H12-724 Practice Exam Questions with Answers HCIP-Security (Fast track) V1.0 Certification

The biggest difference between the two is MAC Bypass authentication belongs to 802 1X Certification, while MAC Certification does not belong to 802 1X Certification.

If a network can connect to dumb terminals(printer,IP telephone), The text may be connected to a portable computer, please use MAC Bypass authentication:First try 802 1X Authentication, try again if authentication fails MAC Certification

If a network will only connect to dumb terminals(printer,IP telephone),please use MAC Certification in order to shorten the certification time.

MAC Authentication MAC One more bypass authentication 802 In the instrument certification process, the open time is longer than MAC The bypass authentication time is long.

True

False

The priority of the coverage signature is higher than that of the signature in the signature set.

When the "source security zone" is the same as the "destination security zone", it means that the IPS policy is applied in the domain.

Modifications to the PS policy will not take effect immediately. You need to submit a compilation to update the configuration of the IPS policy.

The signature set can contain either predefined signatures or custom signatures. 832335

MAC Certification

82.1 Certification

Portal Certification

MAC(prioritized

True

False

True

False

Is the strategy automatically deployed?

Choose the appropriate policy control point and user authentication point

Does the strategy deployment target a single user?

Does the strategy deployment target a single department?

remote control device

mail server

Internet behavior management equipment

log collection server

Local reputation MD5 cache only has static cache, which needs to be updated regularly

File reputation database can only be upgraded by manual upgrade

File reputation is to perform virus detection by calculating the full text MD5 of the file to be tested and matching it with the local reputation MD5 cache

File reputation database update and upgrade can only be achieved through linkage with sandbox

The user domain is generally composed of various terminal users. The terminals in this area have the characteristics of large numbers, wide distribution, and strong mobility.

The business domain is a platform for the heavy load of business flows. According to the needs of the enterprise, security technology is used to logically divide the business to realize the security of the network.

The network domain is the most concerned security protection area of various enterprises, and it carries the important and core information assets of the enterprise.

The service domain is the area that provides security services for the corporate intranet. This area is generally composed of systems that provide security services such as antivirus servers, patch management servers, and terminal security servers.

Prefix matching

Suffix matching

155955cc-666171a2-20fac832-0c042c043

Keyword matching

Exact match

True

False

First package detection technology

Heuristic detection technology

Decryption technology

File reputation detection technology 5

True

False

It is mainly used for real-time monitoring of the information of the critical path of the network, listening to all packets on the network, collecting data, and analyzing suspicious objects

Use the newly received network packet as the data source;

Real-time monitoring through the network adapter, and analysis of all communication services through the network;

Used to monitor network traffic, and can be deployed independently.

True

False

1-3-4-2-5-6-7-8

1-3-2-4-6-5-7-8

1-3-4-2-6-5-8-7

1-3-24-6-5-8-7

SACG Authentication is generally used in scenarios where a stable network performs wired admission control.

SACG Authentication is generally used in scenarios where new networks are used for wireless admission control.

SACG It is generally deployed in a bypass mode without changing the original network topology.

SACG Essentially through 802.1X Technology controls access users.

Press "0U" to synchronize

AO Synchronize by "group", "0U describes the organizational structure

AO Press "Group" "Synchronize," "Group" Jida organization structure

LDAP synchronization by "group"

default ACL The rule group number can be arbitrarily specified.

default ACL The rule group number can only be 3999.

due to SACG Need to use ACL3099-3999 To pick TSM The rules issued by the system, so in the configuration TSM Before linkage, you need to ensure these ACL Not referenced by other functions.

The original group number is 3099-3999 of ACL Even if it is occupied, it can be successfully activated TSM Linkage.

Visitor registration account can be configured to be exempt from approval

Guest login can only be configured as Web Way of webpage

Anonymous account authentication cannot be performed on the guest authentication page

Visitor account approval information can be notified to visitors via SMS

MAC authentication does not require users to install any client software.

The user name format used by MAC authentication is only one of MAC address user name format.

