Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

H12-723 Huawei Certified ICT Professional - Constructing Terminal Security System Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Huawei H12-723 Huawei Certified ICT Professional - Constructing Terminal Security System certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Huawei H12-723 Premium Access     Download Demo    
Page: 3 / 3
Total 201 questions

Which of the following statement is wrong about NIP?

A.

NIP compare the data packet and application knowledge base, identify specific data flow

B.

NIP support for specific IP network segment, in a specific time period, for strategy processing

C.

NIP using leading hardware architecture, FPGA realization of the application layer acceleration, ESP achieve forward acceleration

D.

NIP Manager supports mail alarm response mode

Which of the following options is for Portal The statement of the gateway access process is correct?

A.

Portal gateway initiates Radius Challenge request message, including user name and password information

B.

The ACL issued by the server to the access gateway is carried in the Portal protocol message

C.

Issue policies while performing identity authentication

D.

The Portal server needs to pass the security check result to the access gateway device

View on the switch Agile Controller-Campus The policy issued by the server is as follows:

For this strategy, which of the following options are correct? (Multiple choice)

A.

Common_ user Users can access Internet www H.

B.

VIP Users can access Internet w H.

C.

VIP Can visit Mail Server H.

D.

Common user Users can access Mail_ Sever resource.

Which of the statement is not correct according to following configuration?

[USG] pattern-group 6t type url

[USG-pattern-group-url-bt] pattern any bt.com

[USG] url-filter policy urlpolicy3

[USG-urlfilter-policy-urlpolicy3] blacklist enable

[USG-urlfilter-policy-urlpolicy3] whitelist enable

[USG-urlfilter-policy-urlpolicy3] blacklist group 6t

[USG] web-filter policy webpolicy3

[USG-web-filter-policy-webpolicy3] policy url-filter urlpolicy3

[USG-policy-interzone-trust-untrust-outbound] policy 3

[USG-policy-interzone-trust-untrust-outbound-3] action permit

[USG-policy-interzone-trust-untrust-outbound-3] policy source range 10.10.10.101 10.10.10.200

[USG-policy-interzone-trust-untrust-outbound-3] policy web-filter webpolicy3

A.

users of IP address 10.10.10.120 can access bt.com website

B.

users of IP address 10.10.10.199 cannot access bt.com website

C.

users of IP address 10.10.10.100 can access bt.com website

D.

users of IP address 10.10.10.220 can access bt.com website

Regarding the policy for checking account security, which of the following descriptions are correct? (Multiple choice)

A.

You can check whether there is a weak password.

B.

You can check whether the account has joined a specific group.

C.

It cannot be repaired automatically._

D.

It is not possible to check whether the password length meets the requirements.

Identity authentication determines whether to allow access by identifying the identity of the access device or user.

A.

right

B.

wrong

The following is the 802.1X access control switch configuration:

[S5720]dot1x authentication-method eap

[S5720-GigabitEthernet0/0/1] port link-type access

[S5720-GigabitEthemet0/0/1] port default vlan 11

[S5720-GigabitEthernet0/0/1] authentication dot1x

Assuming that GE0/0/1 is connected to user 1 and user 2 through the HUB, which of the following options is correct?

A.

After user 1 is authenticated, user 2 can access network resources without authentication

B.

User 1 and User 2 must be individually authenticated before they can access network resources

C.

GE0/0/1 does not need to enable dot1X

D.

Neither user 1 nor user 2 can pass the authentication and access network resources.

Traditional access control policy passed ACL or VLAN Can not be achieved with IP Address decoupling, in IP The maintenance workload is heavy when the address changes. And because the agile network introduces the concept of security group, it can achieve the same IP Address decoupling.

A.

right

B.

wrong

Visitor management can authorize visitors based on their account number, time, location, terminal type, access method, etc., and can also push personalized pages to visitors based on time, location, and terminal type.

