H12-724 HCIP-Security (Fast track) V1.0 Questions and Answers

MAC Certification required Portal Server cooperation.

MAC Certification is passed 802.1X Implementation of the agreement.

MAC Authentication requires obtaining the terminal’s MAC The address is stored in AAA server.

NAS Device Configuration MAC After authentication, the terminal’s MAC The address is used as the username and password.

True

False

Press "0U" to synchronize

AO Synchronize by "group", "0U describes the organizational structure

AO Press "Group" "Synchronize," "Group" Jida organization structure

LDAP synchronization by "group"

CAPWAP The data tunnel can be used DTLS Encrypted.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Direction is not enabled

The direction is turned on, but no specific direction is selected

The severity level of the configuration is too high

The protocol selection technique is correct

example

www. abc. example. com

www.abc. example

example. com

True

False

Disclosure of personal information

Threats to the internal network

Leaking corporate information

Increasing the cost of enterprise network operation and maintenance

Checking strategies are mainly used to check some static settings of the terminal, such as whether the screen saver is set, whether the antivirus software is installed; whether there is illegal Outreach etc. z00

Monitoring strategies are mainly used for real-time monitoring of events that occur in the system, such as whether anti-virus software is installed and whether PPPOE dial-up access is used Network, etc.-Once an incident is detected, some control can be taken.

The security check strategy only includes two types of end-host check-type strategies and end-user behavior check-type strategies.

Terminal host security management is mainly implemented by inspection strategies, and end user behavior management is mainly implemented by monitoring strategies.

True

False

When adding accounts individually, you can choose to create them individually.

If there are a lot of users, you can choose to create in batches.

If there are many users, you can choose database synchronization

In order to facilitate management and improve user experience, self-registration can be used.

By IP addresses

By terminal type

By account

By user information

When the file source is an internal data source, when distributing software, the business manager will only send the path of the data source of the software to be distributed to Any Office

When the file source is an external data source, Any 0fce will obtain the software to be distributed.

External data sources cannot distribute files from FTP-type file servers.

The Microsoft Windows file sharing server uses the UNC (Universal Naming Conversion) path (beginning with "\\") to provide waiting. The path to distribute the software.

True

False

The business management plane focuses on administrators, authentication servers, and policy servers.

The network equipment plane focuses on user terminals and static resources.

The user plane focuses on authentication points and policy enforcement points.

The business free mobility logic architecture includes a management subsystem, an authentication and authorization subsystem, and a business strategy subsystem.

You can check whether there is a weak password.

You can check whether the account has joined a specific group.

It cannot be repaired automatically._

It is not possible to check whether the password length meets the requirements.

Event extraction, intrusion analysis, reverse intrusion and remote management.

Incident extraction, intrusion analysis, intrusion response and on-site management.

Incident recording, intrusion analysis, intrusion response and remote management.

Incident extraction, intrusion analysis, intrusion response and remote management.

Infrastructure security

Tenant security

How to do a good job in management, operation and maintenance

Hardware maintenance

4-1-2-3

1-4-2-3

1-3-2-4

2-4-1-3:

Lack of effective protection against application layer threats.

It cannot effectively resist the spread of viruses from the Internet to the intranet.

Ability to quickly adapt to changes in threats.

Unable to accurately control various applications, such as P2P, online games, etc. .

Create new account

Use existing social media accounts

No authentication, no account required

Scan public QR code

Patch management and Windows The patch check strategy can check whether the terminal host has installed the specified Windows Make system patches.

Windows Patch check strategy focuses on checking whether the terminal host is installed Windows Operating system patches.

When the terminal host does not install the specified Windows When making a system patch, according to Windows The patch check policy prohibits terminal hosts from accessing the controlled network.

Patch management focuses on checking whether the terminal host has installed the specified patch,Perform access control on the terminal host.

True

False

True

False

HTTPS Flood defense modes include basic mode, enhanced mode and 302 redirection.

HTTPS Flood defense can perform source authentication by limiting the request rate of packets.

