HCIP-Security-CTSS(Huawei Certified ICT Professional -Constructing Terminal Security System) 試験
Question No : 1
MAC authentication means that in 802.1X authentication environment, when the terminal does not respond to 802.1X authentication request from the access control device after accessing the network, the access control device automatically obtains MAC address of the terminal and sends it to RADIUS server as a certificate for accessing the network.
Question No : 2
The standard 802.1X client that is provided by the Web client and operating system only has the identity authentication function. It does not support the implementation of inspection class policies and monitoring class policies. The Any Office client supports all inspection class policies and monitoring class policies.
Question No : 3
Typical application scenarios of terminal security include desktop management, illegal outreach and computer peripheral management.
Question No : 4
Mobile smart phone and tablet users establish IPSec encryption tunnel with AE through Any Office client. After passing authentication and compliance checks, they access enterprise services.
Question No : 5
In agile network, before the user is authenticated, users may need to access servers such as DNS, DHCP and Portal. When the traffic from the user access the server pass through the firewall, the firewall queries the Agile controller-campus server for the agile security group information corresponding to the traffic. Because the user is not authenticated at this time, the Agile controller-campus server informs the firewall that the user belongs to the "unknown agile security group (Unknown)". This will cause the user's traffic to match the "unknown agile security group" before the firewall refreshes the user identity.
After the user passes the authentication, the right authority can't be obtained immediately. How to solve the problem?
Question No : 6
A network use Portal authentication, when the user accesses, he finds that the user name/password is not entered in the pushed Web page.
This fault may be caused by which reason?
Question No : 7
The traditional network single strategy is difficult to deal with complex situations such as diverse users, diversified locations, diversified terminals, diversified applications and inexperienced experiences.
Question No : 8
Which of the following are correct about hardware SACG authentication deployment scenario? (Multiple choices)
Question No : 9
Which of the following correct for MAC authentication and MAC bypass authentication? (Multiple choices)
Question No : 10
Which of the following is correct for the roles of Portal authentication system?
Question No : 11
When deploy wired 802.1X authentication, if the admission control device is deployed at the convergence layer, this deployment method has features such as high security performance, multiple management devices and complicated management.
Question No : 12
In WIDS-enabled WLAN network, which of the following statements is correct regarding the determination of illegal devices?
Question No : 13
When manage guest accounts, you need to create guest account policy and set account creation method. Which of the following descriptions is incorrect for account creation?
Question No : 14
The administrator issues notices to users through the form of announcements, such as the latest software and patch installation notices, etc. Which of the following options is wrong?
Question No : 15
When use local guest account authentication, Portal authentication is usually used to push the authentication page to the visitor.
Before the user authentication, when the access control device receives HTTP request from the user and the resource is not the Portal server authentication URL, how does the admission control device handle it?