New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Huawei H12-723_V3.0 Dumps Questions Answers

HCIP-Security-CTSS V3.0 Questions and Answers

Question 1

A network adopts 802. 1X To authenticate access users, the access control equipment is deployed at the convergence layer, and after the deployment is completed, it is used on the access control equipment t-aa The command test is successful, but the user cannot access the network. The failure may be caused by the following reasons? (Multiple choice)

Options:

A.

The aggregation layer device is not configured RADIUS Certification template.

B.

Agile Controller-Campus The switch is not added on NAS equipment.

C.

Connect to the terminal on the device to open 802.1X Function.

D.

The Layer 2 link is used between the access device and the aggregation device, and it is not turned on 802 Instrument transparent transmission function

Buy Now
Question 2

In the Agile Controller-Campus solution, which device is usually used as the hardwareSACG?

Options:

A.

router

B.

switch

C.

Firewall

D.

IPS

Question 3

Which of the following options are correct for thedescription of visitor management? (Multiple choice)

Options:

A.

Visitor registration account can be configured to be exempt from approval

B.

Guest login can only be configured as Web Way of webpage

C.

Anonymous account authentication cannot be performed on the guest authentication page

D.

Visitor account approval information can be notified to visitors via SMS

Question 4

Use on access control equipment test-aaa Command test and Radius When the server is connected, the running result shows a timeout, which may be caused by incorrect account or password configuration.

Options:

A.

True

B.

False

Question 5

Which of the following series of devices does not support the function of accompanying business?

Options:

A.

S5720HI Series Switch:

B.

AR Series router

C.

USG6000 Series firewall

D.

SVN5600 series

Question 6

How to check whether the SM and SC silverware start normally after installing the Agile Controller-Campus) (multiple delivery)

Options:

A.

Open https://SM server IP:8943 in the browser, enter the account admin and the default password Changeme123, if the login is successful, it will be explained. The SIM components are normal.

B.

After logging in to SC, select Resources>Users>User Management to create a common account. Open https://SM server IP:8447 in the browser newauth, if you can successfully log in using the account created in the previous step, the SM component is normal.

C.

Open https://SC Server IP:8443 in the browser and enter the account admin and the default password Changeme123. If the login is successful, it will be explained. The SC component is normal.

D.

Afterlogging in to SM, select Ziyuan>User>User Management, and Xinlu has a common part number. Open https://SC server IP:8447 newauth in the browser. If you can successfully log in with the account created in the previous step, it means that the SC component is Wang Chang.

Question 7

Which of the following options are relevant to MAC Certification and MAC The description of bypassauthentication is correct? (Multiple choice)

Options:

A.

MAC Certification is based on MAC The address is an authentication method that controls the user's network access authority. It does not require the user to install any client software.

B.

MAC Bypass authentication is first performed on the devices that are connected to the authentication 802 1X Certification;If the device is 802. 1X No response from authentication, re-use MAC The authentication method verifies the legitimacy of the device.

C.

MAC During the authentication process, the user is required to manually enter the user name or password.

D.

MAC The bypass authentication process does not MAC The address is used as the user name and password to automatically access the network.

Question 8

Traditional access control policy passed ACL or VLAN Can not be achieved with IP Address decoupling, in IP The maintenance workload is heavy when the address changes. And because the agile network introduces the concept of security group, it can achieve the same IP Address decoupling.

Options:

A.

True

B.

False

Question 9

Regarding the identity authentication method and authenticationtype, which of the following descriptions is correct?

Options:

A.

User passed web The method can support two authentication types: local authentication and digital certificate authentication.

B.

User passed web Agent The method can support two authentication types:digital certificate authentication and system authentication.

C.

User passed Agent The method can support three authentication types: local authentication, digital certificate authentication and system authentication.

D.

User passed web Agent The method can support two authentication types: digital certificate authentication and local authentication.

Question 10

Regarding the strategy for checking the screensaver settings, which of the following descriptions arecorrect? (Multiple choice)

Options:

A.

You can check whether the screen saver is enabled on the terminal

B.

You can check whether the screen saver password is enabled

C.

Only supports Windows operating system

D.

Screen saver settings cannot be automatically repaired

Question 11

A network adopts Portal Authentication, the user finds the pushed Web No username entered on the page/The place of the password. This failure may Which of the following causes?

Options:

A.

Agile Controller-CampusThere is no corresponding user on.

B.

switch AAA Configuration error.

C.

The switch is not turned on Portal Function.

D.

Portal The push page on the server is wrong.

Question 12

Business accompanying is-A special access control method, according to the user's access location, access time, access method and terminal use to grant designated investment limits, among which the physical connection can be divided into 3 Class, excluding which of the following access methods?

Options:

A.

Wired access

B.

Wireless access

C.

VPN Access

D.

802.1X Access

Question 13

Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Options:

A.

Different places can have different security policies.

B.

The location has nothing to do with safety.

C.

There can only be one place in the company.

D.

Place and location have nothing to do.

Question 14

Use hardware SACG Access control,,In hardware SACG View the results of the conversation table on the deduction.

Which of the following statements are correct? (Multiple choice)

Options:

A.

192.168.1.0 definitely is Agile Controller-Campus Manager IP address

B.

if 192.126.200.11 Is the server of the post-authentication domain, then IP Address is 192.18.0.1 If your terminal has not passed the authentication, it is possible to access the server.

C.

192.168.100.1 definitely is Agile Controller-Campus Controller IP address.

D.

Ifin 6 Within minutes of the conversation 192.168.0.19 154->/192.162.0.11: 15080 Not refreshed,IP Address is 192.168.0.119 If the device wants to IP Address is 192.168.200.11 For device communication, the session must be re-established.

Question 15

Regarding WLAN, which of the following descriptions is correct?

Options:

A.

WLAN Is to adopt 80211 Technical WiFi

B.

WLAN There are two basic architectures: FAT AP with AC+FIT AP

C.

AC+FATAP The architecture is suitable for medium andlarge use scenarios

D.

AC+FITAP Autonomous network architecture

Question 16

Regarding the description of the account blacklist, which of thefollowing options is wrong?

Options:

A.

The automatic account lock and manual account lock functions cannot be activated at the same time.

B.

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authenticationexceeds the limited number of times within a limited time, the account will be automatically locked.

C.

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

D.

Manually lock the account anddelete it from the list, the lock of the account will be released.

Question 17

Which of the following options is about Portal The description of the certification process is correct?

Options:

A.

Portal The certification process is only used in Web Certification

B.

Server for a terminal Portal Certification will only give one Portal Device sends authentication message

C.

Switch received Portal Online message, will give Radius Server send Radius Certification request

D.

Portal The authentication message will not carry the result of the security check

Question 18

If you use a normal account for authentication, which of the following descriptions is wrong?

Options:

A.

Users can use Any Office Perform authentication.

B.

User can't use web Way to authenticate.

C.

Users can use Web Agent Perform authentication.

D.

Users can use their own 802. 1X The client authenticates.

Question 19

Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Options:

A.

True

B.

False

Question 20

Which of the following cybersecurity threats exist only in WLAN In the network?

Options:

A.

Brute force

B.

Crowd attack

C.

DoS Denial of service attack

D.

Weak IV attack

Question 21

What are the three main steps of business free deployment? (Multiple choice)

Options:

A.

Define security group

B.

Define and deploy group policies

C.

The system runs automatically

D.

Security group reported by the system

E.

Define user groups

Question 22

About the software SACG And hardware SACG Description, which of the following is correct?

Options:

A.

hardware SACG use Any Office Perform admission control.

B.

software SACG use Any Office Perform admission control.

C.

hardware SACG Thansoftware SACG cut costs.

D.

hardware SACG The security is higher.

Question 23

Regarding the basic principles of user access security, it is wrong not to list any description?

Options:

A.

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates withthe authentication server to complete the user Authentication.

B.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, andterminal Information such as the patch version installed on the device.

C.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

D.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Question 24

Deployed by an enterprise network managerAgile Controller-Campus withSACG Later;Identityauthentication is successful but cannot access the post-authentication domain, This phenomenon may be caused by any reason? (Multiple choice)

Options:

A.

A serious violation will prohibit access to the post-authentication domain.

B.

The access control list of the post-authentication domain has not been delivered SACG.

C.

ALC The number of rules issued is too many, and a lot of time is required to match, causing interruption of access services.

D.

Agile Controller-Campus Wrong post-authentication domainresources are configured on the server.

Question 25

A policy template is a collection of several policies. In order to audit thesecurity status of different terminal hosts and the behavior of end users, the administrator needs to customize.

The same policy template is used to protect and manage terminal hosts. Regarding the policy template, which of the following option descriptions are correct? (multiple choice)

Options:

A.

When configuring the policy template, you can inherit the parent template and modify the parent template policy

B.

Only the strategy in the strategy template can be used, and the administrator cannot customize the strategy.

C.

You can assign a policy template to a certain network segment.

D.

If different policy templates are applied to departments and accounts, the policy template assigned to the highest priority will take effect. The priority relationship of the number is: account>department