Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Terminal security access technology does not include which of the following options?

A.

Access control

B.

safety certificate

C.

Authentication

D.

System Management

Full Access
Question # 5

MAC Bypass authentication means that after the terminal is connected to the network, the access control device automatically obtains the terminal MAC Address, which is sent to RADIUS The server performs euverification.

A.

right

B.

wrong

Full Access
Question # 6

Business accompanying is-A special access control method, according to the user's access location, access time, access method and terminal use to grant designated investment limits, among which the physical connection can be divided into 3 Class, excluding which of the following access methods?

A.

Wired access

B.

Wireless access

C.

VPN Access

D.

802.1X Access

Full Access
Question # 7

Hardware in useSACG At the time of certification,SACG After the configuration is completed, you can seeSACG andAgile Agile Controller-Campus The linkage is successful, but the user authentication fails. This phenomenon may be caused by the following reasons? (Multiple choice)

A.

User flow has not passed SACG.

B.

SACG There is no release on the user stream.

C.

SACG There is no closed state detection on it.

D.

Agile Controller-Campus On and SACG Wrong key configuration for linkage

Full Access
Question # 8

Agile Controller-Campus The system can manage the software installed on the terminal, define the black and white list of software, and assist the terminal to install necessary software and uninstall the software that is not allowed to be installed by linking with the access control equipment,Regarding the definition of black and white lists, which of the following statements is correct?

A.

Check for prohibited software licenses and sub-licensed software

B.

Check for prohibited software

C.

Check for prohibited software and software that must be installed

D.

Check the software that must be installed

Full Access
Question # 9

Visitors refer to users who need temporary access to the network at a specific location.

A.

right

B.

wrong

Full Access
Question # 10

Which of the following statement is not correct about application and identification of knowledge base upgrade?

A.

When USG device unable to connect to the Internet, you can choose local upgrade

B.

When the USG devices can connect to the Internet, can upgrade manually and automatically

C.

The upgrade process of abnormal will not be able to return to the original Knowledge base

D.

You can configure the automatic save function, after saving the upgrade application control is configured as system configuration

Full Access
Question # 11

In a centralized networking, the database, SM server, SC server, and AE server are all centrally installed in the corporate headquarters. This networking method is suitable. It is used for enterprises with a wide geographical distribution of users and a large number of users.

A.

right

B.

wrong

Full Access
Question # 12

Configuring DNS server of RBL feature on USG, which of the following statement is not correct?

A.

must use the DNS server not been DNS hijacking

B.

must use recursive query DNS server

C.

DNS server should be reachable IP

D.

DNS server must listen on port 25

Full Access
Question # 13

Agile Controller-Campus Which deployment mode is not supported?

A.

Centralized deployment

B.

Distributed deployment

C.

Hierarchical deployment

D.

Two-machine deployment

Full Access
Question # 14

The user accesses the network through the network access device, and the third-party RADIUS server authenticates and authorizes the user. Regarding the certification process, which of the following options is wrong?

A.

Configure RADIUS authentication and accounting on the RADIUS server.

B.

Configure the Agile Controller-Campus for local data source authentication, receive the packets sent by the device, and perform authentication.

C.

Configure RADIUS authentication and accounting on the device side. W"

D.

Configure RADIUS authentication and authorization on the Agile Controller-Campus.

Full Access
Question # 15

Regarding the definition of WIPS/WIDS, which of the following statements is correct?

A.

WIDS Is a wireless intrusion prevention system

B.

WIPS Wireless intrusion detection system

C.

WIDS Is a wireless intrusion countermeasure system

D.

WIPS Is a wireless intrusion prevention system

Full Access
Question # 16

About the hardware SACG Certification deployment scenarios, which of the following descriptions are correct? (Multiple choice)

A.

SACG Authentication is generally used in scenarios where a stable network performs wired admission control.

B.

SACG Authentication is generally used in scenarios where new networks are used for wireless admission control.

C.

SACG It is generally deployed in a bypass mode without changing the original network topology.

D.

SACG Essentially through 802.1X Technology controls access users.

Full Access
Question # 17

When the -aa command is used on the access control device to test the connectivity with the Radius server, the running result shows success, but the user cannot Normal access, the possible reason does not include which of the following options?

A.

The access layer switch does not start EAP Transparent transmission function.

B.

wireless 02K In the scenario, the access control device is not equipped with a security board

C.

AD The service controller is not added in the authentication scenario AD area.

D.

The user account or password is incorrectly configured.

Full Access
Question # 18

The AD/LDAP account can be synchronized to the Agile Controller-Campus or not to the Agile Controller-Campus. Synchronize.

