Huawei H12-723-ENU HCIP-Security-CTSS(Huawei Certified ICT Professional -Constructing Terminal Security System) Online Training
Huawei H12-723-ENU Online Training
The questions for H12-723-ENU were last updated at Feb 03,2025.
- Exam Code: H12-723-ENU
- Exam Name: HCIP-Security-CTSS(Huawei Certified ICT Professional -Constructing Terminal Security System)
- Certification Provider: Huawei
- Latest update: Feb 03,2025
Which of the following is correct for the roles of Portal authentication system?
- A . The client is Any Office software.
- B . The role of portal server is to receive the client authentication request, provide free portal service and authentication interface and interact with the access device to authenticate the client.
- C . The role of RADIUS server is to redirect all HTTP requests from users in the authentication network segment to the Portal server.
- D . The role of the admission control device is to complete the user’s authentication, authorization and accounting.
Which of the following correct for MAC authentication and MAC bypass authentication? (Multiple choices)
- A . MAC authentication is an authentication method that controls the user’s network access rights based on the interface and MAC address. It does not require the user to install any client software.
- B . MAC bypass authentication first 802.1X authentication is performed on the device that accesses the device. If the device does not respond to 802.1X authentication, the device uses MAC to authenticate the device.
- C . During the MAC authentication process, the user needs to manually enter the user name or password.
- D . MAC address is not used as the user name and password to automatically access the network during MAC bypass authentication.
Which of the following are correct about hardware SACG authentication deployment scenario? (Multiple choices)
- A . SACG authentication is generally used in stable network scenarios where wired admission control is performed.
- B . SACG authentication is generally used in scenarios where new networks are set up for wireless admission control.
- C . SACG is generally deployed in bypass mode without changing the original network topology.
- D . SACG essentially controls access to users through 802.1X technology.
The traditional network single strategy is difficult to deal with complex situations such as diverse users, diversified locations, diversified terminals, diversified applications and inexperienced experiences.
- A . True
- B . False
A network use Portal authentication, when the user accesses, he finds that the user name/password is not entered in the pushed Web page.
This fault may be caused by which reason?
- A . There is no corresponding user on Agile Controller-Campus.
- B . Switch AAA configured wrong.
- C . The switch does not enable Portal function.
- D . Push page error on portal server.
In agile network, before the user is authenticated, users may need to access servers such as DNS, DHCP and Portal. When the traffic from the user access the server pass through the firewall, the firewall queries the Agile controller-campus server for the agile security group information corresponding to the traffic. Because the user is not authenticated at this time, the Agile controller-campus server informs the firewall that the user belongs to the "unknown agile security group (Unknown)". This will cause the user’s traffic to match the "unknown agile security group" before the firewall refreshes the user identity.
After the user passes the authentication, the right authority can’t be obtained immediately. How to solve the problem?
- A . Turn off state detection on FW.
- B . Configure TSM on FW.
- C . Set the security pre-domain. When an unauthenticated user accesses a server in the pre-security domain, FW directly forwards the traffic.
- D . Release traffic to the server on FW.
Mobile smart phone and tablet users establish IPSec encryption tunnel with AE through Any Office client. After passing authentication and compliance checks, they access enterprise services.
- A . True
- B . False
Typical application scenarios of terminal security include desktop management, illegal outreach and computer peripheral management.
- A . True
- B . False
The standard 802.1X client that is provided by the Web client and operating system only has the identity authentication function. It does not support the implementation of inspection class policies and monitoring class policies. The Any Office client supports all inspection class policies and monitoring class policies.
- A . True
- B . False
MAC authentication means that in 802.1X authentication environment, when the terminal does not respond to 802.1X authentication request from the access control device after accessing the network, the access control device automatically obtains MAC address of the terminal and sends it to RADIUS server as a certificate for accessing the network.
- A . True
- B . False
