Labour Day Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

HCIP-Security (Fast track) V1.0 Question and Answers

HCIP-Security (Fast track) V1.0

Last Update May 1, 2024
Total Questions : 367

We are offering FREE H12-724 Huawei exam questions. All you do is to just go and sign up. Give your details, prepare H12-724 free exam questions and then go for complete pool of HCIP-Security (Fast track) V1.0 test questions that will help you more.

H12-724 pdf

H12-724 PDF

$35  $99.99
 Add to Cart
H12-724 Engine

H12-724 Testing Engine

$42  $119.99
 Add to Cart
H12-724 PDF + Engine

H12-724 PDF + Testing Engine

$56  $159.99
 Add to Cart
Questions 1

Abnormal detection is to establish the normal behavior characteristic profile of the system subject through the analysis of the audit data of the system: check if the audit data in the system

If there is a big discrepancy with the normal behavior characteristics of the established subject, it is considered an intrusion. Nasu must be used as the system subject? (multiple choice)

Options:

A.  

Host

B.  

A group of users

C.  

Single user

D.  

A key program and file in the system

Discussion 0
Questions 2

Regarding the way SACG devices connect to the network, which of the following descriptions are correct? (multiple choice)

Options:

A.  

SACG The equipment requires Layer 3 intercommunication with the terminal.

B.  

SACG It is usually connected to the core switch equipment and uses policy routing to divert traffic.

C.  

SACG Support hanging on non-Huawei devices.

D.  

SACG Equipment requirements and Agile Controller-Campus Interoperability on the second floor.

Discussion 0
Questions 3

Portal The second-level authentication method of authentication refers to the direct connection between the client and the access device(Or only layer devices exist in between),The device can learn the user’s MAC Address and can be used IP with MAC Address to identify the user.

Options:

A.  

True

B.  

False

Discussion 0
Questions 4

In Huawei USG6000 products, IAE provides an integrated solution, all content security detection functions are integrated in a well-designed

In the high-performance engine. Which of the following is not the content security detection function supported by this product?

Options:

A.  

Application recognition and perception

B.  

URL classification and filtering

C.  

Video content filtering

D.  

Intrusion prevention

155955cc-666171a2-20fac832-0c042c048

Discussion 0
Questions 5

What are the typical technologies of anti-virus engines (multiple choice)

Options:

A.  

First package detection technology

B.  

Heuristic detection technology

C.  

Decryption technology

D.  

File reputation detection technology 5

Discussion 0
Questions 6

If the Huawei USG600 product uses its own protocol stack cache for all files passing through the device and then performs a virus scan, then the device uses

It is the stream scanning method.

Options:

A.  

True

B.  

False

Discussion 0
Questions 7

In the visitor reception hall of a company, there are many temporary terminal users, and the administrator hopes that users do not need to provide any account numbers and passwords. access Internet. Which of the following authentication methods can be used for access?

Options:

A.  

Local account authentication

B.  

Anonymous authentication

C.  

AD Account Verification

D.  

MAC Certification

Discussion 0
Questions 8

Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

Options:

A.  

True

B.  

False

Discussion 0
Questions 9

In the park, users frequently enter and leave the wireless signal coverage area due to office needs. If you need to ensure the user's Internet experience, after the user passes an authentication, when he accesses the network again, no important authentication is required:Which of the following authentication methods is recommended?

Options:

A.  

MAC Certification

B.  

82.1 Certification

C.  

Portal Certification

D.  

MAC(prioritized

Discussion 0
Questions 10

The administrator of a certain enterprise wants employees of Yangzhi to visit the shopping website during working hours. So a URL filtering configuration file is configured to divide the predefined

The shopping website in the category is selected as blocked. But employee A can still use the company's network to shop online during lunch break. Then what are the following possible reasons

some?

Options:

A.  

The administrator has not set the time to vote every day from 9:00 to 18:00

B.  

The shopping website does not belong to the predefined shopping website category

C.  

The administrator did not submit the configuration after completing the configuration.

D.  

The administrator has not applied the URL pass-through configuration file to the security policy.

Discussion 0
Questions 11

According to different reliability requirements, centralized networking can provide different reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Options:

A.  

