Pass the Huawei HCIP-Security H12-724 Questions and answers with CertsForce

After the configuration is complete, the switch will automatically release the data flow to access the security controller,No need for manual configuration by the administrator.

This configuration allows users to access network resources before authentication.

After the configuration is complete, the administrator still needs to manually configure the release network segment

Only after the authentication is passed, the terminal can access 10.1.31.78 Host.

Checking strategies are mainly used to check some static settings of the terminal, such as whether the screen saver is set, whether the antivirus software is installed; whether there is illegal Outreach etc. z00

Monitoring strategies are mainly used for real-time monitoring of events that occur in the system, such as whether anti-virus software is installed and whether PPPOE dial-up access is used Network, etc.-Once an incident is detected, some control can be taken.

The security check strategy only includes two types of end-host check-type strategies and end-user behavior check-type strategies.

Terminal host security management is mainly implemented by inspection strategies, and end user behavior management is mainly implemented by monitoring strategies.

The access layer switch does not start EAP Transparent transmission function.

wireless 02K In the scenario, the access control device is not equipped with a security board

AD The service controller is not added in the authentication scenario AD area.

The user account or password is incorrectly configured.

For loose inspection: if the source address of the packet exists in the FB of the firewall: the packet passes the inspection directly

For the case where the default route is configured, but the parameter allow-defult-route is not configured. As long as the source address of the packet is in the FIB table of the firewall

If it does not exist, the message will be rejected.

For the situation where the default route is configured and the parameter allow-defult-route is matched at the same time, if the source address of the packet is in the FIB table of the firewall

If the packet does not exist in the loose check mode, all packets will pass the URPF check and be forwarded normally.

155955cc-666171a2-20fac832-0c042c0427

For the configuration of the default route, and at the same time matching the parameter allow-defult-route, if the source address of the message is in the FIB table of the firewall

If it does not exist in the l0e check, the packet cannot pass the URPF check.

Computer is infected by U disk virus

Abnormal power interruption in the computer room

Tampering with Web pages

Copy/view sensitive data

The drainage task needs to be configured on the management center, and when an attack is discovered, it will be issued to the cleaning center.

It is necessary to configure the protection object on the management center to guide the abnormal access flow in etpa

Port mirroring needs to be configured on the management center to monitor abnormal traffic.

155955cc-666171a2-20fac832-0c042c0411

The reinjection strategy needs to be configured on the management center to guide the flow after cleaning. Q:

Terminal and Agile Controller-Campus Server communication SSL encryption

Authentication fails, end users can only access resources in the pre-authentication domain

Security check passed,Agile Controller-Campus Server notification SACG Will end user's IP Address switch to isolated domain

Agile Controller-Campus Server gives SACG Carrying domain parameters in the message

Terminal P address

Location information of the access device

Priority of guest accounts

Connected to the network SSID'

True

False

Portal The certification process is only used in Web Certification

Server for a terminal Portal Certification will only give one Portal Device sends authentication message

Switch received Portal Online message, will give Radius Server send Radius Certification request

Portal The authentication message will not carry the result of the security check