servers? (multiple choices)

Options:

A.

Website phishing deception

B.

Website Trojan

C.

SQL injection

D.

Cross-site scripting attacks 2335

Buy Now
Questions 25

Which of the following threats cannot be detected by IPS?

Options:

A.

Virus

B.

Worms

C.

Spam

D.

DoS

Buy Now
Questions 26

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

Options:

A.

SACG and IP address 2.1.1.1 server linkage is not successful

B.

SACG linkage success with controller.

C.

master controller IP address is 1.1.1.2.

D.

master controller IP address is 2.1.1.1.

Buy Now
Questions 27

If you deploy Free Mobility, in the logic architecture of Free Mobility, which of the following options should be concerned by the administrator?

Options:

A.

Is the strategy automatically deployed?

B.

Choose the appropriate policy control point and user authentication point

C.

Does the strategy deployment target a single user?

D.

Does the strategy deployment target a single department?

Buy Now
Questions 28

Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

Options:

A.

True

B.

False

Buy Now
Questions 29

Which of the following is not an abnormal situation of the file type recognition result?

Options:

A.

The file extension does not match.

B.

Unrecognized file type

C.

File corruption

D.

The file is compressed

Buy Now
Questions 30

Which of the following options is not a scenario supported by Free Mobility?

Options:

A.

Intranet users access the data center/Internet.

B.

When traveling users access intranet resources, traveling users pass VPN Access to the intranet.

C.

Work as a team.

D.

Realize mutual communication between devices.

Buy Now
Questions 31

In the campus network, employees can use 802.1X, Portal,MAC Address or SACG Way to access. Use different access methods according to different needs to achieve the purpose of user access control.

Options:

A.

True

B.

False

Buy Now
Questions 32

Regarding worms and viruses, which of the following statements is correct?

Options:

A.

Worms exist in a parasitic way

155955cc-666171a2-20fac832-0c042c0413

B.

Viruses mainly rely on system vulnerabilities to spread

C.

The target of the worm infection is other computer systems on the network.

D.

The virus exists independently in the computer system.

Buy Now
Questions 33

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Options:

A.

As Agile Controller-Campus The management center is responsible for formulating the overall strategy.

B.

As Agile Controller-Campus The management interface is used to configure and monitor the system.

C.

Integrated with standards RADIUS server,Porta Server, etc., responsible for linking with network access equipment to realize user-based network access control Strategy.

D.

As Agile Controller-Campus ’S security assistance server, responsible for iRadar Analysis and calculation of reported security incidents.

Buy Now
Questions 34

In a centralized networking, the database, SM server, SC server, and AE server are all centrally installed in the corporate headquarters. This networking method is suitable. It is used for enterprises with a wide geographical distribution of users and a large number of users.

Options:

A.

True

B.

False

Buy Now
Questions 35

In enterprises where terminal host access control management is relatively strict, administrators hope to bind terminal hosts and accounts to prevent terminal users from accessing the controlled network from unauthorized terminal hosts at will. Regarding the description of binding the terminal host and account, which of the following is correct?

Options:

A.

exist Any Office When logging in with an account for the first time, the terminal host is automatically bound to the current account, but the automatic binding process requires administrator approval

B.

When other accounts need to be authenticated on the bound terminal host, there is no need to find the asset owner who is bound for the first time to authorize themselves.

C.

Binding terminal hosts and accounts is only applicable to terminal users through Any Office Scenarios for authentication, Not applicable Web Agent Plugins and Web The scenario where the client authenticates.

D.

There are only consoles in the account binding terminal host, which cannot be configured by the administrator.

Buy Now
Questions 36

Which of the following options does not belong to the basic DDoS attack prevention configuration process?

Options:

A.

The system starts traffic statistics.

B.

System related configuration application, fingerprint learning.

C.

The system starts attack prevention.

D.

The system performs preventive actions.

Buy Now
Questions 37

Which of the following options is not a special message attack?

Options:

A.

ICMP redirect message attack) 0l

B.

Oversized ICMP packet attack

C.

Tracert packet attack

D.

IP fragment message item

Buy Now
Questions 38

Use on access control equipment test-aaa Command test and Radius When the server is connected, the running result shows a timeout, which may be caused by incorrect account or password configuration.

Options:

A.

True

B.

False

Buy Now
Questions 39

The anti-tampering technology of Huawei WAF products is based on the cache module. Suppose that when user A visits website B, website B has page tampering.

Signs: The workflow for the WAF tamper-proof module has the following steps:.

① WAF uses the pages in the cache to return to the client;

②WAF compares the watermark of the server page content with the page content in the cache

③Store the content of the page in the cache after learning

④ When the user accesses the Web page, the WAF obtains the page content of the server

⑤WAF starts the learning mode to learn the page content of the user's visit to the website;

For the ordering of these steps, which of the following options is correct?

Options:

A.

③④②⑤①

B.

⑤①②④③

C.

②④①⑤③

D.

⑤③④②①

Buy Now
Questions 40

How to check whether the MC service has started 20?

Options:

A.

View in task manager TMCSever Whether the service is started.

B.

View in task manager TMCServerDaemon Whether the service is started.

C.

View in task manager TMCServer with TMCSeverDaemon Whether the service is started.

D.

Select on the server"Start>all programs> Huawei> Agile Cortroler> Sever rtrller",an examination MC Whether the status is"run".

Buy Now
Questions 41

The traditional campus network is based on IP As the core network, if there are mobile office users, which of the following options is not the problem that mobile office users face when deploying access authentication?

Options:

A.

The user distribution range is large, and the access control requirements are high.

B.

The deployment of the access control strategy is significant.

C.

Access rights are difficult to control.

D.

User experience technology

Buy Now
Questions 42

Guest management is Agile Controller-Campus Important function of, regarding visitor management, which of the following statements are correct? (Multiple choice)

Options:

A.

Visitors can use their mobile phone number to quickly register an account

B.

The administrator can assign different permissions to each visitor

C.

Reception staff cannot create guest accounts

D.

There is a violation of the guest account, and the administrator cannot retrospectively

Buy Now
Questions 43

The relationship between user groups and accounts in user management is stored in a tree on the Agile Controller-Campus. An account belongs to only one user group.

Consistent with the corporate organizational structure: If the OU (OnizbonUnit) structure stored in the AD/LDAP server is consistent with the corporate organizational structure, users are stored Under 0OU, when the Agile Controller-Campus synchronizes AD/LDAP server accounts, which synchronization method can be used?

Options:

A.

Press "0U" to synchronize

B.

AO Synchronize by "group", "0U describes the organizational structure

C.

AO Press "Group" "Synchronize," "Group" Jida organization structure

D.

LDAP synchronization by "group"

Buy Now
Questions 44

The following figure shows the configuration of the URL filtering configuration file. Regarding the configuration, which of the following statements is correct?

Options:

A.

The firewall will first check the blacklist entries and then the whitelist entries.

B.

Assuming that the user visits the www.exzample.com website, which belongs to the categories of humanities and social networks at the same time, the user cannot access the

website.

C.

The user visits the website www.exzample.com, and when the black and white list is not hit, the next step is to query the predefined URL category entry.

D.

The default action means that all websites are allowed to visit. So the configuration is wrong here.

Buy Now
Questions 45

The user accesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

Options:

A.

Configure RADIUS authentication and accounting on the RADIUS server.

B.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

C.

Configure RADIUS authentication and accounting on the device side. W"

D.

Configure RADIUS authentication and authorization on the Agile Controller-Campus.

Buy Now
Questions 46

Which of the following options is for Portal The statement of the gateway access process is correct?

Options:

A.

Portal gateway initiates Radius Challenge request message, including user name and password information

B.

The ACL issued by the server to the access gateway is carried in the Portal protocol message

C.

Issue policies while performing identity authentication

D.

The Portal server needs to pass the security check result to the access gateway device

Buy Now
Questions 47

Use on the terminal Portal The authentication is connected to the network, but you cannot jump to the authentication page. The possible reason does not include which of the following options?

Options:

A.

Agile Controller-Campus Configured on Portal The authentication parameters are inconsistent with the access control device.

B.

Access device Portal The authentication port number of the template configuration is 50100 ,Agile Controlle-Campus The above is the default.

C.

CS Did not start

D.

When the page is customized, the preset template is used.

Buy Now
Questions 48

Mobile smartphone, tablet PC users through Any Office Client and AE Establish IPSec Encrypted tunnel, After passing the certification and compliance check, visit the enterprise business.

Options:

A.

True

B.

False

Buy Now
Questions 49

Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

Options:

A.

Short message

B.

E-mail

C.

Web Print

D.

Voicemail

Buy Now
Questions 50

In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.

do. Which of the following options does not belong to the action that needs to be completed in the data processing part?

155955cc-666171a2-20fac832-0c042c0422

Options:

A.

Data preprocessing

B.

Threat determination

C.

Distributed storage

D.

Distributed index

Buy Now
Questions 51

Regarding the processing flow of file filtering, which of the following statements is wrong?

Options:

A.

After the file decompression fails, the file will still be filtered. .

B.

The application identification module can identify the type of application that carries the file.

C.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

D.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

Buy Now
Questions 52

The administrator has configured file filtering to prohibit internal employees from uploading development files, but internal employees can still upload development files. Which of the following is not allowed Can the reason?

Options:

A.

The file filtering configuration file is not referenced in the security policy

B.

File filtering configuration file is incorrect

C.

License is not activated.

D.

The action configuration of the file extension does not match is incorrect

Buy Now
Questions 53

Which of the following options is not a feature of big data technology?

Options:

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Buy Now
Questions 54

When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Options:

A.

Create new account

B.

Use existing social media accounts

C.

No authentication, no account required

D.

Scan public QR code

Buy Now
Questions 55

Regarding the strategy for checking the screensaver settings, which of the following descriptions are correct? (Multiple choice)

Options:

A.

You can check whether the screen saver is enabled on the terminal

B.

You can check whether the screen saver password is enabled

C.

Only supports Windows operating system

D.

Screen saver settings cannot be automatically repaired

Buy Now
Exam Code: H12-724
Exam Name: HCIP-Security (Fast track) V1.0
Last Update: Dec 27, 2024
Questions: 367
H12-724 pdf

H12-724 PDF

$25.5  $84.99
H12-724 Engine

H12-724 Testing Engine

$30  $99.99
H12-724 PDF + Engine

H12-724 PDF + Testing Engine

$40.5  $134.99