Basic networking includes deploying one SM Server, one SC Server, one DB and a AE server.

B.  

AE In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SC server.

C.  

SC In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SM server.

D.  

DB In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup DB..

Discussion 0
Questions 12

Visitors can access the network through their registered account. Which of the following is not an account approval method?

Options:

A.  

Exemption from approval

B.  

Administrator approval

C.  

Receptionist approval

D.  

Self-approved by visitors

Discussion 0
Questions 13

Agile Controller-Campus The system can manage the software installed on the terminal, define the black and white list of software, and assist the terminal to install necessary software and uninstall the software that is not allowed to be installed by linking with the access control equipment,Regarding the definition of black and white lists, which of the following statements is correct?

Options:

A.  

Check for prohibited software licenses and sub-licensed software

B.  

Check for prohibited software

C.  

Check for prohibited software and software that must be installed

D.  

Check the software that must be installed

Discussion 0
Questions 14

About in WLAN User isolation technology is used in the networking environment. Which of the following statements is wrong?

Options:

A.  

User isolation between groups means that users in different groups cannot communicate, but internal users in the same group can communicate

B.  

Isolation within a user group means that users within the same group cannot communicate with each other.

C.  

The user isolation function is related to the same AP Layer 2 packets between all wireless users on the Internet cannot be forwarded to each other

D.  

Intra-group isolation and inter-group isolation cannot be used at the same time

Discussion 0
Questions 15

Which of the following statement on the scanner is wrong?

Options:

A.  

When deploying NAC Agent, can use scanner to scan and assess the number of installed and non-installed agent.

B.  

When the terminal NAC Agent uninstall, the scanner can send alarm information.

C.  

the scanner by the SNMP protocol to obtain network equipment resources information.

D.  

scanner and Policy Center controller linkage scan tasks.

Discussion 0
Questions 16

Regarding the description of the account blacklist, which of the following options is wrong?

Options:

A.  

The automatic account lock and manual account lock functions cannot be activated at the same time.

B.  

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

C.  

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

D.  

Manually lock the account and delete it from the list, the lock of the account will be released.

Discussion 0
Questions 17

For compressed files, the virus detection system can directly detect them.

Options:

A.  

True

B.  

False

Discussion 0
Questions 18

Network attacks are mainly divided into two categories: single-packet attacks and streaming attacks. Single-packet attacks include scanning and snooping attacks, malformed packet attacks, and special reports.

Wen attack.

Options:

A.  

True

B.  

False

Discussion 0
Questions 19

USG6000V software logic architecture is divided into three planes: management plane, control plane and

Options:

A.  

Configuration plane

B.  

Business plane

C.  

Log plane

D.  

Data forwarding plane

Discussion 0
Questions 20

Which of the following options is correct for the description of the Anti DDoS system configuration?

Options:

A.  

Configure drainage and re-injection on the testing equipment.

B.  

Configure port mirroring on the cleaning device.

C.  

Add protection objects on the management center.

D.  

Configure drainage and re-injection on the management center.

Discussion 0
Questions 21

Which of the following is the correct configuration idea for the anti-virus strategy?

1. Load the feature library

2. Configure security policy and reference AV Profile

3. Apply and activate the license

4. Configure AV Profile

5. Submit

Options:

A.  

3->1->4->2->5

B.  

3->2->4->1->5

C.  

3->2->1->4->5

D.  

3->1->2->4->5

Discussion 0
Questions 22

The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.

Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

Options:

A.  

TCP packets

B.  

UDP packet

C.  

ICMP message

D.  

FTP message

Discussion 0
Questions 23

The traditional campus network is based on IP As the core network, if there are mobile office users, which of the following options is not the problem that mobile office users face when deploying access authentication?

Options:

A.  

The user distribution range is large, and the access control requirements are high.

B.  

The deployment of the access control strategy is significant.

C.  

Access rights are difficult to control.

D.  

User experience technology

Discussion 0
Questions 24

Location refers to the end user's use AC-Campus The terminal environment when accessing the controlled network office. Which of the following options is correct for the description of the place?

Options:

A.  

