Summer Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

Huawei Certified ICT Professional - Constructing Terminal Security System Question and Answers

Huawei Certified ICT Professional - Constructing Terminal Security System

Last Update May 21, 2024
Total Questions : 201

We are offering FREE H12-723 Huawei exam questions. All you do is to just go and sign up. Give your details, prepare H12-723 free exam questions and then go for complete pool of Huawei Certified ICT Professional - Constructing Terminal Security System test questions that will help you more.

H12-723 pdf

H12-723 PDF

$35  $99.99
 Add to Cart
H12-723 Engine

H12-723 Testing Engine

$42  $119.99
 Add to Cart
H12-723 PDF + Engine

H12-723 PDF + Testing Engine

$56  $159.99
 Add to Cart
Questions 1

Which statement is wrong about SA principle configuration?

Options:

A.  

feature detection to identify the different applications by matching message feature and Knowledge Base feature set

B.  

reduces the maximum number of packets detection threshold, can reduce the sas module identification number of packets, thus improve the recognition rate agreement

C.  

There are some protocol packets are carried in other agreements, enable sa whole packet inspection can better detect such messages

D.  

Configure SA associated protocol identification is mainly used for the same data stream signaling channel and data channel associated with the identification , and thus identify protocol

Discussion 0
Questions 2

In Portal authentication, which of the following parameters must be configured on the switch? (Multiple choice)

Options:

A.  

Portal server IP

B.  

Portal page URL

C.  

shared-key

D.  

Portal Protocol version

Discussion 0
Questions 3

Hardware in useSACG At the time of certification,SACG After the configuration is completed, you can seeSACG andAgile Agile Controller-Campus The linkage is successful, but the user authentication fails. This phenomenon may be caused by the following reasons? (Multiple choice)

Options:

A.  

User flow has not passed SACG.

B.  

SACG There is no release on the user stream.

C.  

SACG There is no closed state detection on it.

D.  

Agile Controller-Campus On and SACG Wrong key configuration for linkage

Discussion 0
Questions 4

Visitor management can authorize visitors based on their account number, time, location, terminal type, access method, etc., and can also push personalized pages to visitors based on time, location, and terminal type.

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 5

In the terminal security all-round defense system, use PPT-PDCA The model can effectively implement terminal security defense. Which of the following options does not belong to PPT Model?

Options:

A.  

technology

B.  

Process

C.  

organization

D.  

plan

Discussion 0
Questions 6

After opening IP strategy, found part of the business fails, what are the possible reasons? (Choose 2 answers)

Options:

A.  

message through the firewall only one direction

B.  

the same message repeatedly through the firewall

C.  

IP omission

D.  

heavy traffic cause Bypass features enabled

Discussion 0
Questions 7

User access authentication technology does not include which of the following options?

Options:

A.  

Authentication

B.  

Isolation repair'

C.  

Security check

D.  

Access control

Discussion 0
Questions 8

Which of the following statement is not correct about application and identification of knowledge base upgrade?

Options:

A.  

When USG device unable to connect to the Internet, you can choose local upgrade

B.  

When the USG devices can connect to the Internet, can upgrade manually and automatically

C.  

The upgrade process of abnormal will not be able to return to the original Knowledge base

D.  

You can configure the automatic save function, after saving the upgrade application control is configured as system configuration

Discussion 0
Questions 9

In centralized networking, database,SM server,SC server\ AE Servers are centrally installed in the corporate headquarters. This networking method is suitable for companies with a wide geographical distribution of users and a large number of users.

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 10

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

Options:

A.  

As Agile Controller-Campus The management center is responsible for formulating the overall strategy.

B.  

As Agile Controller-Campus The management interface is used to configure and monitor the system.

C.  

Integrated with standards RADIUS server,Porta Server, etc., responsible for linking with network access equipment to realize user-based network access control Strategy.

D.  

As Agile Controller-Campus ’S security assistance server, responsible for iRadar Analysis and calculation of reported security incidents.

Discussion 0
Questions 11

The administrator issues notices to users in the form of announcements, such as the latest software and patch installation notices. Which of the following options of the announcement is incorrect?

Options:

A.  

Announcements can be issued by the security department

B.  

The terminal must have a proxy client installed to receive announcements.

C.  

If the system issues an announcement and the proxy client is not online, the announcement information will not be received after going online.

D.  

Announcements can be issued by account.

Discussion 0
Questions 12

The AD/LDAP account can be synchronized to the Agile Controller-Campus or not to the Agile Controller-Campus. Synchronize.

The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.

Authorization

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 13

URL filtering, according to the classification of the remote or local classification, the user can create multiple urls strategy, determines the corresponding processing action in URL strategies, a URL strategy was applied to the domain, which can realize the corresponding URL filtering.

Options:

A.  

TRUE

B.  

FALSE

Discussion 0
Questions 14

Which of the following options is about SACG The description of the online process is wrong?

Options:

A.  

Terminal and Agile Controller-Campus Server communication SSL encryption

B.  

Authentication fails, end users can only access resources in the pre-authentication domain

C.  

