Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Huawei
  3. HCIP-Security
  4. H12-724 - HCIP-Security (Fast track) V1.0

Huawei H12-724 HCIP-Security (Fast track) V1.0 Exam Practice Test

Demo: 55 questions
Total 367 questions
Get H12-724 Full Access Download H12-724 PDF

HCIP-Security (Fast track) V1.0 Questions and Answers

Question 1

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Options:

A.

Planting malware

B.

Vulnerability attack"

C.

We6 Application Click

D.

Brute force

Question 2

The following is a hardware SACG increase firewall configuration, which statement below is true?

Options:

A.

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

B.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

C.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

D.

Main IP is the Policy Center reaches the next-hop firewall device interface address

Question 3

Part of the reason why the APT attack becomes difficult to defend is that it uses the vulnerabilities to attack. This kind of zero-day hole usually requires flowers

A lot of time to research and analyze and produce corresponding defense methods.

Options:

A.

True

B.

False

Question 4

​​SQl injection attacks generally have the following steps:

①Elevate the right

②Get the data in the database

③Determine whether there are loopholes in the webpage

④ Determine the database type

For the ordering of these steps, which of the following options is correct?

Options:

A.

③④①②

B.

③④②①

C.

④①②③

D.

④②①③

Question 5

Which of the following technologies can achieve content security? (multiple choice)

Options:

A.

Web security protection

B.

Global environment awareness

C.

Sandbox and big data analysis

D.

Intrusion prevention

Question 6

Which of the following is not an abnormal situation of the file type recognition result?

Options:

A.

The file extension does not match.

B.

Unrecognized file type

C.

File corruption

D.

The file is compressed

Question 7

Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes:

1. Report suspicious files

2. Retrospective attack

3. Firewall linkage defense

4. Prosecution in the cloud sandbox

For the ordering of the process, which of the following options is correct?

Options:

A.

1-3-4-2

B.

1-4-2-3

C.

1-4-3-2

D.

3-1-4-2:

Question 8

The administrator issues notices to users in the form of announcements, such as the latest software and patch installation notices. Which of the following options of the announcement is incorrect?

Options:

A.

Announcements can be issued by the security department

B.

The terminal must have a proxy client installed to receive announcements.

C.

If the system issues an announcement and the proxy client is not online, the announcement information will not be received after going online.

D.

Announcements can be issued by account.

Question 9

Regarding MAC authentication and MAC bypass authentication, which of the following descriptions are correct? (multiple choice)

Options:

A.

The biggest difference between the two is MAC Bypass authentication belongs to 802 1X Certification, while MAC Certification does not belong to 802 1X Certification.

B.

If a network can connect to dumb terminals(printer,IP telephone), The text may be connected to a portable computer, please use MAC Bypass authentication:First try 802 1X Authentication, try again if authentication fails MAC Certification

C.

If a network will only connect to dumb terminals(printer,IP telephone),please use MAC Certification in order to shorten the certification time.

D.

MAC Authentication MAC One more bypass authentication 802 In the instrument certification process, the open time is longer than MAC The bypass authentication time is long.

Question 10

Regarding CAPWAP encryption, which of the following statements is wrong?

Options:

A.

CAPWAP The data tunnel can be used DTLS Encrypted.

B.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Question 11

The results of the RBL black and white list query on the firewall are as follows:

Based on the above information only, which of the following statements is correct? (multiple choice)

Options:

A.

Mail with source address 10.17.1.0/24 will be blocked

B.

Mail with source address 10.18.1.0/24 will be blocked

C.

Mail with source address 10.17.1.0/24 will be released

D.

Mail with source address 10.18.1.0/24 will be released

Question 12

Which of the following options is not a feature of big data technology?

Options:

A.

The data boy is huge

B.

A wide variety of data

C.

Low value density

D.

Slow processing speed

Question 13

BY00 The products and textiles provided by the history solution program cover the entire terminal network\Application and management and other fields/include: Serialization BC Equipment, paperless network system network access support, VPN Gateway, terminal security customer ladder software, authentication system, mobile device management(MDN),move eSpace UC.

