1 / 21

2018 Updated Version for Huawei HCNP Security H12-723(H12-723-ENU) Exam

Huawei HCNP Security H12-723(H12-723-ENU) Exam updated version is available.

Download Presentation

2018 Updated Version for Huawei HCNP Security H12-723(H12-723-ENU) Exam

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. FREE H12-723 (H12-723-ENU) Real Questions HCNP Security

  2. H12-723 Question NO.1 MAC authentication means that in 802.1X authentication environment, when the terminal does not respond to 802.1X authentication request from the access control device after accessing the network, the access control device automatically obtains MAC address of the terminal and sends it to RADIUS server as a certificate for accessing the network. A. True B. False Answer: B

  3. H12-723 Question NO.2 The standard 802.1X client that is provided by the Web client and operating system only has the identity authentication function. It does not support the implementation of inspection class policies and monitoring class policies. The Any Office client supports all inspection class policies and monitoring class policies. A. True B. False Answer: A

  4. H12-723 Question NO.3 Typical application scenarios of terminal security include desktop management, illegal outreach and computer peripheral management. A. True B. False Answer: A

  5. H12-723 Question NO.4 Mobile smart phone and tablet users establish IPSec encryption tunnel with AE through Any Office client. After passing authentication and compliance checks, they access enterprise services. A. True B. False Answer: B

  6. H12-723 Question NO.5 In agile network, before the user is authenticated, users may need to access servers such as DNS, DHCP and Portal. When the traffic from the user access the server pass through the firewall, the firewall queries the Agile controller-campus server for the agile security group information corresponding to the traffic. Because the user is not authenticated at this time, the Agile controller-campus server informs the firewall that the user belongs to the "unknown agile security group (Unknown)". This will cause the user's traffic to match the "unknown agile security group" before the firewall refreshes the user identity. After the user passes the authentication, the right authority can't be obtained immediately. How to solve the problem? A. Turn off state detection on FW. B. Configure TSM on FW. C. Set the security pre-domain. When an unauthenticated user accesses a server in the pre-security domain, FW directly forwards the traffic. D. Release traffic to the server on FW. Answer: C

  7. H12-723 Question NO.6 A network use Portal authentication, when the user accesses, he finds that the user name/password is not entered in the pushed Web page.This fault may be caused by which reason? A. There is no corresponding user on Agile Controller-Campus. B. Switch AAA configured wrong. C. The switch does not enable Portal function. D. Push page error on portal server. Answer: D

  8. H12-723 Question NO.7 The traditional network single strategy is difficult to deal with complex situations such as diverse users, diversified locations, diversified terminals, diversified applications and inexperienced experiences. A. True B. False Answer: A

  9. H12-723 Question NO.8 Which of the following are correct about hardware SACG authentication deployment scenario? (Multiple choices) A. SACG authentication is generally used in stable network scenarios where wired admission control is performed. B. SACG authentication is generally used in scenarios where new networks are set up for wireless admission control. C. SACG is generally deployed in bypass mode without changing the original network topology. D. SACG essentially controls access to users through 802.1X technology. Answer: AC

  10. H12-723 Question NO.9 Which of the following correct for MAC authentication and MAC bypass authentication? (Multiple choices) A. MAC authentication is an authentication method that controls the user's network access rights based on the interface and MAC address. It does not require the user to install any client software. B. MAC bypass authentication first 802.1X authentication is performed on the device that accesses the device. If the device does not respond to 802.1X authentication, the device uses MAC to authenticate the device. C. During the MAC authentication process, the user needs to manually enter the user name or password. D. MAC address is not used as the user name and password to automatically access the network during MAC bypass authentication. Answer: AB

  11. H12-723 Question NO.10 Which of the following is correct for the roles of Portal authentication system? A. The client is Any Office software. B. The role of portal server is to receive the client authentication request, provide free portal service and authentication interface and interact with the access device to authenticate the client. C. The role of RADIUS server is to redirect all HTTP requests from users in the authentication network segment to the Portal server. D. The role of the admission control device is to complete the user's authentication, authorization and accounting. Answer: B

