This page was exported from Top Exam Collection [ http://blog.topexamcollection.com ] Export date:Thu Apr 10 11:32:58 2025 / +0000 GMT ___________________________________________________ Title: H12-723 Pre-Exam Practice Tests (Updated 200 Questions) [Q26-Q50] --------------------------------------------------- H12-723 Pre-Exam Practice Tests | (Updated 200 Questions) Valid H12-723 Exam Q&A PDF - One Year Free Update NEW QUESTION 26The service free mobility function of the Agile Controller can guide the flow to the security center for processing according to the service, improving the utilization of physical equipment.  right  wrong NEW QUESTION 27Which of the following options are correct for guest management descriptions? (Multiple choices)  Guest registration accounts can be configured for approval  Guest login can only be configured as a web page  Guest authentication page cannot be used for anonymous account authentication  Guest account approval information can notify visitors via SMS NEW QUESTION 28Visitors can access the network through their registered account. Which of the following is not an account approval method?  Exemption from approval  Administrator approval  Receptionist approval  Self-approved by visitors NEW QUESTION 29The user accesses the network through network access device. The third-party RADIUS server authenticates and authorizes the user.Which of the following is incorrect about this certification process?  Configure RADIUS authentication and accounting on RADIUS server.  Configure Agile Controller-Campus as local data source authentication, receive the packets which sent by the device, and perform authentication.  Configure RADIUS authentication and accounting on the device.  Configure RADIUS authentication and authorization on Agile Controller-Campus. NEW QUESTION 30Which of the following statement is wrong about NIP?  NIP compare the data packet and application knowledge base, identify specific data flow  NIP support for specific IP network segment, in a specific time period, for strategy processing  NIP using leading hardware architecture, FPGA realization of the application layer acceleration, ESP achieve forward acceleration  NIP Manager supports mail alarm response mode NEW QUESTION 31Which of the following options is correct for the description of the role of the isolation domain?  Isolation domain refers to the area that the terminal host can access before passing the identity authentication, such as DNS server, external authentication source, business controller (SC)c The area where the service manager (SM) is located.  Isolation domain refers to the area that is allowed to be accessed when the terminal user passes the identity authentication but fails the security authentication, such as patch server, virus database server.The area where the server is located.  Isolation domain refers to the area that terminal users can access after passing identity authentication and security authentication, such as ERP system, financial system database system. The area where you are.  End users can access the isolated domain regardless of whether they pass identity authentication. NEW QUESTION 32When configuring the antivirus software policy, if you set”The required antivirus software violation level is not installed or running”for”generally”And check”out Now serious violation of the rules prohibits access to the network”Options. When the user uses Any office Certify, The certification is passed, but the result of the security check Can the user access the network when the virus software is not turned on?  Can access the network? Can also access network resources.  Cannot access the network.  Can pick up? The network needs to be repaired before you can access network resources.  You can access the network, but you need to re-authenticate to access network resources. NEW QUESTION 33Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct?(multiple choice)  802.1X Authentication can only be initiated by the client.  802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate  8021X The client can trigger authentication through multicast or broadcast.  The authentication equipment department triggers authentication through multicast or unicast. NEW QUESTION 34Which device is usually used as the hardware SACG in Agile Controller-Campus solution?  Router  Switch  Firewall  IPS NEW QUESTION 35View on the switch Agile Controller-Campus The policy issued by the server is as follows:For this strategy, which of the following options are correct? (Multiple choice)  Common_ user Users can access Internet www H.  VIP Users can access Internet w H.  VIP Can visit Mail Server H.  Common user Users can access Mail_ Sever resource. NEW QUESTION 36When manage guest accounts, you need to create guest account policy and set account creation method. Which of the following descriptions is incorrect for account creation?  When you add accounts individually, you can select individual creation.  If the number of users is large, you can create them in batches.  If the number of users is large, you can choose database synchronization.  Self-registration can be used to facilitate management and enhance the user experience. NEW QUESTION 37A university user requirements are as follows:1. The environmental flow is larger, two-way add up to OOOM, UTM deployed in its network node.2. The intranet is divided into students zones, server zones, etc., users are most concerned about the security of the server area, to avoid all kinds of the threat of attack.3. At the same time to ban students area some pornographic websites.In UTM configured Extranet for untrust domain, Intranet for trust domain, how to deploy the UTM strategy?(Select 2 answers)  can be directly under the global open AV, PS protective function, URL filtering function, then it can be realized  Outbound direction only open AV, IPS protective function for server areas, protected server  inboud direction only open AV, IPS protective function for server areas, protected server  Outbound direction open URL filtering function for the entire campus network, and filtering of part classification website NEW QUESTION 38When the account assigned by the administrator for the guest is connected to the network, the audit action that the administrator can perform on the guest does not include which of the following options?  