New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Huawei H12-723 Huawei Certified ICT Professional - Constructing Terminal Security System Exam Practice Test

Demo: 30 questions
Total 201 questions

Huawei Certified ICT Professional - Constructing Terminal Security System Questions and Answers

Question 1

Free mobility is a special access control method, according to the user’s access location, access time, access method and terminal authorization instructions. Set permissions, as long as the user’s access conditions remain unchanged, the permissions and network experience after accessing the network--To q

Options:

A.

right

B.

wrong

Question 2

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Options:

A.

WIDS Is a wireless intrusion prevention system

B.

WIPS Wireless intrusion detection system

C.

WIDS Is a wireless intrusion countermeasure system

D.

WIPS Is a wireless intrusion prevention system

Question 3

SACG Inquire right-manager The information is as follows, which options are correct? (Multiple choice)

Options:

A.

SACG and IP Address is 2.1.1.1 The server linkage is unsuccessful.

B.

SACG The linkage with the controller is successful.

C.

main controller IP address is 1.1.1.2.

D.

main controller IP address is 2.1.1.1.

Question 4

Which of the following law items is the most blessed for safety? This should be true?

Options:

A.

Checking strategies are mainly used to check some static settings of the terminal, such as whether the screen saver is set, whether the antivirus software is installed; whether there is illegal Outreach etc. z00

B.

Monitoring strategies are mainly used for real-time monitoring of events that occur in the system, such as whether anti-virus software is installed and whether PPPOE dial-up access is used Network, etc.-Once an incident is detected, some control can be taken.

C.

The security check strategy only includes two types of end-host check-type strategies and end-user behavior check-type strategies.

D.

Terminal host security management is mainly implemented by inspection strategies, and end user behavior management is mainly implemented by monitoring strategies.

Question 5

After an enterprise deployed antivirus software, it was discovered that virus infections still occurred on a large scale. In addition to the limitations of the product's own technology, the reason for the problem is weak personal terminal security protection, which is also an important factor.

Options:

A.

right

B.

wrong

Question 6

Regarding WLAN, which of the following descriptions is correct?

Options:

A.

WLAN Is to adopt 80211 Technical WiFi

B.

WLAN There are two basic architectures: FAT AP with AC+FIT AP

C.

AC+FATAP The architecture is suitable for medium and large use scenarios

D.

AC+FITAP Autonomous network architecture

Question 7

Which of the following series of devices does not support the function of accompanying business?

Options:

A.

S5720HI Series Switch:

B.

AR Series router

C.

USG6000 Series firewall

D.

SVN5600 series

Question 8

URL filtering, remote classification list provided and maintained by a third-party classification servers, devices can be synchronous updated automatically or manually from third-party classification servers.

Options:

A.

TRUE

B.

FALSE

Question 9

Regarding the description of the logic architecture of the business accompanying, which of the following options is correct?

Options:

A.

The business management plane focuses on administrators, authentication servers, and policy servers.

B.

The network equipment plane focuses on user terminals and static resources.

C.

The user plane focuses on authentication points and policy enforcement points.

D.

The business free mobility logic architecture includes a management subsystem, an authentication and authorization subsystem, and a business strategy subsystem.

Question 10

Agile Controller-Campus The product architecture includes three levels. Which of the following options does not belong to the product architecture level?

Options:

A.

Server layer

B.

Network device layer

C.

Access control layer

D.

User access layer

Question 11

VIP Experience guarantee, from which two aspects are the main guarantees VIP User experience? (Multiple choice)

Options:

A.

bandwidth

B.

Forwarding priority

C.

Authority

D.

Strategy

Question 12

In the terminal security all-round defense system, use PPT-PDCA The model can effectively implement terminal security defense. Which of the following options does not belong to PPT Model?

Options:

A.

technology

B.

Process

C.

organization

D.

plan

Question 13

Regarding the use of MAC authentication to access the network in the WLAN networking environment, which of the following statements is wrong en.

Options:

A.

MAC authentication does not require users to install any client software.

B.

The user name format used by MAC authentication is only one of MAC address user name format.

C.

MAC authentication actually uses 802 1X authentication method.

D.

MAC bypass authentication solves the situation of both 802.1x client authentication and MAC authentication in the same network environment.

Question 14

A policy template is a collection of several policies. In order to audit the security status of different terminal hosts and the behavior of end users, the administrator needs to customize.

The same policy template is used to protect and manage terminal hosts. Regarding the policy template, which of the following option descriptions are correct? (multiple choice)

Options:

A.

When configuring the policy template, you can inherit the parent template and modify the parent template policy

B.

Only the strategy in the strategy template can be used, and the administrator cannot customize the strategy.

C.

You can assign a policy template to a certain network segment.

D.

If different policy templates are applied to departments and accounts, the policy template assigned to the highest priority will take effect. The priority relationship of the number is: account>department

Question 15

Which of the following options is not a scenario supported by Free Mobility?

Options:

A.

Intranet users access the data center/Internet.

B.

When traveling users access intranet resources, traveling users pass VPN Access to the intranet.

C.

Work as a team.

D.

Realize mutual communication between devices.

Question 16

What do the common virus behavior characteristics include?(select 3 answers)

Options:

A.

Download and backdoor characteristics

B.

Information Collection feature

C.

own hidden feature

D.

system attacks characteristics

Question 17

In the Agile Controller-Campus solution, which device is usually used as the hardware SACG?

