1 / 8

H12-724 HCIP-Security (Fast track) V1.0 Exam Questions

The release of the latest H12-724 HCIP-Security (Fast track) V1.0 Exam Questions offer an excellent opportunity for professionals to upgrade their skills and knowledge.

examquestionsonline
Download Presentation

H12-724 HCIP-Security (Fast track) V1.0 Exam Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The safer , easier way to help you pass any IT exams. Pass Huawei H12-724 Exam with Real Questions Huawei H12-724 Exam HCIP-Security (Fast track) V1.0 https://www.passquestion.com/h12-724-enu.html 35% OFF on All, Including Huawei H12-724 Questions and Answers Pass H12-724 Exam with PassQuestion Huawei H12-724 questions and answers in the first attempt. https://www.passquestion.com/ 1 / 8

  2. The safer , easier way to help you pass any IT exams. 1.Business accompanying is-A special access control method, according to the user's access location, access time, access method and terminal use to grant designated investment limits, among which the physical connection can be divided into 3 Class, excluding which of the following access methods? A. Wired access B. Wireless access C. VPN Access D. 802.1X Access Answer: D 2.Which of the following files can the sandbox detect? (multiple choice) A. www file B. PE file C. Picture file D. Mail Answer: A,B,C 3.View on the switch Agile Controller-Campus The policy issued by the server is as follows: For this strategy, which of the following options are correct? (Multiple choice) A. Common_ user Users can access Internet www H. B. VIP Users can access Internet w H. C. VIP Can visit Mail Server H. D. Common user Users can access Mail_ Sever resource. Answer: B,C,D 4.Identity authentication determines whether to allow access by identifying the identity of the access device or user. A. True B. False Answer: A 5.Regarding the enhanced mode in HTTP Flood source authentication, which of the following descriptions are correct? Multiple choices A. Enhanced mode refers to the authentication method using verification code. B. Some bots have a redirection function, or the free proxy used during the attack supports the redirection function, which leads to the failure of the basic mode of defense Effective, enhanced mode can effectively defend. C. The enhanced mode is superior to the basic mode in terms of user experience. D. Enhanced mode supports all HTTP Flood source authentication fields. " Answer: A,B 6.Cloud sandbox refers to deploying the sandbox in the cloud and providing remote detection services for tenants. The process includes: 1. Report suspicious files 2 / 8

  3. The safer , easier way to help you pass any IT exams. 2. Retrospective attack 3. Firewall linkage defense 4. Prosecution in the cloud sandbox For the ordering of the process, which of the following options is correct? A. 1-3-4-2 B. 1-4-2-3 C. 1-4-3-2 D. 3-1-4-2: Answer: C 7.The following is the 802.1X access control switch configuration: [S5720] dot1x authentication-method eap [S5720-GigabitEthernet0/0/1] port link-type access [S5720-GigabitEthemet0/0/1] port default vlan 11 [S5720-GigabitEthernet0/0/1] authentication dot1x Assuming that GE0/0/1 is connected to user 1 and user 2 through the HUB, which of the following options is correct? A. After user 1 is authenticated, user 2 can access network resources without authentication B. User 1 and User 2 must be individually authenticated before they can access network resources C. GE0/0/1 does not need to enable dot1X D. Neither user 1 nor user 2 can pass the authentication and access network resources. Answer: A 8.Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice) A. File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent Prevent employees from leaking company confidential documents to the Internet. B. Content filtering can prevent the disclosure of confidential information and the transmission of illegal information C. The application behavior control function can finely control common HTTP behaviors and FTP behaviors. D. Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails. Answer: A,B,C,D 9.In the security protection system of the cloud era, reforms need to be carried out in the three stages before, during and after the event, and a closed-loop continuous improvement should be formed. And development. Which of the following key points should be done in "things"? (multiple choice) A. Vulnerability intelligence B. Defense in Depth C. Offensive and defensive situation D. Fight back against hackers 3 / 8