MAC authentication actually uses 802 1X authentication method.

MAC bypass authentication solves the situation of both 802.1x client authentication and MAC authentication in the same network environment.

Unable to detect new types of worms

The process of trying to log in to the system is recorded

Use Ping to perform network detection and be alerted as an attack

Web-based attacks are not detected by the system

Complete virus sample

Complete Trojan Horse

Specific behavior patterns

Security Policy

Enhanced mode refers to the authentication method using verification code.

Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense

Effective, enhanced mode can effectively defend.

The enhanced mode is superior to the basic mode in terms of user experience.

Enhanced mode supports all HTTP Flood source authentication fields. "

WWQQ: 922333

2-3-4-1

1-2-4-3

1-4-2-3

2-1-4-3

User flow has not passed SACG.

SACG There is no release on the user stream.

SACG There is no closed state detection on it.

Agile Controller-Campus On and SACG Wrong key configuration for linkage

Page customization stage

Account application stage

User authentication phase

Audit and cancellation stage

True

False

True

False

MAC Address format

Fixed username form

DHCP Option format

ARP Option format

The detection center is mainly to pull and clean the attack flow according to the control strategy of the security management center, and re-inject the cleaned normal flow back to the customer.

User network, send to the real destination.

The management center mainly completes the processing of attack events, controls the drainage strategy and cleaning strategy of the cleaning center, and responds to various attack events and attack flows.

View in categories and generate reports.

The main function of the Green Washing Center is to detect and analyze DDoS attack traffic on the flow from mirroring or splitting, and provide analysis data to

The management center makes a judgment.

The firewall can only be used for inspection equipment

8021X Certification

SACG Certification p2-

Bypass authentication

Portal Certification

abcde

abcdde

abclde

abc+de

Block

Declare

Alarm

Execution

Primary IP: 10.1.3.6 on behalf of SM Manager IP address.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another interface IP address of the firewall.

Primary IP: 10.1.3.6 on behalf of Policy Center linkage firewall interface IP address, the standby IP can enter another alternate firewall interface IP address.

Main IP is the Policy Center reaches the next-hop firewall device interface address

When deploying NAC Agent, can use scanner to scan and assess the number of installed and non-installed agent.

When the terminal NAC Agent uninstall, the scanner can send alarm information.

the scanner by the SNMP protocol to obtain network equipment resources information.

scanner and Policy Center controller linkage scan tasks.

True

False

True

False

4-1-2-3

1-4-2-3

1-3-2-4

2-4-1-3:

User domain

Network domain

Business domain:

Attack domain

True

False

The weight value is 8, you can visit the web page

The weight value is 10, and the page cannot be accessed

The weight value is 8, the page cannot be accessed

The weight value is 10, you can ask the web page before

Double click on the desktop"Start Server"The shortcut starts.

choose"Start>all programs> Huawei> MCServer> StartServer.

choose"Start>all programs> Huawei> Agile Controller> Server Startup Config"To manually start the required components.

choose"Start 3 all programs> Huawei> MCServer> Sever Startup Conig",Manually start the required components

Different places can have different security policies.

The location has nothing to do with safety.

There can only be one place in the company.

Place and location have nothing to do.

exist Any Office When logging in with an account for the first time, the terminal host is automatically bound to the current account, but the automatic binding process requires administrator approval

When other accounts need to be authenticated on the bound terminal host, there is no need to find the asset owner who is bound for the first time to authorize themselves.

Binding terminal hosts and accounts is only applicable to terminal users through Any Office Scenarios for authentication, Not applicable Web Agent Plugins and Web The scenario where the client authenticates.

There are only consoles in the account binding terminal host, which cannot be configured by the administrator.

The client is Any 0fice software.

Portal The role of the server is to receive client authentication requests, provide free portal services and authentication interfaces, and exchange client authentication information with access devices.

RADIUS The role of the server is to authenticate all the users in the network segment HTTP Requests are redirected to Portal server.

The role of admission control equipment is to complete the authentication, authorization and accounting of users.