Options:

A.

True

B.

False

Question 14

The security management system is only optional, and anti-virus software or anti-hacking technology can be a good defense against network threats.

Options:

A.

True

B.

False

Question 15

URL filtering technology can perform URL access control on users according to different time objects and address objects to achieve precise management of users.

The purpose of the Internet behavior.

Options:

A.

True

B.

False

Question 16

Which of the following options are relevant to MAC Certification and MAC The description of bypass authentication is correct? (Multiple choice)

Options:

A.

MAC Certification is based on MAC The address is an authentication method that controls the user's network access authority. It does not require the user to install any client software.

B.

MAC Bypass authentication is first performed on the devices that are connected to the authentication 802 1X Certification;If the device is 802. 1X No response from authentication, re-use MAC The authentication method verifies the legitimacy of the device.

C.

MAC During the authentication process, the user is required to manually enter the user name or password.

D.

MAC The bypass authentication process does not MAC The address is used as the user name and password to automatically access the network.

Question 17

UDP is a connectionless protocol. UDP Flood attacks that change sources and ports will cause performance degradation of network devices that rely on session forwarding.

Even the session table is exhausted, causing the network to be paralyzed. Which of the following options is not a preventive measure for UDP Flood attacks?

Options:

A.

UDP fingerprint learning

B.

Associated defense

C.

current limit

D.

First packet discarded

Question 18

Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)

Options:

A.

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

B.

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

C.

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

D.

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

Question 19

Which aspects of information security will be caused by unauthorized access? (multiple choice)

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Recoverability

Question 20

The main attack prevention technologies of Huawei USG6000 products include: source detection, fingerprint learning and associated defense.

Options:

A.

True

B.

False

Question 21

Which of the following features does Huawei NIP intrusion prevention equipment support? (multiple choice)

Options:

A.

Virtual patch

B.

Mail detection

C.

SSL traffic detection

D.

Application identification and control

Question 22

Which of the following are the control items of HTTP behavior?) (multiple choice)

Options:

A.

POST operation

B.

Browse the web

C.

Acting online

D.

File upload and download

Question 23

If the user's FTP operation matches the FTP filtering policy, what actions can be performed? (multiple choice)

Options:

A.

Block

B.

Declare

C.

Alarm

D.

Execution

Question 24

Anti-DDoS defense system includes: management center, detection center and cleaning center.

Options:

A.

True

155955cc-666171a2-20fac832-0c042c0421

B.

False

Question 25

When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

Options:

A.

Users can visit www.videobt.com website.

B.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

C.

User cannot access all the sites ending with bt com.

D.

When users visit www.bt. com, they will be blocked.

Question 26

Huawei's USG000 product can identify the true type of common files and over-check the content. Even if the file is hidden in a compressed file, or change the extension

The name of the exhibition can't escape the fiery eyes of the firewall.

Options:

A.

True

B.

False

Question 27

If the self-determined meter function is enabled on the Agile Controller-Campus and the account PMAC address is bound, Within a period of time, the number of incorrect cipher input by the end user during authentication exceeds the limit. Which of the following descriptions is correct? (multiple choice)

Options:

A.

When the account number is reserved, only the sword type number cannot be authenticated on the bound terminal device, and it can be authenticated normally on other terminal devices.

B.

The account is locked on all terminal devices and cannot be recognized.

C.

If you want to lock out the account, the administrator can only delete the account from the list.

D.

After the lock time, the account will be automatically unlocked

Question 28

In order to protect the security of data transmission, more and more websites or companies choose to use SSL to encrypt transmissions in the stream. About using Huawei NIP6000

The product performs threat detection on (SSL stream boy, which of the following statements is correct?

Options:

A.

NIP0OO does not support SSL Threat Detection.

B.

The traffic after threat detection is sent directly to the server without encryption

C.

NIP can directly crack and detect SSL encryption.

D.

After the process of "decryption", "threat detection", and "encryption"

Question 29

Which of the following statement on the scanner is wrong?

Options:

A.

When deploying NAC Agent, can use scanner to scan and assess the number of installed and non-installed agent.