  4. The safer , easier way to help you pass any IT exams. Answer: B,D 10.In the scenario of SACG linkage in bypass mode, only the traffic initiated by the terminal user will pass through the firewall, and the server will return to the terminal in use. The traffic does not need to go through the firewall y. For the firewall, it belongs to the scenario of inconsistent traffic back and forth paths, this needs to turn off the session state check function. A. True B. False Answer: A 11.Deployed by an enterprise network manager Agile Controller-Campus with SACG Later; Identity authentication is successful but cannot access the post-authentication domain, This phenomenon may be caused by any reason? (Multiple choice) A. A serious violation will prohibit access to the post-authentication domain. B. The access control list of the post-authentication domain has not been delivered SACG. C. ALC The number of rules issued is too many, and a lot of time is required to match, causing interruption of access services. D. Agile Controller-Campus Wrong post-authentication domain resources are configured on the server. Answer: A,B,D 12.In the construction of information security, the intrusion detection system plays the role of a monitor. It monitors the flow of key nodes in the information system. In-depth analysis to discover security incidents that are occurring. Which of the following are its characteristics? A. IDS can be linked with firewalls and switches to become a powerful "assistant" of firewalls, which can better and more accurately control access between domains. B. It is impossible to correctly analyze the malicious code doped in the allowed application data stream. C. Unable to detect malicious operations or misoperations from internal killings. D. Cannot do in-depth inspection Answer: A 13.Which way can NAC Agent upgrade package be deployed? A. By IP addresses B. By terminal type C. By account D. By user information Answer: A 14.Which of the following is the correct configuration idea for the anti-virus strategy? 1. Load the feature library 2. Configure security policy and reference AV Profile 3. Apply and activate the license 4. Configure AV Profile 5. Submit 4 / 8

  5. The safer , easier way to help you pass any IT exams. A. 3->1->4->2->5 B. 3->2->4->1->5 C. 3->2->1->4->5 D. 3->1->2->4->5 Answer: A 15.Which of the following is the default port number of Portal authentication service? A. 1812 B. 1813 C. 50200 D. 50300 Answer: A,C 16.Regarding WLAN, which of the following descriptions is correct? A. WLAN Is to adopt 80211 Technical WiFi B. WLAN There are two basic architectures: FATAP with AC+FIT AP C. AC+FATAP The architecture is suitable for medium and large use scenarios D. AC+FITAP Autonomous network architecture Answer: B 17.If the processing strategy for SMTP virus files is set to alert, which of the following options is correct? A. Generate logs and discard B. Generate logs and forward them C. Delete the content of the email attachment D. Add announcement and generate log Answer: B 18.Which of the following options belong to the upgrade method of the anti-virus signature database of Huawei USG6000 products? (multiple choice) A. Local upgrade B. Manual upgrade C. Online upgrade D. Automatic upgrade Answer: A,C 19.Regarding the application scenarios of Agile Controller-Campus centralized deployment and distributed deployment, which of the following options are correct? (Multiple select) A. If most end users work in one area and a few end users work in branch offices, centralized deployment is recommended. B. If most end users are concentrated on--Offices in several regions, and a small number of end users work in branches. Distributed deployment is recommended. C. If end users are scattered in different geographical locations, a distributed deployment solution is recommended. D. If end users are scattered in different regions, a centralized deployment solution is recommended. 5 / 8

  6. The safer , easier way to help you pass any IT exams. Answer: A,C 20.With regard to APT attacks, the attacker often lurks for a long time and launches a formal attack on the enterprise at the key point of the incident. Generally, APT attacks can be summarized into four stages: 1. Collecting Information & Intrusion 2. Long-term lurking & mining 3. Data breach 4. Remote control and penetration Regarding the order of these four stages, which of the following options is correct? A. 2-3-4-1 B. 1-2-4-3 C. 1-4-2-3 D. 2-1-4-3 Answer: C 21.Configuring WLAN device detection can realize the monitoring of the entire network, but you need to set the working mode of the AP first, which of the following options are. What is the working mode of AP? (multiple choice) A. access mode B. Normal mode C. Mixed mode D. Monitoring mode Answer: B,D 22.An enterprise adopts hardware SACG access method for admission control. The configuration commands are as follows, among which Key; Admin@123 [USG] right-manager server-group [USG-rightm] localip 10.1.10.2 [USG-rightm]serverip 10. 1.31.78 shared-key AdnIn@123 [USG2100-rightm] right-manager server-group enable. Assuming that the other configurations are correct, based on the above configuration only, which of the following options is correct? A. After completing the configuration, SACG can successfully link with the Agile Controller-Campus. B. After completing the configuration, SACG cannot successfully link with Agile Contrlle-Campus. P C. Can issue pre-authentication domain ACL. D. The linkage cannot be successful but the terminal can access the pre-authentication domain server. Answer: B 23.802.1X During the authentication, if the authentication point is at the aggregation switch, in addition to RADIUS,AAA,802.1X. In addition to the conventional configuration, what special configuration is needed? A. Both the aggregation layer and the access layer switches need to be turned on 802.1X Function. B. Access layer switch needs to be configured 802. 1X Transparent transmission of messages. 6 / 8