  12. H12-723 Question NO.11 When deploy wired 802.1X authentication, if the admission control device is deployed at the convergence layer, this deployment method has features such as high security performance, multiple management devices and complicated management. A. True B. False Answer: B

  13. H12-723 Question NO.12 In WIDS-enabled WLAN network, which of the following statements is correct regarding the determination of illegal devices? A. All Ad-hoc devices will be directly identified as illegal devices B. AP that are not connected to this AC are illegal AP C. STA that are not connected to this AC are illegal STA D. STA that are not connected to this AC must check whether the access AP is valid Answer: AD

  14. H12-723 Question NO.13 When manage guest accounts, you need to create guest account policy and set account creation method. Which of the following descriptions is incorrect for account creation? A. When you add accounts individually, you can select individual creation. B. If the number of users is large, you can create them in batches. C. If the number of users is large, you can choose database synchronization. D. Self-registration can be used to facilitate management and enhance the user experience. Answer: C

  15. H12-723 Question NO.14 The administrator issues notices to users through the form of announcements, such as the latest software and patch installation notices, etc. Which of the following options is wrong? A. You can issue an announcement by department. B. The endpoint must have proxy client installed to receive announcements. C. If the system issues an announcement and the proxy client is not online, it will not receive the announcement information after going online. D. You can issue an announcement by account number. Answer: C

  16. H12-723 Question NO.15 When use local guest account authentication, Portal authentication is usually used to push the authentication page to the visitor.Before the user authentication, when the access control device receives HTTP request from the user and the resource is not the Portal server authentication URL, how does the admission control device handle it? A. Drop the packet B. URL address redirect to Portal authentication page C. Direct release D. Send authentication information to the authentication server Answer: B

  17. H12-723 Question NO.16 Aopt user isolation technology in WLAN networking environment, which of the following statements is wrong? A. User isolation between groups means that users in different groups can't communicate with each other, and internal users in the same group can communicate B. Isolation in user groups means that users in the same group can't communicate with each other C. User isolation function means that Layer 2 packets associated with all wireless users on the same AP can't forward packets to each other. D. Group isolation and isolation between groups can't be used at the same time Answer: D

  18. H12-723 Question NO.17 Which of the following options is correct for PKI process sequence? 1. PKI entity requests CA certificate from CA. 2. After PKI entity receives CA certificate, it installs CA certificate. 3. When the CA receives CA certificate request from PKI entity, it returns its own CA certificate to PKI entity. 4. PKI entity sends a certificate registration request message to CA. 5. When PKI entity communicate with each other, they must obtain and install the local certificate of the peer entity. 6. PKI entity receives the certificate information sent by CA. 7. After PKI entity installs the local certificate of the peer entity, it verifies the validity of the local certificate of the peer entity. When the certificate is valid, PC entity use the certificate public key for encrypted communication. 8. CA receives the certificate registration request message from PKI entity. A. 1-3-5-4-2-6-7-8 B. 1-3-5-6-7-4-8-2 C. 1-3-2-7-6-4-5-8 D. 1-3-2-4-8-6-5-7 Answer: D

  19. H12-723 Question NO.18 Which of the following is correct for terminal Wi-Fi push order? 1. Any Office mobile office system push Wi-Fi configuration 2. Any Office mobile office automatically apply for certificate. 3. The administrator configure enterprise Wi-Fi push. 4. The terminal automatically accesses enterprise Wi-Fi. A. 1-2-3-4 B. 4-2-3-1 C. 3-2-1-4 D. 2-3-1-4 Answer: C

  20. H12-723 Question NO.19 BYOD solution provide products and systems cover terminals, networks, security, application and management, include serialized BYOD devices, wireless network systems, network access security, VPN gateways, terminal security client software, authentication systems, mobile device management (MDM), mobile eSpace UC, etc. A. True B. False Answer: A

  21. H12-723 Question NO.20 Which of the following are correct about 802.1X access process? (Multiple choices) A. Throughout the authentication process, the terminal exchanges information through the server and EAP packets. B. The terminal exchanges EAP packets with the 802.1X switch. The 802.1X switch and the server use Radius packets exchange information. C. 802.1X authentication does not require security policy checks. D. Use MD5 algorithm to verify the information. Answer: BD

More Related