New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Huawei H12-723_V3.0 HCIP-Security-CTSS V3.0 Exam Practice Test

Page: 1 / 17
Total 169 questions

HCIP-Security-CTSS V3.0 Questions and Answers

Question 1

The visitor management process includes page customization, account application, user authentication, audit, and logout. After the user successfully applies for an account, he needs to change.

When the account is distributed to users, what stage does the distribution of the account belong to?

Options:

A.

Page customization stage

B.

Account application stage

C.

User authentication phase

D.

Audit and cancellation stage

Question 2

Inenterprises where terminal host access control management is relatively strict, administrators hope to bind terminal hosts and accounts to prevent terminal users from accessing the controlled network from unauthorized terminal hosts at will. Regarding thedescription of binding the terminal host and account, which of the following is correct?

Options:

A.

exist Any Office When logging in with an account for the first time, the terminal host is automatically bound to the current account, but the automatic binding process requires administrator approval

B.

When other accounts need to be authenticated on the bound terminal host, there is no need to find the asset owner who is bound for the first time to authorize themselves.

C.

Binding terminal hosts and accounts is onlyapplicable to terminal users through Any Office Scenarios for authentication, Not applicable Web Agent Plugins and Web The scenario where the client authenticates.

D.

There are only consoles in the account binding terminal host, which cannot be configuredby the administrator.

Question 3

The user access security solution is one-kind"End to end"Security architecture. The user access security architecture includes three key components:Terminal equipment, network access equipment and access server.

Options:

A.

True

B.

False

Question 4

802.1X During the authentication, if the authentication point is at the aggregation switch, in addition to RADIUS,AAA,802.1X In addition to theconventional configuration, what special configuration is needed?

Options:

A.

Both the aggregation layer and the access layer switches need to be turned on 802.1X Function.

B.

Access layer switch needs to be configured 802. 1X Transparent transmission of messages.

C.

The aggregation switch needs to be configured 802 1X Transparent transmission of messages.

D.

No special configuration required

Question 5

Identity authentication determines whether to allow access by identifying the identity of the access device or user.

Options:

A.

True

B.

False

Question 6

In WPA2, because of the more secureencryption technology-TKIP/MIC, WPA2 is more secure than WPA.

Options:

A.

True

B.

False

Question 7

Sort all services according to user group andaccount: By the end IP The address range is time-sharing, if it is a user group, a small terminal with an account IP Address range allocation for the same business(Chen Gongji outside business) I The business assigned to the one with the highest priority will take effect.

Which of the following is correct regarding the order of priority?

Options:

A.

account>user group>terminal IP Address range

B.

By the end P Address range>account number>user group

C.

account>Terminal protection address range>user group

D.

user group>terminal P Address range>Account

Question 8

A policy template is a collection of several policies. In order to audit thesecurity status of different terminal hosts and the behavior of end users, the administrator needs to customize.

The same policy template is used to protect and manage terminal hosts. Regarding the policy template, which of the following option descriptions are correct? (multiple choice)

Options:

A.

When configuring the policy template, you can inherit the parent template and modify the parent template policy

B.

Only the strategy in the strategy template can be used, and the administrator cannot customize the strategy.

C.

You can assign a policy template to a certain network segment.

D.

If different policy templates are applied to departments and accounts, the policy template assigned to the highest priority will take effect. The priority relationship of the number is: account>department

Question 9

Regarding WLAN, which of the following descriptions is correct?

Options:

A.

WLAN Is to adopt 80211 Technical WiFi

B.

WLAN There are two basic architectures: FAT AP with AC+FIT AP

C.

AC+FATAP The architecture is suitable for medium andlarge use scenarios

D.

AC+FITAP Autonomous network architecture

Question 10

An account can belong to multiple roles, that is, a user may hold multiple positions.

Options:

A.

True

B.

False

Question 11

Which of the following options are right 802. 1X The description of the access process is correct? (Multiple choice).

Options:

A.

Through the entire authentication process, the terminal passes EAP The messageexchanges information with the server.

B.

Terminal and 802.1X Switch EAP Message interaction,802.1X Switch and server use Radius Message exchange information

C.