A.

right

B.

wrong

Regarding the way SACG devices connect to the network, which of the following descriptions are correct? (multiple choice)

A.

SACG The equipment requires Layer 3 intercommunication with the terminal.

B.

SACG It is usually connected to the core switch equipment and uses policy routing to divert traffic.

C.

SACG Support hanging on non-Huawei devices.

D.

SACG Equipment requirements and Agile Controller-Campus Interoperability on the second floor.

For the scenario where the authentication server adopts distributed deployment, which of the following descriptions are correct? (multiple choice)

A.

The enterprise network is relatively scattered, there are multiple branches, and the branch users are larger in scale.

B.

A scenario where there are less than 2,000 branch users, and the headquarters and branch networks are relatively stable.

C.

The terminal security management business between the branch and the headquarters is relatively independent, and the headquarters provides supervision and control over the branch terminal security management business.

D.

It is difficult to guarantee the quality of the network between the branch and the headquarters, and the network between the headquarters and the branch may be interrupted, making the terminal of the

branch no longer available.

Visitors refer to users who need temporary access to the network at a specific location.

A.

right

B.

wrong

Regarding the description of the ACL used in the linkage between SACG equipment and the TSM system, which of the following statements is correct!?

A.

default ACL The rule group number can be arbitrarily specified.

B.

default ACL The rule group number can only be 3999.

C.

due to SACG Need to use ACL3099-3999 To pick TSM The rules issued by the system, so in the configuration TSM Before linkage, you need to ensure these ACL Not referenced by other functions.

D.

The original group number is 3099-3999 of ACL Even if it is occupied, it can be successfully activated TSM Linkage.

Using Agile Controller-Campus for visitor management, users can obtain the account they applied for in a variety of ways, but which of the following are not included A way?

A.

Short message

B.

E-mail

C.

Web Print

D.

Voicemail

Security authentication is mainly achieved through security policies. The terminal host support management for the security check of monthly users is mainly realized by loose check policies. End user behavior management is mainly realized by monitoring policies. If users need to formulate policies according to their own wishes, they can use them. Custom strategy.

A.

right

B.

wrong

Which of the following options is Agile Controller-Campus middle SC The main function of the component?

A.

As Agile Controller-Campus The management center is responsible for formulating the overall strategy.

B.

As Agile Controller-Campus The management interface is used to configure and monitor the system.

C.

Integrated with standards RADIUS server,Porta Server, etc., responsible for linking with network access equipment to realize user-based network access control Strategy.

D.

As Agile Controller-Campus ’S security assistance server, responsible for iRadar Analysis and calculation of reported security incidents.

Windows in environment,Agile Controller-Campus After the installation is successful, how to manually start the management center(MC)? (Multiple choice)

A.

Double click on the desktop"Start Server"The shortcut starts.

B.

choose"Start>all programs> Huawei> MCServer> StartServer.

C.

choose"Start>all programs> Huawei> Agile Controller> Server Startup Config"To manually start the required components.

D.

choose"Start 3 all programs> Huawei> MCServer> Sever Startup Conig",Manually start the required components

Wired 802.1X During authentication, if the access control equipment is deployed at the Jiangju layer, this deployment method has the characteristics of high security performance, multiple management equipment, and complex management.

A.

right

B.

wrong

Sort all services according to user group and account: By the end IP The address range is time-sharing, if it is a user group, a small terminal with an account IP Address range allocation for the same business(Chen Gongji outside business) I The business assigned to the one with the highest priority will take effect.

Which of the following is correct regarding the order of priority?

A.

account>user group>terminal IP Address range

B.

By the end P Address range>account number>user group

C.

account>Terminal protection address range>user group

D.

user group>terminal P Address range>Account

Regarding CAPWAP encryption, which of the following statements is wrong?

A.

CAPWAP The data tunnel can be used DTLS Encrypted.

B.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Huawei H12-723 Premium Access     Download Demo    
Page: 3 / 3
Total 201 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved