H12-724 Exam Dumps - HCIP-Security (Fast track) V1.0

Go to page:

<< First
Prev
1
2
3
4
5
6
7
Next
Last >>

Question # 41

In the Agile Controller-Campus admission control technology framework, regarding the description of RADIUS, which of the following options is correct?

PADIUS Used on the client and 802.1X Information such as user names and passwords are passed between switches.

PADIUS Used in 802.1X Switch and AAA Information such as user name and password are passed between servers.

PADIUS Used for Portal Server pushes to users Web page.

PADIUS Used for server to SACG Security policy issued by the device

Full Access

Question # 42

The administrator has made the following configuration:

1. The signature set Protect_ all includes the signature ID3000, and the overall action of the signature set is to block.

2. The action of overwriting signature ID3000 is an alarm.

The action of signing iD3000 is an alarm

The action of signing ID3000 is to block

Unable to determine the action of signature ID3000

The signature set is not related to the coverage signature

Full Access

Question # 43

Which of the following options is not a defense against HTTP Flood attacks?

HTTP Flood source authentication

HTTP source statistics

URI source fingerprint learning function

Baseline learning

Full Access

Question # 44

Regarding the strong statement of DNS Request Flood attack, which of the following options is correct?

The DNS Request Flood attack on the cache server can be redirected to verify the legitimacy of the source

For the DNS Reguest Flood attack of the authorization server, the client can be triggered to send DINS requests in TCP packets: to verify

The legitimacy of the source IP.

In the process of source authentication, fire prevention will trigger the client to send DINS request via TCP report to verify the legitimacy of the source IP, but in a certain process

It will consume the TCP connection resources of the OINS cache server.

Redirection should not be implemented on the source IP address of the attacked domain name, and the destination P address of the attacked domain name should be implemented in the wild.

Full Access

Question # 45

For hardware SACC Access control, if the terminal does not pass the authentication, it can access the resources of the post-authentication domain. This phenomenon may be caused by the following reasons? (Multiple choice)

Authentication data flow has passed SACG filter.

TSM No hardware is added to the system SACG equipment.

SACG Enable the default inter-domain packet filtering.

Privileges are misconfigured IP

Full Access

Question # 46

The configuration command to enable the attack prevention function is as follows; n

[FW] anti-ddos syn-flood source-detect

[FW] anti-ddos udp-flood dynamic-fingerprint-learn

[FW] anti-ddos udp-frag-flood dynamic fingerprint-learn

[FW] anti-ddos http-flood defend alert-rate 2000

[Fwj anti-ddos htp-flood source-detect mode basic

Which of the following options is correct for the description of the attack prevention configuration? (multiple choice)

The firewall has enabled the SYN Flood source detection and defense function

The firewall uses the first packet drop to defend against UDP Flood attacks.

HTTP Flood attack defense uses enhanced mode for defense

The threshold for HTTP Flood defense activation is 2000.

Full Access

Question # 47

When you suspect that the company's network has been attacked by hackers, you have carried out a technical investigation. Which of the following options does not belong to the behavior that occurred in the early stage of the attack?

Planting malware

Vulnerability attack

Web application attacks

Brute force

Full Access

Question # 48

In Portal authentication, which of the following parameters must be configured on the switch? (Multiple choice)

Portal server IP

Portal page URL

shared-key

Portal Protocol version

Full Access