Huawei H12-724 HCIP-Security (Fast track) V1.0 Exam Practice Test

abcde

abcdde

abclde

abc+de

Lack of effective protection against application layer threats.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

Ability to quickly adapt to changes in threats.

Unable to accurately control various applications, such as P2P, online games, etc. .

Resource pool mechanism

weighting mechanism

load balancing

Hot Standby

The content in No. 2 must be configured.

In addition to this page configuration, you also need to enable the firewall and sandbox linkage, otherwise the page configuration is invalid

The content in No. 4 must be configured.

After the configuration is completed, you need to submit the configuration to take effect.

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates with the authentication server to complete the user Authentication.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, and terminal Information such as the patch version installed on the device.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

True

False

True

155955cc-666171a2-20fac832-0c042c0414

False

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

Main IP is the Policy Center reaches the next-hop firewall device interface address

Different places can have different security policies.

The location has nothing to do with safety.

There can only be one place in the company.

Place and location have nothing to do.

It can identify the application that carries the file, the file transfer direction, the file type and the file extension.

Even if the file type is modified, it can also identify the true type of the file

It can identify the type of files transmitted by itself, and can block, alert and announce specific types of files.

It supports filtering the contents of compressed files after decompression. "

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

True

False

3->1->4->2->5

3->2->4->1->5

3->2->1->4->5

3->1->2->4->5

1-2-3-4

4-2-3-1

3-2-1-4

2-3-1-4

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

Intrusion prevention can block attacks in real time.

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

PDF heuristic sandbox

ja$

PE heuristic sandbox

Web heuristic sandbox

Heavyweight sandbox (virtual execution)

The security policy does not reference the anti-virus configuration file.

The anti-virus configuration file is configured incorrectly.

The virus signature database version is older.

No virus exceptions are configured.

Press "0U" to synchronize

AO Synchronize by "group", "0U describes the organizational structure

AO Press "Group" "Synchronize," "Group" Jida organization structure

LDAP synchronization by "group"

True

False

Data analysis, data classification, post-processing

Data processing, data classification, post-processing

Data processing, attack classification, post-processing

Data processing, data classification, attack playback

example

www. abc. example. com

www.abc. example

example. com

WLAN Is to adopt 80211 Technical WiFi

WLAN There are two basic architectures: FAT AP with AC+FIT AP

AC+FATAP The architecture is suitable for medium and large use scenarios

AC+FITAP Autonomous network architecture

WhoTo determine the ownership of the access device(Company standard,BYOD Wait)

WhoseTo determine the identity of the access person(member I, Visitors, etc.)

How Determine the access method(Wired, wireless, etc.)

WhatTo determine the access device(PC,iOS Wait)

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

True

False

True

False

The use of anonymous accounts for authentication is based on the premise of trusting the other party, and the authentication agency does not need the other party to provide identity information to provide services to the other party.

Agile Controller-Campus Need to be manually created"~anonymous"account number.

By default, the access control and policy of anonymous accounts cannot be performed. 1 Operations such as invoking patch templates and software distribution.

Administrators cannot delete anonymous accounts"~anonymous*.

True

False

Teardrop attack

Ping of Death attack

IP Spoofng attack

Land attack

Install the operating system

Install the database

Install antivirus software

Import License

File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent

Prevent employees from leaking company confidential documents to the Internet.

Content filtering can prevent the disclosure of confidential information and the transmission of illegal information

The application behavior control function can finely control common HTTP behaviors and FTP behaviors.

Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails.

③②⑦⑥④⑤①

③②④⑤⑦⑥①

③②④⑥⑤⑦①

155955cc-666171a2-20fac832-0c042c0428

⑧②⑤⑦④⑥①

True

False

True

False

Checking strategies are mainly used to check some static settings of the terminal, such as whether the screen saver is set, whether the antivirus software is installed; whether there is illegal Outreach etc. z00

Monitoring strategies are mainly used for real-time monitoring of events that occur in the system, such as whether anti-virus software is installed and whether PPPOE dial-up access is used Network, etc.-Once an incident is detected, some control can be taken.

The security check strategy only includes two types of end-host check-type strategies and end-user behavior check-type strategies.

Terminal host security management is mainly implemented by inspection strategies, and end user behavior management is mainly implemented by monitoring strategies.

Set local blacklist and whitelist: Both blacklist and whitelist can be configured at the same time, or only one of them can be configured.

In the "Whitelist" text box, enter the P address and mask of the SMTP Server to be added to the whitelist. You can enter multiple IP addresses, one IP address

Address one line. v

Enter the IP address and mask of the SMITP Server to be added to the blacklist in the "Blacklist" text box, you can enter multiple IP addresses, one IP

Address one line.

The priority of the blacklist is higher than that of the whitelist.

Define security group

Define and deploy group policies

The system runs automatically

Security group reported by the system

Define user groups

True

False

Plan

Implementation

termination

Monitoring

Data preprocessing

Threat determination

Distributed storage

Distributed index

Only packets in one direction pass through the firewall

The same message passes through the firewall multiple times

IPS underreporting

Excessive traffic causes the Bypass function to be enabled

The basic mode can effectively block the access from the Feng Explor client.

The bot tool does not implement a complete HTTP protocol stack and does not support automatic redirection, so the basic mode can effectively defend against HTTP Flood attacks.

hit.

When there is an HTTP proxy server in the network, the firewall will add the IP address of the proxy server to the whitelist, but it will recognize the basic source of the zombie host.

The certificate is still valid.

The basic mode will not affect the user experience, so the defense effect is higher than the enhanced mode.

MAC Address format

Fixed username form

DHCP Option format

ARP Option format

It is impossible to detect violations of security policies.

It can detect all kinds of authorized and unauthorized intrusions.

Unable to find traces of the system being attacked.

is an active and static security defense technology.

155955cc-666171a2-20fac832-0c042c0425

The AAA server saves information such as usernames and passwords for authentication of access users.

The Web server saves information such as user names and passwords for authentication of access users.

The AAA server is used to push the Portal authentication page to the user.

The web server is used to push the Portal authentication page to the user.

The management server of the management center is responsible for the cleaning of abnormal flow, as well as the collection and analysis of business data, and storage, and is responsible for the summary

The stream is reported to the management server for report presentation.

The data coking device is responsible for the cleaning of abnormal flow, the centralized management and configuration of equipment, and the presentation of business reports.

The data collector and management server support distributed deployment and centralized deployment. Centralized deployment has good scalability.

The management center is divided into two parts: management server and teaching data collector.

Certificate encryption

AES encryption

PSK encryption

Plaintext encryption

Double click on the desktop"Start Server"The shortcut starts.

choose"Start>all programs> Huawei> MCServer> StartServer.

choose"Start>all programs> Huawei> Agile Controller> Server Startup Config"To manually start the required components.

choose"Start 3 all programs> Huawei> MCServer> Sever Startup Conig",Manually start the required components

bandwidth

Forwarding priority

Authority

Strategy

Enhanced mode refers to the authentication method using verification code.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

The enhanced mode is superior to the basic mode in terms of user experience.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

The mobile office platform is safe and reliable and goes online quickly.

Users can access the network safely and quickly.

Unified terminal management and fine control.

Network gateway deployment

1812

1813

8443

8080

The data boy is huge

A wide variety of data

Low value density

Slow processing speed

Software and Patch

sharing information and system account information

System Log

processes, services and startup

③④

①③④

⑤⑥

②④