The principle of HTTPS Flood attack is to request URIs involving database operations or other URIs that consume system resources, causing server resource consumption.

Failed to respond to normal requests.

The principle of HTTPS Flood attack is to initiate a large number of HTTPS connections to the target server, causing the server resources to be exhausted and unable to respond to regular requests.

begging.

Agile Controller-Campus There is no corresponding user on.

switch AAA Configuration error.

The switch is not turned on Portal Function.

Portal The push page on the server is wrong.

First package detection technology

Heuristic detection technology

Decryption technology

File reputation detection technology 5

True

False

True

False

1812

1813

50200

50300

TCP packets

UDP packet

ICMP message

FTP message

Page customization stage

Account application stage

User authentication phase

Audit and cancellation stage

NAC Agent support MAC account login.

Web page login for authentication and can perform checks Strategy.

Web Agent login for identity certification and security certification.

NAC Agent cannot be installed on Windows Vista operating system.

True

False

Is the strategy automatically deployed?

Choose the appropriate policy control point and user authentication point

Does the strategy deployment target a single user?

Does the strategy deployment target a single department?

③④

①③④

⑤⑥

②④

Access control

Encrypted access

Business isolation

Audit billing

You can directly turn on the AV, IRS protection functions, and URL filtering functions in the global environment to achieve the requirements

To the untrust direction, only enable AV and IPS protection functions for the server zone to protect the server

In the direction of untrust to the intranet, only the AV and IPS protection functions are turned on for the server area to protect the server

Go to the untrust direction to open the URL filtering function for the entire campus network, and filter some classified websites

DHCP

ARP

CAPWAP

802.11MAC

True

False

HTTP POST is generally used to send information to the server through a web page, such as forum posting x form submission, username I password login.

When the file upload operation is allowed, the alarm threshold and blocking threshold can be configured to control the size of the uploaded file.

When the size of the uploaded or downloaded file and the size of the content of the POST operation reach the alarm threshold, the system will generate log information to prompt the device management

And block behavior.

When the uploaded or downloaded file size, POST operation content size reaches the blocking threshold, the system will only block the uploaded or downloaded file, POST

operate.

Directly discard data sent by devices that do not comply with regulations

Certification of non-compliant equipment.

Check for non-compliant terminals, Prohibit unsafe devices from accessing the network.

Send alarm information to notify the administrator to deal with it.

True

False

The automatic account lock and manual account lock functions cannot be activated at the same time.

For automatically locked accounts, if the number of incorrect passwords entered by the terminal user during authentication exceeds the limited number of times within a limited time, the account will be automatically locked.

For manually locked accounts, the administrator needs to manually add the account to the locked account list.

Manually lock the account and delete it from the list, the lock of the account will be released.

True

False

You can check whether the screen saver is enabled on the terminal

You can check whether the screen saver password is enabled

Only supports Windows operating system

Screen saver settings cannot be automatically repaired

Warning

Block and push the page

A warning dialog box pops up

All access to the client is prohibited

Deploy the main DB

Deploy image DBO

Deploy witness DB

Deploy MC and SM dual machine backup

The mobile office platform is safe and reliable and goes online quickly.

Users can access the network safely and quickly.

Unified terminal management and fine control.

Network gateway deployment

Agile Controller-Campus Integrated RADIUS All functions of server and client."

Agile Controller-Campus As RADIUS On the server side, the user terminal acts as RADIUS Client.

Certified equipment(like 802. 1X switch)As RADIUS On the server side, the user terminal acts as RADIUS Client.

Agile Controller-Campus As RADIUS Server side, authentication device(like 802.1X switch)As RADIUS Client.

The firewall will first check the blacklist entries and then the whitelist entries.

Assuming that the user visits the www.exzample.com website, which belongs to the categories of humanities and social networks at the same time, the user cannot access the

website.

The user visits the website www.exzample.com, and when the black and white list is not hit, the next step is to query the predefined URL category entry.

The default action means that all websites are allowed to visit. So the configuration is wrong here.

Access control

safety certificate

Authentication

System Management