Different places can have different security policies.

B.  

The location has nothing to do with safety.

C.  

There can only be one place in the company.

D.  

Place and location have nothing to do.

Discussion 0
Questions 25

What content can be filtered by the content filtering technology of Huawei USG6000 products? (multiple choice)

Options:

A.  

Keywords contained in the content of the uploaded file

B.  

Keywords contained in the downloaded file

C.  

File type

D.  

File upload direction 335

Discussion 0
Questions 26

The virus signature database on the device needs to be continuously upgraded from the security center platform. Which of the following is the website of the security center platform?

Options:

A.  

sec. huawei. com.

B.  

support.huaver: com

C.  

www. huawei. com

D.  

security.. huawei. com

Discussion 0
Questions 27

Regarding the anti-spam response code, which of the following statements is wrong?

Options:

A.  

The response code will vary depending on the RBL service provider.

155955cc-666171a2-20fac832-0c042c046

B.  

USG treats mails that match the answer code as spam.

C.  

If the response code is not returned or the response code is not configured on the USG, the mail is released.

D.  

The response code is specified as 127.0.0.1 in the second system.

Discussion 0
Questions 28

Regarding the basic principles of user access security, it is wrong not to list any description?

Options:

A.  

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates with the authentication server to complete the user Authentication.

B.  

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, and terminal Information such as the patch version installed on the device.

C.  

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

D.  

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Discussion 0
Questions 29

There are two types of accounts on the Agile Controller-Campus: one is a local account and the other is an external account.

Which of the following is not a local account?

Options:

A.  

Ordinary account

B.  

Guest account

C.  

Anonymous account

D.  

Mobile certificate account

Discussion 0
Questions 30

The results of the RBL black and white list query on the firewall are as follows:

Based on the above information only, which of the following statements is correct? (multiple choice)

Options:

A.  

Mail with source address 10.17.1.0/24 will be blocked

B.  

Mail with source address 10.18.1.0/24 will be blocked

C.  

Mail with source address 10.17.1.0/24 will be released

D.  

Mail with source address 10.18.1.0/24 will be released

Discussion 0
Questions 31

MAC Certification refers to 802.1x In the protocol authentication environment, the terminal does not respond to the connection control device after accessing the network 802.1x When protocol authentication is requested, the access control does not automatically obtain the terminal’s MAC The address is sent as a credential to access the network RADIUS The server performs verification.

Options:

A.  

True

B.  

False

Discussion 0
Questions 32

Regarding intrusion prevention, which of the following option descriptions is wrong

Options:

A.  

Intrusion prevention is a new security defense technology that can detect and prevent intrusions.

B.  

Intrusion prevention is a security mechanism that detects intrusions (including buffer overflow attacks, Trojan horses, worms, etc.) by analyzing network traffic

C.  

Intrusion prevention can block attacks in real time.

D.  

Intrusion prevention technology, after discovering an intrusion, the firewall must be linked to prevent the intrusion

Discussion 0
Questions 33

The following figure is a schematic diagram of the detection file of the firewall and the sandbox system linkage.

The Web reputation function is enabled on the firewall, and website A is set as a trusted website and website B is set as a suspicious website.

Which of the following statements is correct

Options:

A.  

The files obtained by users from website A and website B will be sent to the inspection node for inspection.

B.  

When a user visits website B, although the firewall will extract the file and send it to the detection node, the user can still access normally during the detection process

Site

B.  

C.  

After the detection node detects the suspicious file, it not only informs the firewall in the figure of the result, but also informs other network devices connected to it.

D.  

Assuming that website A is an unknown website, the administrator cannot detect the traffic file of this website sC

Discussion 0
Questions 34

SQI Server2005 may not be properly installed, which of the following may be the possible reasons?

Options:

A.  

1433 port are occupied by the other processes

B.  

equipment 21 port is occupied

C.  

without prior installation of Microsoft SQL Server 2005 Toolkit

D.  

The operating system is Microsoft Windows Server 2003

Discussion 0
Questions 35

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

Options:

A.  

The action of signing iD3000 is an alarm

B.  

The action of signing ID3000 is to block

C.  