  7. The safer , easier way to help you pass any IT exams. C. The aggregation switch needs to be configured 802 1X Transparent transmission of messages. D. No special configuration required Answer: B 24.If the user's FTP operation matches the FTP filtering policy, what actions can be performed? (multiple choice) A. Block B. Declare C. Alarm D. Execution Answer: A,C 25.Jailbroken mobile terminal\Mobile terminals with non-compliant applications installed or terminals with non-compliant lock screen passwords connecting to the corporate network for office operations are not safe for companies. Any 0fice How to solve the problem of mobile office system? A. Directly discard data sent by devices that do not comply with regulations B. Certification of non-compliant equipment. C. Check for non-compliant terminals, Prohibit unsafe devices from accessing the network. D. Send alarm information to notify the administrator to deal with it. Answer: C 26.When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment. A. Discard message B. URLAddress redirected to Portal Authentication page C. Direct travel D. Send authentication information to authentication server Answer: B 27.Sort all services according to user group and account: By the end IP The address range is time-sharing, if it is a user group, a small terminal with an account IP Address range allocation for the same business(Chen Gongji outside business) I The business assigned to the one with the highest priority will take effect. Which of the following is correct regarding the order of priority? A. account>user group>terminal IP Address range B. By the end P Address range>account number>user group C. account>Terminal protection address range>user group D. user group>terminal P Address range>Account Answer: C 28.Analysis is the core function of intrusion detection. The analysis and processing process of intrusion detection can be divided into three phases; build an analyzer to perform analysis on actual field data. 7 / 8

  8. The safer , easier way to help you pass any IT exams. Which of the analysis, feedback and refinement is the function included in the first two stages? A. Data analysis, data classification, post-processing B. Data processing, data classification, post-processing C. Data processing, attack classification, post-processing D. Data processing, data classification, attack playback Answer: B 29.Which of the following options will not pose a security threat to the network? A. Hacking B. Weak personal safety awareness C. Open company confidential files D. Failure to update the virus database in time Answer: C 30.Which of the following options are relevant to Any Office The description of the solution content is correct? (Multiple choice) A. Provide unified and secure access to enterprise mobile applications on mobile terminals. B. The tunnel is dedicated and cannot be penetrated by viruses. C. Applications are quickly integrated and can be extended. D. It can be quickly integrated and docked with the enterprise application cloud platform. Answer: A,B,C,D 31.Regarding the processing process of file overwhelming, which of the following statements is correct? A. The file filtering module will compare the application type, file type, and transmission direction of the file identified by the previous module with the file filtering rules configured by the administrator. Then the lookup table performs matching from top to bottom. B. If all the parameters of Wenzhu can match all file filtering rules, then the module will execute the action of this file filtering rule. C. There are two types of actions: warning and blocking. D. If the file type is a compressed file, then after the file filtering check, the female file will be sent to the file decompression module for decompression and decompression. Press out the original file. If the decompression fails, the file will not be re-filed. Answer: B 32.Regarding the 3 abnormal situations of the file type recognition result, which of the following option descriptions is wrong? A. File extension mismatch means that the file type is inconsistent with the file extension. B. Unrecognized file type means that the file type cannot be recognized and there is no file extension. C. File damage means that the file type cannot be identified because the file is damaged. D. Unrecognized file type means that the file type cannot be recognized, and the file extension cannot be recognized. Answer: D 8 / 8

More Related