Security check passed,Agile Controller-Campus Server notification SACG Will end user's IP Address switch to isolated domain

D.  

Agile Controller-Campus Server gives SACG Carrying domain parameters in the message

Discussion 0
Questions 15

Security authentication is mainly achieved through security policies. The terminal host support management for the security check of monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 16

Regarding the role of each role in the Portal authentication framework, which of the following descriptions are correct? (multiple choice)

Options:

A.  

The AAA server saves information such as usernames and passwords for authentication of access users.

B.  

The Web server saves information such as user names and passwords for authentication of access users.

C.  

The AAA server is used to push the Portal authentication page to the user.

D.  

The web server is used to push the Portal authentication page to the user.

Discussion 0
Questions 17

Portal authentication on the Agile Controller-Campus has been configured and is correct.

Configure the following commands on the access control switch:

[S5720] authentication free-rule 1 destination ip 10.1.31.78 mask 255.255. 255.255

Which of the following options are correct? (multiple choice)

Options:

A.  

After the configuration is complete, the switch will automatically release the data flow to access the security controller,No need for manual configuration by the administrator.

B.  

This configuration allows users to access network resources before authentication.

C.  

After the configuration is complete, the administrator still needs to manually configure the release network segment

D.  

Only after the authentication is passed, the terminal can access 10.1.31.78 Host.

Discussion 0
Questions 18

Regarding the description of the account blacklist, which of the following options is wrong?

Options:

A.  

The automatic account lock and manual account lock functions cannot be activated at the same time.

B.  

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

C.  

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

D.  

Manually lock the account and delete it from the list, the lock of the account will be released.

Discussion 0
Questions 19

In a WLAN network, when the AP is in monitoring mode, what kind of packets does the AP use to determine the device type?

Options:

A.  

DHCP

B.  

ARP

C.  

CAPWAP

D.  

802.11MAC

Discussion 0
Questions 20

URL filtering configure exact match www.test.com/news field, then not meet the URL of the filtering strategy include:

Options:

A.  

http://www.test.com/news

B.  

www.test.com/news/

C.  

WWW.TEST.COM/news

D.  

www.test.com/news.aspx

Discussion 0
Questions 21

Use the command on the switch to view the status of free mobility deployment, the command is as follows:

For the above command, which of the following descriptions is correct?

Options:

A.  

The control server address is 10.1.10.34

B.  

The authentication device address is 10.1.31.78

C.  

Status is"Working"Indicates that the switch and Controller Linkage is successful

D.  

current Controller The server is backup n

Discussion 0
Questions 22

When configuring the antivirus software policy, if you set"The required antivirus software violation level is not installed or running"for"generally"And check"out Now serious violation of the rules prohibits access to the network"Options. When the user uses Any office Certify, The certification is passed, but the result of the security check Can the user access the network when the virus software is not turned on?

Options:

A.  

Can access the network? Can also access network resources.

B.  

Cannot access the network.

C.  

Can pick up? The network needs to be repaired before you can access network resources.

D.  

You can access the network, but you need to re-authenticate to access network resources.

Discussion 0
Questions 23

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

Options:

A.  

WIDS Is a wireless intrusion prevention system

B.  

WIPS Wireless intrusion detection system

C.  

WIDS Is a wireless intrusion countermeasure system

D.  

WIPS Is a wireless intrusion prevention system

Discussion 0
Questions 24

Webmail filter support Intranet users receive mail filtering.

Options:

A.  

TRUE

B.  

FALSE

Discussion 0
Questions 25

Which of the following options is not included in the mobile terminal life cycle?

Options:

A.  

Obtain

B.  

deploy

C.  

run

D.  

Uninstall

Discussion 0
Questions 26

In a centralized networking, the database, SM server, SC server, and AE server are all centrally installed in the corporate headquarters. This networking method is suitable. It is used for enterprises with a wide geographical distribution of users and a large number of users.

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 27

An account can belong to multiple roles, that is, a user may hold multiple positions.

Options:

A.  

right

B.  

wrong

Discussion 0
Questions 28

Regarding CAPWAP encryption, which of the following statements is wrong?

Options:

A.  

CAPWAP The data tunnel can be used DTLS Encrypted.

B.  

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.  

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.  

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Discussion 0
Questions 29

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

Options:

A.  

172.18.11.221 It is the server of the isolation domain.

B.  

The escape route was opened.

C.  

172.18.11.223 It is a post-domain server.

D.  

The terminal host stream is the default ACL Blocked.

Discussion 0
Questions 30

Which of the following cybersecurity threats exist only in WLAN In the network?

Options:

A.  

Brute force

B.  

Crowd attack

C.  

DoS Denial of service attack

D.  

Weak IV attack

Discussion 0
H12-723 Questions Answers | H12-723 Test Prep | Huawei Certified ICT Professional - Constructing Terminal Security System Questions PDF | H12-723 Online Exam | H12-723 Practice Test | H12-723 PDF | H12-723 Test Questions | H12-723 Study Material | H12-723 Exam Preparation | H12-723 Valid Dumps | H12-723 Real Questions | HCIP-Security H12-723 Exam Questions