Options:

A.

router

B.

switch

C.

Firewall

D.

IPS

Question 18

About WEB URL filtering technology audit function, which of the following description is correct? (Choose 3 answers)

Options:

A.

URL audit function is used to record the user's HTTP Internet behavior as the basis for the audit.

B.

The user can configure the web type to be audited, WEB types to distinguish with file extensions, including html, jsp, aspx, etc.

C.

can audit user HTTP access in the specific content of the Post, as a user Internet censorship

D.

internal users access to the specified type of WEB resource, the firewall will be logged and sent to log server.

Question 19

In some scenarios, an anonymous account can be used for authentication. What are the correct descriptions of the following options for the anonymous account?? (Multiple choice)

Options:

A.

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

B.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

C.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

D.

Administrators cannot delete anonymous accounts"~anonymous*.

Question 20

Regarding the way SACG devices connect to the network, which of the following descriptions are correct? (multiple choice)

Options:

A.

SACG The equipment requires Layer 3 intercommunication with the terminal.

B.

SACG It is usually connected to the core switch equipment and uses policy routing to divert traffic.

C.

SACG Support hanging on non-Huawei devices.

D.

SACG Equipment requirements and Agile Controller-Campus Interoperability on the second floor.

Question 21

Which of the following description is incorrect against server loophole security threats ?

Options:

A.

worms using application software loophole to spread wantonly, consume network bandwidth and destroy important data.

B.

hackers, malicious employee use loophole to attack or invade enterprise servers, business secrets were tampered, damaged and theft .

C.

As long as the system software update in time for system loophole problems can be effectively solved.

D.

The Internet has made application software loophole to spread rapidly, making loophole easier to become targets of attack.

Question 22

In the Agile Controller-Campus solution, which device is usually used as the hardware SACG?

Options:

A.

router

B.

switch

C.

Firewall

D.

IPS

Question 23

Portal page push rules have priority, and the rules with higher priority are matched with the user's authentication information first. If none of the configured rules match, The default rules are used.

Options:

A.

right

B.

wrong

Question 24

For security priority application environment, should be closed Huawei firewall UTM overload protection function.

Options:

A.

TRUE

B.

FALSE

Question 25

How to check whether the SM and SC silverware start normally after installing the Agile Controller-Campus) (multiple delivery)

Options:

A.

Open https://SM server IP:8943 in the browser, enter the account admin and the default password Changeme123, if the login is successful, it will be explained. The SIM components are normal.

B.

After logging in to SC, select Resources>Users>User Management to create a common account. Open https://SM server IP:8447 in the browser newauth, if you can successfully log in using the account created in the previous step, the SM component is normal.

C.

Open https://SC Server IP:8443 in the browser and enter the account admin and the default password Changeme123. If the login is successful, it will be explained. The SC component is normal.

D.

After logging in to SM, select Ziyuan>User>User Management, and Xinlu has a common part number. Open https://SC server IP:8447 newauth in the browser. If you can successfully log in with the account created in the previous step, it means that the SC component is Wang Chang.

Question 26

Regarding the application scenarios of Agile Controller-Campus centralized deployment and distributed deployment, which of the following options are correct? (Multiple select)

Options:

A.

If most end users work in one area and a few end users work in branch offices, centralized deployment is recommended.

B.

If most end users are concentrated on--Offices in several regions, and a small number of end users work in branches. Distributed deployment is recommended.

C.

If end users are scattered in different geographical locations, a distributed deployment solution is recommended.

D.

If end users are scattered in different regions, a centralized deployment solution is recommended.

Question 27

The administrator issues notices to users in the form of announcements, such as the latest software and patch installation notices. Which of the following options of the announcement is incorrect?

Options:

A.

Announcements can be issued by the security department

B.

The terminal must have a proxy client installed to receive announcements.

C.

If the system issues an announcement and the proxy client is not online, the announcement information will not be received after going online.

D.

Announcements can be issued by account.

Question 28

Which of the following options is for Portal The statement of the gateway access process is correct?

Options:

A.

Portal gateway initiates Radius Challenge request message, including user name and password information

B.

The ACL issued by the server to the access gateway is carried in the Portal protocol message

C.

Issue policies while performing identity authentication

D.

The Portal server needs to pass the security check result to the access gateway device

Question 29

Which of the following options is about Portal The description of the certification process is correct?

Options:

A.

Portal The certification process is only used in Web Certification

B.

Server for a terminal Portal Certification will only give one Portal Device sends authentication message

C.

Switch received Portal Online message, will give Radius Server send Radius Certification request

D.

Portal The authentication message will not carry the result of the security check

Question 30

Portal At the time of certification, pass Web After the browser enters the account password for authentication, it prompts"Authenticating.."The status lasts for a long time before it shows that the authentication is successful. Which of the following reasons may cause this phenomenon?

Options:

A.

Multiple Agile Controller The same terminal IP Address added Portal"Access terminal IP Address list",Some of them Agile Controller The server and the terminal cannot communicate normally.

B.

Portal The template is configured with an incorrect password.

C.

Agile Controller-Campus There are too many authorization rules on the "It takes a lot of time to find 835

D.

Insufficient curtains of the terminal equipment result in a relatively large delay.

Demo: 30 questions
Total 201 questions