B.

When the terminal NAC Agent uninstall, the scanner can send alarm information.

C.

the scanner by the SNMP protocol to obtain network equipment resources information.

D.

scanner and Policy Center controller linkage scan tasks.

Question 30

Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct? (multiple choice)

Options:

A.

802.1X Authentication can only be initiated by the client.

B.

802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate

C.

8021X The client can trigger authentication through multicast or broadcast.

D.

The authentication equipment department triggers authentication through multicast or unicast.

Question 31

What content can be filtered by the content filtering technology of Huawei USG6000 products?

Options:

A.

File content filtering

B.

Voice content filtering

C.

Apply content filtering..

D.

The source of the video content

Question 32

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Options:

A.

WIDS Is a wireless intrusion prevention system

B.

WIPS Wireless intrusion detection system

C.

WIDS Is a wireless intrusion countermeasure system

D.

WIPS Is a wireless intrusion prevention system

Question 33

When performing terminal access control, the authentication technology that can be used does not include which of the following options?

Options:

A.

8021X Certification

B.

SACG Certification p2-

C.

Bypass authentication

D.

Portal Certification

Question 34

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

Options:

A.

The access layer switch does not start EAP Transparent transmission function.

B.

wireless 02K In the scenario, the access control device is not equipped with a security board

C.

AD The service controller is not added in the authentication scenario AD area.

D.

The user account or password is incorrectly configured.

Question 35

The anti-virus feature configured on the Huawei USG6000 product does not take effect. Which of the following are the possible reasons? (multiple choice)

Options:

A.

The security policy does not reference the anti-virus configuration file.

B.

The anti-virus configuration file is configured incorrectly.

C.

The virus signature database version is older.

D.

No virus exceptions are configured.

Question 36

When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

Options:

A.

Discard message

B.

URL Address redirected to Portal Authentication page

C.

Direct travel

D.

Send authentication information to authentication server

Question 37

Based on the anti-virus gateway of streaming scan, which of the following descriptions is wrong?

Options:

A.

Rely on state detection technology and protocol analysis technology

B.

The performance is higher than the agent-based method

C.

The cost is smaller than the agent-based approach

D.

The detection rate is higher than the proxy-based scanning method

Question 38

Regarding the processing process of file overwhelming, which of the following statements is correct?

Options:

A.

The file filtering module will compare the application type, file type, and transmission direction of the file identified by the previous module with the file filtering rules configured by the administrator.

Then the lookup table performs matching from top to bottom.

B.

If all the parameters of Wenzhu can match all file filtering rules, then the module will execute the action of this file filtering rule.

C.

There are two types of actions: warning and blocking.

D.

If the file type is a compressed file, then after the file filtering check, the female file will be sent to the file decompression module for decompression and decompression.

Press out the original file. If the decompression fails, the file will not be re-filed.

Question 39

There are two types of accounts on the Agile Controller-Campus: one is a local account and the other is an external account.

Which of the following is not a local account?

Options:

A.

Ordinary account

B.

Guest account

C.

Anonymous account

D.

Mobile certificate account

Question 40

Which of the following equipment is suitable for use MAC Authentication access network?

Options:

A.

Office Windows System host

B.

For testing Linux System host

C.

Mobile client, such as smart phone, etc

D.

Network printer 232335

Question 41

The process of a browser carrying a cookie to request resources from a server is shown in the following figure. Which of the following steps contains SessionID information in the message?

Options:

A.

③④

B.

①③④

C.

⑤⑥

D.

②④

Question 42

If you combine security defense with big data technology, which of the following statements are correct? (multiple choice)

Options:

A.

In the learning process, you should start from collecting samples, analyze their characteristics and then perform machine learning.

B.

Machine learning only counts a large number of samples, which is convenient for security administrators to view.

C.

In the detection process, the characteristics of unknown samples need to be extracted and calculated to provide samples for subsequent static comparisons.

D.

Security source data can come from many places, including data streams, messages, threat events, logs, etc.