Unable to determine the action of signature ID3000

D.  

The signature set is not related to the coverage signature

Discussion 0
Questions 36

SACG query right-manager information as follows, which options are correct? (Select 2 answers)

Options:

A.  

SACG and IP address 2.1.1.1 server linkage is not successful

B.  

SACG linkage success with controller.

C.  

master controller IP address is 1.1.1.2.

D.  

master controller IP address is 2.1.1.1.

Discussion 0
Questions 37

The following commands are configured on the Huawei firewall:

[USG] firewall defend ip-fragment enable

Which of the following situations will be recorded as an offensive behavior? (multiple choice)

Options:

A.  

DF, bit is down, and MF bit is also 1 or Fragment Offset is not 0,

155955cc-666171a2-20fac832-0c042c047

B.  

DF bit is 023, MF bit is 1 or Fragment Offset is not 0,

C.  

DF bit is 0, and Fragment Offset + Length> 65535.

D.  

The DF bit is 1, and Fragment Ofset + Length <65535.

Discussion 0
Questions 38

How to check whether the SM and SC silverware start normally after installing the Agile Controller-Campus) (multiple delivery)

Options:

A.  

Open https://SM server IP:8943 in the browser, enter the account admin and the default password Changeme123, if the login is successful, it will be explained. The SIM components are normal.

B.  

After logging in to SC, select Resources>Users>User Management to create a common account. Open https://SM server IP:8447 in the browser newauth, if you can successfully log in using the account created in the previous step, the SM component is normal.

C.  

Open https://SC Server IP:8443 in the browser and enter the account admin and the default password Changeme123. If the login is successful, it will be explained. The SC component is normal.

D.  

After logging in to SM, select Ziyuan>User>User Management, and Xinlu has a common part number. Open https://SC server IP:8447 newauth in the browser. If you can successfully log in with the account created in the previous step, it means that the SC component is Wang Chang.

Discussion 0
Questions 39

There are three roles in the XMPP protocol: server, gateway, and client. Corresponding to the free mobility solution: Agile Controller-Campus as For the server, Huawei USG6000 series firewall acts as the gateway; the agile switch acts as the client.

Options:

A.  

True

B.  

False

Discussion 0
Questions 40

Single-packet attacks are divided into scanning and snooping attacks, malformed packet attacks, and special packet attacks. Ping of death is a special packet attack.

Options:

A.  

True

B.  

False

Discussion 0
Questions 41

Portal authentication on the Agile Controller-Campus has been configured and is correct.

Configure the following commands on the access control switch:

[S5720] authentication free-rule 1 destination ip 10.1.31.78 mask 255.255. 255.255

Which of the following options are correct? (multiple choice)

Options:

A.  

After the configuration is complete, the switch will automatically release the data flow to access the security controller,No need for manual configuration by the administrator.

B.  

This configuration allows users to access network resources before authentication.

C.  

After the configuration is complete, the administrator still needs to manually configure the release network segment

D.  

Only after the authentication is passed, the terminal can access 10.1.31.78 Host.

Discussion 0
Questions 42

The use of the 802.1X authentication scheme generally requires the terminal to install specific client software. For large-scale deployment of client software, the methods that can be taken. What are the cases? (multiple choices)

Options:

A.  

Enable Guest VLAN so that users can obtain the installation package in Guest VLAN

B.  

Configure Free-rule and web push functions on the switch to push the installation package to users.

C.  

Copy the installation packages to each other via U disk.

D.  

Installed by the administrator for each user.

Discussion 0
Questions 43

Regarding WLAN, which of the following descriptions is correct?

Options:

A.  

WLAN Is to adopt 80211 Technical WiFi

B.  

WLAN There are two basic architectures: FAT AP with AC+FIT AP

C.  

AC+FATAP The architecture is suitable for medium and large use scenarios

D.  

AC+FITAP Autonomous network architecture

Discussion 0
Questions 44

If the regular expression is "abc. de", which of the following will not match the regular expression?

Options:

A.  

abcde

B.  

abcdde

C.  

abclde

D.  

abc+de

Discussion 0
Questions 45

Under the CLI command, which of the following commands can be used to view the AV engine and virus database version?

