Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Huawei H12-724 - HCIP-Security (Fast track) V1.0

Huawei H12-724 Premium Access     Download Demo    
Page: 8 / 11
Total 367 questions

The terminal host access control function does not take effect, the following is SACG View information on:

display right- manager role-id rule

Advanced ACL 3099 ,25 rules,not bingding with vpn-instance Ad's step is 1

rule 1000 permit ip (1280 times matched)

rule 1001 permit ip destination 172.18.11.2210 (581 times matched)

rule 1002 permit ip destination 172:18.11.2230 (77 times matched)

rule 1003 permit ip destination 172.19.0.0 0.0 255.255 (355 Book times matched)

rule 1004 deny ip (507759 times matched)

Which of the following statements is correct?

A.

172.18.11.221 It is the server of the isolation domain.

B.

The escape route was opened.

C.

172.18.11.223 It is a post-domain server.

D.

The terminal host stream is the default ACL Blocked.

In the Agile Controller-Campus admission control scenario, regarding the role description of the RADIUS server I client, which of the following is positive True?

A.

Agile Controller-Campus Integrated RADIUS All functions of server and client."

B.

Agile Controller-Campus As RADIUS On the server side, the user terminal acts as RADIUS Client.

C.

Certified equipment(like 802. 1X switch)As RADIUS On the server side, the user terminal acts as RADIUS Client.

D.

Agile Controller-Campus As RADIUS Server side, authentication device(like 802.1X switch)As RADIUS Client.

In the penetration stage of an APT attack, which of the following attack behaviors will the attacker generally have?

A.

Long-term latency and collection of key data.

B.

Leak the acquired key data information to a third party of interest

155955cc-666171a2-20fac832-0c042c044

C.

Through phishing emails, attachments with 0day vulnerabilities are carried, causing the user's terminal to become a springboard for attacks.

D.

The attacker sends a C&C attack or other remote commands to the infected host to spread the attack horizontally on the intranet.

Tianyu Nei answered the role of safety filtering technology, which of the following is still correct? (multiple choice)

A.

File filtering can reduce the risk of malicious code execution and virus infection in the internal network by blocking the transmission of fixed types of files, and it can also prevent

Prevent employees from leaking company confidential documents to the Internet.

B.

Content filtering can prevent the disclosure of confidential information and the transmission of illegal information

C.

The application behavior control function can finely control common HTTP behaviors and FTP behaviors.

D.

Mail filtering refers to the management and control of mail sending and receiving, including preventing the flooding of spam and anonymous emails, and controlling the sending and receiving of illegal emails.

If you deploy Free Mobility, in the logic architecture of Free Mobility, which of the following options should be concerned by the administrator?

A.

Is the strategy automatically deployed?

B.

Choose the appropriate policy control point and user authentication point

C.

Does the strategy deployment target a single user?

D.

Does the strategy deployment target a single department?

A network adopts 802. 1X To authenticate access users, the access control equipment is deployed at the convergence layer, and after the deployment is completed, it is used on the access control equipment t-aa The command test is successful, but the user cannot access the network. The failure may be caused by the following reasons? (Multiple choice)

A.

The aggregation layer device is not configured RADIUS Certification template.

B.

Agile Controller-Campus The switch is not added on NAS equipment.

C.

Connect to the terminal on the device to open 802.1X Function.

D.

The Layer 2 link is used between the access device and the aggregation device, and it is not turned on 802 Instrument transparent transmission function

Traditional access control policy passed ACL or VLAN Can not be achieved with IP Address decoupling, in IP The maintenance workload is heavy when the address changes. And because the agile network introduces the concept of security group, it can achieve the same IP Address decoupling.

A.

True

B.

False

The most common form of child-like attack is to send a large number of seemingly legitimate packets to the target host through Flood, which ultimately leads to network bandwidth.

Or the equipment resources are exhausted. Which of the following options is not included in traffic attack packets?

A.

TCP packets

B.

UDP packet

C.

ICMP message

D.

FTP message

When configuring the URL filtering configuration file, www.bt.com is configured in the URL blacklist-item: At the same time, set it in the custom URL category.

A URL is set as bt.com, and the action of customizing URL classification is a warning. Regarding the above configuration, which of the following statements are correct? (More

select)

A.

Users can visit www.videobt.com website.

B.

The user can visit the www.bt.com website, but the administrator will receive a warning message.

C.

User cannot access all the sites ending with bt com.

D.

When users visit www.bt. com, they will be blocked.

Which of the following options is correct for the description of the Anti DDoS system configuration?

A.

Configure drainage and re-injection on the testing equipment.

B.

Configure port mirroring on the cleaning device.

C.

Add protection objects on the management center.

D.

Configure drainage and re-injection on the management center.