Visitor online and offline records  Force users to go offline  Account deactivation 1 reset Password  Send a warning message to the user NEW QUESTION 39Free mobility is a special access control method, according to the user’s access location, access time, access method and terminal authorization instructions. Set permissions, as long as the user’s access conditions remain unchanged, the permissions and network experience after accessing the network–To q  right  wrong NEW QUESTION 40Agile controller-Campus system can manage the software installed on the terminal, define the black and white list, and assist the terminal to install the necessary software and uninstall the software that is not allowed to be installed by linking with the access control device. The definition of the black and white list, which is correct?  Check for prohibited install software and allowed install software  Check for prohibited install software  Check for prohibited install software and software that must be installed  Check the software that must be installed NEW QUESTION 41Which of the following statements is true about the description of ACL used by SACG devices and TSM systems?  The default ACL rule group number can be arbitrarily specified.  The default ACL rule group number can only be 3999.  Because SACG needs to use ACL 3099 to 3999 to receive the rules delivered by TSM system, you must first ensure that these ACL are not referenced by other functions before configuring TSM linkage.  TSM linkage can be successfully enabled even if ACL with the original group number 3099 to 3999 is occupied. NEW QUESTION 42A company with relatively strict end-host access control management, the administrator wants to bind the terminal host and account so as to avoid end users from access the controlled network from non-authorized terminal hosts.Which of the following is correct of the bound terminal host and account?  When AnyOffice logs in use an account for the first time, the terminal host automatically binds the current account, but the automatic binding process requires administrator approval.  When other accounts need to be authenticated on the bound terminal host, they do not need to find the owner of the asset bound for the first time to authorize themselves.  The bound terminal host and account are only applicable to the scenario where the terminal user authenticates through Any Office. The authentication through Web Agent plug-in and Web client is not applicable.  There is only one terminal host bound to the account and can’t be configured by the administrator. NEW QUESTION 43The following is the 802.1X access control switch configuration:[S5720]dot1x authentication-method eap[S5720-GigabitEthernet0/0/1] port link-type access[S5720-GigabitEthemet0/0/1] port default vlan 11[S5720-GigabitEthernet0/0/1] authentication dot1xAssuming that GE0/0/1 is connected to user 1 and user 2 through the HUB, which of the following options is correct?  After user 1 is authenticated, user 2 can access network resources without authentication  User 1 and User 2 must be individually authenticated before they can access network resources  GE0/0/1 does not need to enable dot1X  Neither user 1 nor user 2 can pass the authentication and access network resources. NEW QUESTION 44Which of the following descriptions are correct regarding MAC authentication and MAC bypass authentication?  The biggest difference between the two is MAC bypass authentication belongs to 802.1X authentication, while MAC authentication does not belong to 802.1X authentication.  If one network port may connected to dumb terminal (printer, IP phone) or to laptop, use MAC bypass authentication. Try 802.1X authentication first. After the authentication fails, try MAC authentication again.  If network port only connects dumb terminals (printers, IP phones), use MAC authentication to shorten the authentication time.  MAC authentication has one more 802.1X authentication link than MAC bypass authentication, so it takes longer than MAC bypass authentication. NEW QUESTION 45When deploy wired 802.1X authentication, if the admission control device is deployed at the convergence layer, this deployment method has features such as high security performance, multiple management devices and complicated management.  True  False NEW QUESTION 46Which of the following is correct of the accompanying logical architecture of the business?  The business management plane focuses on administrators, authentication servers and policy servers.  Points of concern for the network device plane include user terminals and static resources.  The user plane focuses on the authentication point and the policy enforcement point.  The free-to-play logical architecture include management subsystem, authentication and authorization subsystem and business strategy subsystem. NEW QUESTION 47After the enterprise network administrator deploys Agile Controller-Campus and SACG, the authentication succeeds but the authentication domain can’t be accessed. This may be due to which reasons? (Multiple choices)  Serious violations will prevent access to the post-authentication domain.  The access control list of post-authentication domain is not delivered to SACG.  ALC rules are issued in large quantities and require a lot of time to match, causing interruption of access services.  Wrong post-authentication domain resources are configured on Agile Controller-Campus. NEW QUESTION 48URL filtering, according to the classification of the remote or local classification, the user can create multiple urls strategy, determines the corresponding processing action in URL strategies, a URL strategy was applied to the domain, which can realize the corresponding URL filtering.  TRUE  FALSE NEW QUESTION 49After the user authentication succeeds, which of the following actions can be performed on the user on Agile Controller-Campus?  Remote assistance for users access the Any Office.  Force users to go offline.  Audit users’ online and offline records.  Disable/disable the move certificate account and assign roles. NEW QUESTION 50Which of the following options is not included in the mobile terminal life cycle?  Obtain  deploy  run  Uninstall  Loading … HCIP-Security-CTSS(Huawei Certified ICT Professional -Constructing Terminal Security System) Free Update Certification Sample Questions: https://www.topexamcollection.com/H12-723-vce-collection.html --------------------------------------------------- Images: https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-06-08 14:57:27 Post date GMT: 2022-06-08 14:57:27 Post modified date: 2022-06-08 14:57:27 Post modified date GMT: 2022-06-08 14:57:27