Options:

A.  

display version av-sdb

B.  

display utm av version

C.  

display av utm version

D.  

display utm version

Discussion 0
Questions 46

In the big data intelligent security analysis platform, it is necessary to collect data from data sources, and then complete a series of actions such as data processing, detection and analysis, etc.

do. Which of the following options does not belong to the action that needs to be completed in the data processing part?

155955cc-666171a2-20fac832-0c042c0422

Options:

A.  

Data preprocessing

B.  

Threat determination

C.  

Distributed storage

D.  

Distributed index

Discussion 0
Questions 47

The administrator has defined two key words that need to be recognized on the firewall: the weight of the keyword x is 2, and the weight of the key y is 3: defined

The alarm interval value from the content is 5, and the blocking threshold value is 10. If the device detects that there is a secondary key space x in the webpage created by the user, the two keywords are

Y; Regarding the weight value and monthly household visits to Heshun Street, is the following statement correct?

Options:

A.  

The weight value is 8, you can visit the web page

B.  

The weight value is 10, and the page cannot be accessed

C.  

The weight value is 8, the page cannot be accessed

D.  

The weight value is 10, you can ask the web page before

Discussion 0
Questions 48

Which of the following is not an abnormal situation of the file type recognition result?

Options:

A.  

The file extension does not match.

B.  

Unrecognized file type

C.  

File corruption

D.  

The file is compressed

Discussion 0
Questions 49

Portal At the time of certification, pass Web After the browser enters the account password for authentication, it prompts"Authenticating.."The status lasts for a long time before it shows that the authentication is successful. Which of the following reasons may cause this phenomenon?

Options:

A.  

Multiple Agile Controller The same terminal IP Address added Portal"Access terminal IP Address list",Some of them Agile Controller The server and the terminal cannot communicate normally.

B.  

Portal The template is configured with an incorrect password.

C.  

Agile Controller-Campus There are too many authorization rules on the "It takes a lot of time to find 835

D.  

Insufficient curtains of the terminal equipment result in a relatively large delay.

Discussion 0
Questions 50

Huawei WAF products are mainly composed of front-end execution, back-end central systems and databases. Among them, the database mainly stores the front-end detection rules and black

Whitelist and other configuration files.

A True

B. False

Options:

Discussion 0
Questions 51

Regarding the statement of the mail protocol, which of the following is correct? (multiple choice)

Options:

A.  

Using POP3, the client software will download all unread mails to the computer, and the mail server will delete the mails.

B.  

Use JIMAP; the client software will download all unread mails to the computer, and the mail server will delete the mails.

C.  

With IMAP, users can directly operate on the mail on the server, without downloading all the mails locally to perform various operations.

D.  

Using POP3, users can directly operate on the mail on the server without sending all mails to the local to perform various operations.

Discussion 0
Questions 52

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Options:

A.  

Planting malware

B.  

Vulnerability attack

C.  

Web application attacks

D.  

Brute force

Discussion 0
Questions 53

The IPS function of Huawei USG6000 supports two response methods: blocking and alarming.

Options:

A.  

True

B.  

False

Discussion 0
Questions 54

When configuring the antivirus software policy, if you set"The required antivirus software violation level is not installed or running"for"generally"And check"out Now serious violation of the rules prohibits access to the network"Options. When the user uses Any office Certify, The certification is passed, but the result of the security check Can the user access the network when the virus software is not turned on?

Options:

A.  

Can access the network? Can also access network resources.

B.  

Cannot access the network.

C.  

Can pick up? The network needs to be repaired before you can access network resources.

D.  

You can access the network, but you need to re-authenticate to access network resources.

Discussion 0
Questions 55

Which of the following options is about SACG The description of the online process is wrong?

Options:

A.  

Terminal and Agile Controller-Campus Server communication SSL encryption

B.  

Authentication fails, end users can only access resources in the pre-authentication domain

C.  

Security check passed,Agile Controller-Campus Server notification SACG Will end user's IP Address switch to isolated domain

D.  

Agile Controller-Campus Server gives SACG Carrying domain parameters in the message

Discussion 0