The Agile Controller-Campus can only be authorized by user group. If it is not synchronized to the Agile Controller-Campus, it can be fine-tuned based on the account.

Authorization

A.

right

B.

wrong

Full Access
Question # 19

Traditional network single--The strategy is difficult to cope with the current complex situations such as diversified users, diversified locations, diversified terminals, diversified applications, and insecure experience.

A.

right

B.

wrong

Full Access
Question # 20

Regarding the trigger mechanism of 802.1X authentication, which of the following descriptions is correct? (multiple choice)

A.

802.1X Authentication can only be initiated by the client.

B.

802.1X Certification can only be done by certified equipment(like 802.1X switch)Initiate

C.

8021X The client can trigger authentication through multicast or broadcast.

D.

The authentication equipment department triggers authentication through multicast or unicast.

Full Access
Question # 21

Which of the following options is right PKI The sequence description of the work process is correct?

1. PKI Entity direction CA ask CA Certificate. .

2. PKI Entity received CA After the certificate, install CA Certificate.

3. CA receive PKI Entity CA When requesting a certificate, add your own CA Certificate reply to PKI entity.

4. PKI Entity direction CA Send a certificate registration request message.

5. PKI When the entities communicate with each other, they need to obtain and install the local certificate of the opposite entity.

6. PKI Entity received CA The certificate information sent.

7. PKI After the entity installs the local certificate of the opposite entity,Verify the validity of the local certificate of the peer entity. When the certificate is valid,PC The public key of the certificate is used for encrypted communication between entities.

8. CA receive PKI The entity's certificate registration request message.

A.

1-3-5-4-2-6-7-8

B.

1-3-5-6-7-4-8-2

C.

1-3-2-7-6-4-5-8

D.

1-3-2-4-8-6-5-7

Full Access
Question # 22

Which of the following behaviors IPS can not detect?

A.

Virus

B.

Worm

C.

Spam

D.

DOS

Full Access
Question # 23

An account can only belong to one user group, that is, a user can only belong to one department.

A.

right

B.

wrong

Full Access
Question # 24

Install Agile Controller-Campus Which of the following steps do not need to be completed before?

A.

Install the operating system

B.

Install the database

C.

Install antivirus software

D.

Import License

Full Access
Question # 25

In enterprises where terminal host access control management is relatively strict, administrators hope to bind terminal hosts and accounts to prevent terminal users from accessing the controlled network from unauthorized terminal hosts at will. Regarding the description of binding the terminal host and account, which of the following is correct?

A.

exist Any Office When logging in with an account for the first time, the terminal host is automatically bound to the current account, but the automatic binding process requires administrator approval

B.

When other accounts need to be authenticated on the bound terminal host, there is no need to find the asset owner who is bound for the first time to authorize themselves.

C.

Binding terminal hosts and accounts is only applicable to terminal users through Any Office Scenarios for authentication, Not applicable Web Agent Plugins and Web The scenario where the client authenticates.

D.

There are only consoles in the account binding terminal host, which cannot be configured by the administrator.

Full Access
Question # 26

When managing guest accounts, you need to create a guest account policy and set the account creation method. For the account creation method, which of the following descriptions is wrong?

A.

When adding accounts individually, you can choose to create them individually.

B.

If there are a lot of users, you can choose to create in batches.

C.

If there are many users, you can choose database synchronization

D.

In order to facilitate management and improve user experience, self-registration can be used.

Full Access
Question # 27

Regarding CAPWAP encryption, which of the following statements is wrong?

A.

CAPWAP The data tunnel can be used DTLS Encrypted.

B.

DTLS Support two authentication methods:Certificate authentication(out AC,AP Already brought)with PSK Password authentication.

C.

DTLS Encryption can guarantee AC The issued control messages will not be eavesdropped on.

D.

Use the certificate method to carry out DTLS Negotiation, the certificate is only used to generate the key, not right AP Perform authentication.

Full Access
Question # 28

In the park, users frequently enter and leave the wireless signal coverage area due to office needs. If you need to ensure the user's Internet experience, after the user passes an authentication, when he accesses the network again, no important authentication is required:Which of the following authentication methods is recommended?

A.

MAC Certification

B.

82.1 Certification

C.

Portal Certification

D.

MAC(prioritized

Full Access
Question # 29

URL filtering configure exact match www.test.com/news field, then not meet the URL of the filtering strategy include:

Full Access
Question # 30

According to the different user name format and content used by the access device to verify user identity, the user name format used for MAC authentication can be changed.

There are three types. Which of the following formats is not included?

A.

MAC Address format

B.

Fixed username form

C.

DHCP Option format

D.

ARP Option format

Full Access