Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Home
Huawei
HCIP-Security
H12-723_V3.0
HCIP-Security-CTSS V3.0 Questions and Answers

Pass the Huawei HCIP-Security H12-723_V3.0 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam H12-723_V3.0 Premium Access

View all detail and faqs for the H12-723_V3.0 exam

Go to Exam

487 Students Passed

87% Average Score

92% Same Questions

Viewing page 1 out of 5 pages

Viewing questions 1-10 out of questions

Questions # 1:

Which of the following options is right PKI The sequence description of the work process is correct?

1. PKI Entity direction CA ask CA Certificate. .

2. PKI Entity received CA After the certificate, install CA Certificate.

3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.

4. PKI Entity direction CA Send a certificate registration request message.

5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.

6. PKI Entity received CA The certificate information sent.

7. PKI After the entity installs the localcertificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.

8. CA receive PKI The entity's certificate registration request message.

Options:

1-3-5-4-2-6-7-8

1-3-5-6-7-4-8-2

1-3-2-7-6-4-5-8

1-3-2-4-8-6-5-7

Answer

Questions # 2:

Regarding CAPWAP encryption, which of the following statements is wrong?

Options:

CAPWAP The data tunnelcan be used DTLS Encrypted.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Answer

Questions # 3:

In the Agile Controller-Campus admission control technology framework, regarding the description of RADIUS, which of the following options is correct?

Options:

PADIUS Used on the client and 802.1X Information such as user names and passwords arepassed between switches.

PADIUS Used in 802.1X Switch and AAA Information such as user name and password are passed between servers.

PADIUS Used for Portal Server pushes to users Web page.

PADIUS Used for server to SACG Security policy issued by the device

Answer

Questions # 4:

Regarding the basic principles of user access security, it is wrong not to list any description?

Options:

When a terminal device accesses the network, it first authenticates the user's identity through the access device, and the access device cooperates withthe authentication server to complete the user Authentication.

The terminal device directly interacts with the security policy server, and the terminal reports its own status information, including virus database version, operating system version, andterminal Information such as the patch version installed on the device.

The security policy server checks the status information of the terminal, and for terminal devices that do not meet the corporate security standards, the security policy server reissues. The authorization information is given to the access device.

The terminal device selects the answer to the resource to be accessed according to the result of the status check.

Answer

Questions # 5:

When using local guest account authentication, usually use(Portal The authentication method pushes the authentication page to the visitor. Before the user is authenticated, when the admission control device receives the HTTP The requested resource is not Portal Server authentication URL When, how to deal with the access control equipment.

Options:

Discard message

URL Address redirected to Portal Authentication page

Direct travel

Send authentication information to authentication server

Answer

Questions # 6:

How to check whether the SM and SC silverware start normally after installing the Agile Controller-Campus) (multiple delivery)

Options:

Open https://SM server IP:8943 in the browser, enter the account admin and the default password Changeme123, if the login is successful, it will be explained. The SIM components are normal.

After logging in to SC, select Resources>Users>User Management to create a common account. Open https://SM server IP:8447 in the browser newauth, if you can successfully log in using the account created in the previous step, the SM component is normal.

Open https://SC Server IP:8443 in the browser and enter the account admin and the default password Changeme123. If the login is successful, it will be explained. The SC component is normal.

Afterlogging in to SM, select Ziyuan>User>User Management, and Xinlu has a common part number. Open https://SC server IP:8447 newauth in the browser. If you can successfully log in with the account created in the previous step, it means that the SC component is Wang Chang.

Answer

A, D

Questions # 7:

The following configuration is in A with B The authentication commands are configured on the two admission control devices. For the analysis of the following configuration commands, which ones are correct? (Multiple choice)

Options:

A What is configured on the device is MAC Bypass authentication

B What is configured on the device is MAC Bypass authentication o

A On the device 2GE1/01 Can access PC Can also access dumb terminal equipment

B On the device GE1/0/1 Can access PC It can also access dumb terminal equipment. Upper

Answer

A, C

Questions # 8:

Portal authentication on the Agile Controller-Campus has been configured and is correct.

Configure the following commands on the access control switch:

[S5720] authentication free-rule 1 destination ip 10.1.31.78 mask 255.255. 255.255

Which of the following options are correct? (multiple choice)

Options:

After the configuration is complete, the switch will automatically release the data flow to access the security controller,No need for manual configuration by the administrator.

This configuration allows users to access network resources before authentication.

After the configuration is complete, the administrator still needs to manually configure the release network segment

Only after the authentication is passed, the terminal can access 10.1.31.78 Host.

Answer

A, B

Questions # 9:

According to different reliability requirements, centralized networking can providedifferent reliability networking solutions. Regarding these solutions, which of the following descriptions are correct? (Multiple choice)

Options:

Basic networking includes deploying one SM Server, one SC Server, one DB and a AE server.

AE In addition to thedeployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SC server.

SC In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup SM server.

DB In addition to the deployment of basic networking components, the reliability of the network also requires the deployment of an additional backup DB..

Answer

A, D

Questions # 10:

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result showssuccess, but the user cannot Normal access, the possible reason does not include which of the following options?