Question 43

The service free mobility function of the Agile Controller can guide the flow to the security center for processing according to the service, improving the utilization of physical equipment.

Options:

A.

True

B.

False

Question 44

The user access security solution is one-kind"End to end"Security architecture. The user access security architecture includes three key components:Terminal equipment, network access equipment and access server.

Options:

A.

True

B.

False

Question 45

Hardware in useSACG At the time of certification,SACG After the configuration is completed, you can seeSACG andAgile Agile Controller-Campus The linkage is successful, but the user authentication fails. This phenomenon may be caused by the following reasons? (Multiple choice)

Options:

A.

User flow has not passed SACG.

B.

SACG There is no release on the user stream.

C.

SACG There is no closed state detection on it.

D.

Agile Controller-Campus On and SACG Wrong key configuration for linkage

Question 46

For full encryption registered mobile storage devices must be formatted to normal use in not installed NAC client terminal host.

Options:

A.

TRUE

B.

FALSE

Question 47

What equipment do Policy Center supported servers include? (Choose 3 answers)

Options:

A.

remote control device

B.

mail server

C.

Internet behavior management equipment

D.

log collection server

Question 48

There are several steps in a stored XSS attack

①The attacker hijacks the user session

②The attacker submits an issue containing known JavaScript

③User login

④The user requests the attacker's question 5

⑤The server responds to the attacker’s JavaScript

⑥ The user's browser sends a session token to the attacker

⑦The attacker's JavaScript is executed in the user's browser

For the ordering of these steps, which of the following options is correct?

Options:

A.

③②⑦⑥④⑤①

B.

③②④⑤⑦⑥①

C.

③②④⑥⑤⑦①

155955cc-666171a2-20fac832-0c042c0428

D.

⑧②⑤⑦④⑥①

Question 49

Agile Controller-Campus The department includes four parts of the management center(MC)Business manager(SM)And business controller(SC)And client network access equipment (NAD)As a component of the solution, it is linked with the service controller to realize user access control and free mobility.

Options:

A.

True

B.

False

Question 50

Huawei NIP6000 products provide carrier-class high-reliability mechanisms from multiple levels to ensure the stable operation of equipment.

Which of the following options belong to the network reliability? (multiple choice)

Options:

A.

Dual machine hot backup

B.

Power supply. 1+1 redundant backup

C.

Hardware Bypass

D.

Link-group

Question 51

Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

Options:

A.

Short message

B.

E-mail

C.

Web Print

D.

Voicemail

Question 52

Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

Options:

A.

True

B.

False

Question 53

Which of the following options are relevant to Any Office The description of the solution content is correct? (Multiple choice)

Options:

A.

Provide unified and secure access to enterprise mobile applications on mobile terminals.

B.

The tunnel is dedicated and cannot be penetrated by viruses.

C.

Applications are quickly integrated and can be extended.

D.

It can be quickly integrated and docked with the enterprise application cloud platform.

Question 54

Use on the terminal Portal The authentication is connected to the network, but you cannot jump to the authentication page. The possible reason does not include which of the following options?

Options:

A.

Agile Controller-Campus Configured on Portal The authentication parameters are inconsistent with the access control device.

B.

Access device Portal The authentication port number of the template configuration is 50100 ,Agile Controlle-Campus The above is the default.

C.

CS Did not start

D.

When the page is customized, the preset template is used.

Question 55

Which of the following options is correct for the description of the role of the isolation domain?

Options:

A.

Isolation domain refers to the area that the terminal host can access before passing the identity authentication, such as DNS server, external authentication source, business controller (SC)c The area where the service manager (SM) is located.

B.

Isolation domain refers to the area that is allowed to be accessed when the terminal user passes the identity authentication but fails the security authentication, such as patch server, virus database server. The area where the server is located.

C.

Isolation domain refers to the area that terminal users can access after passing identity authentication and security authentication, such as ERP system, financial system database system. The area where you are.

D.

End users can access the isolated domain regardless of whether they pass identity authentication.

Load More H12-724 Questions
Demo: 55 questions
Total 367 questions
Get H12-724 Full Access Download H12-724 PDF