802.1X Authentication does not require security policy checks.

D.

use MD5 The algorithm checksthe information.

Question 12

About the software SACG And hardware SACG Description, which of the following is correct?

Options:

A.

hardware SACG use Any Office Perform admission control.

B.

software SACG use Any Office Perform admission control.

C.

hardware SACG Thansoftware SACG cut costs.

D.

hardware SACG The security is higher.

Question 13

Regarding the application scenarios of Agile Controller-Campus centralized deployment and distributed deployment, which of the following options are correct? (Multiple select)

Options:

A.

If most end users work in one area and a few end users work in branch offices, centralized deployment is recommended.

B.

If most end users areconcentrated on--Offices in several regions, and a small number of end users work in branches. Distributed deployment is recommended.

C.

If end users are scattered in different geographical locations, a distributed deployment solution is recommended.

D.

Ifend users are scattered in different regions, a centralized deployment solution is recommended.

Question 14

Typical application scenarios of terminal security include: Desktop management, illegal outreach and computer peripheral management.

Options:

A.

True

B.

False

Question 15

For hardware SACC Access control, if the terminal does not pass the authentication, it can access the resources of the post-authentication domain. This phenomenon may be caused by the following reasons? (Multiple choice)

Options:

A.

Authentication data flow has passed SACG filter.

B.

TSM No hardware is added to the system SACG equipment.

C.

SACG Enable the default inter-domain packetfiltering.

D.

Privileges are misconfigured IP

Question 16

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Options:

A.

WIDS Is a wireless intrusion prevention system

B.

WIPS Wireless intrusion detection system

C.

WIDS Is a wireless intrusion countermeasure system

D.

WIPS Is a wireless intrusion prevention system

Question 17

Regarding the description of the ACL used in the linkage between SACG equipment and the TSM system, which of the following statements is correct!?

Options:

A.

default ACL The rule group number can be arbitrarily specified.

B.

default ACL The rule group number can only be 3999.

C.

due to SACG Need to use ACL3099-3999 To pick TSM The rules issued by the system, so in the configuration TSM Before linkage, you needto ensure these ACL Not referenced by other functions.

D.

The original group number is 3099-3999 of ACL Even if it is occupied, it can be successfully activated TSM Linkage.

Question 18

When managing guest accounts, you need to create a guest account policy and set the account creation method. For the account creation method, which of the following descriptions is wrong?

Options:

A.

When adding accounts individually, you can choose to create them individually.

B.

If there are a lot of users, you can choose to create in batches.

C.

If there are many users, you can choose database synchronization

D.

In order to facilitate management andimprove user experience, self-registration can be used.

Question 19

The multi-level defense system is mainly reflected in the network level and the system level. Which of the following options are used for security defense at the network level? (Multiple choice)

Options:

A.

software SACG

B.

hardware SACG

C.

802.1X switch

D.

Authentication server

Question 20

Which of the following options is not included in the mobile terminal life cycle?

Options:

A.

Obtain

B.

deploy

C.

run

D.

Uninstall

Question 21

Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

Options:

A.

True

B.

False

Question 22

When a guest needs to access the network through an account, which of the following methods can be used to access? (Multiple choice)

Options:

A.

Create new account

B.

Use existing socialmedia accounts

C.

No authentication, no account required

D.

Scan public QR code

Question 23

Security zone division means to better protect the internal network security,Based on the business type and security requirements of the intranet, divide the intranet into several granularities.

Logical area. Which of the following options does not belong Agile Controller-Campus Security domain?

Options:

A.

User domain

B.

Network domain

C.

Business domain:

D.

Attack domain

Question 24

A network adopts Portal Authentication, the user finds the pushed Web No username entered on the page/The place of the password. This failure may Which of the following causes?

Options:

A.

Agile Controller-CampusThere is no corresponding user on.

B.

switch AAA Configuration error.

C.

The switch is not turned on Portal Function.

D.

Portal The push page on the server is wrong.

Question 25

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

Options:

A.

True

B.

False

Page: 1 / 17
Total 169 questions