1. Which of the following are correct about 802.1X access process? (Multiple choices)

2. BYOD solution provide products and systems cover terminals, networks, security, application and management, include serialized BYOD devices, wireless network systems, network access security, VPN gateways, terminal security client software, authentication systems, mobile device management (MDM), mobile eSpace UC, etc.

3. Which of the following is correct for terminal Wi-Fi push order?
1. Any Office mobile office system push Wi-Fi configuration
2. Any Office mobile office automatically apply for certificate.
3. The administrator configure enterprise Wi-Fi push.
4. The terminal automatically accesses enterprise Wi-Fi.

4. Which of the following options is correct for PKI process sequence?
1. PKI entity requests CA certificate from CA.
2. After PKI entity receives CA certificate, it installs CA certificate.
3. When the CA receives CA certificate request from PKI entity, it returns its own CA certificate to PKI entity.
4. PKI entity sends a certificate registration request message to CA.
5. When PKI entity communicate with each other, they must obtain and install the local certificate of the peer entity.
6. PKI entity receives the certificate information sent by CA.
7. After PKI entity installs the local certificate of the peer entity, it verifies the validity of the local certificate of the peer entity. When the certificate is valid, PC entity use the certificate public key for encrypted communication.
8. CA receives the certificate registration request message from PKI entity.

5. Aopt user isolation technology in WLAN networking environment, which of the following statements is wrong?

6. The administrator issues notices to users through the form of announcements, such as the latest software and patch installation notices, etc. Which of the following options is wrong?

7. When use local guest account authentication, Portal authentication is usually used to push the authentication page to the visitor.
Before the user authentication, when the access control device receives HTTP request from the user and the resource is not the Portal server authentication URL, how does the admission control device handle it?

8. When manage guest accounts, you need to create guest account policy and set account creation method. Which of the following descriptions is incorrect for account creation?

9. In WIDS-enabled WLAN network, which of the following statements is correct regarding the determination of illegal devices?

10. When deploy wired 802.1X authentication, if the admission control device is deployed at the convergence layer, this deployment method has features such as high security performance, multiple management devices and complicated management.

11. Which of the following is correct for the roles of Portal authentication system?

12. Which of the following correct for MAC authentication and MAC bypass authentication? (Multiple choices)

13. Which of the following are correct about hardware SACG authentication deployment scenario? (Multiple choices)

14. The traditional network single strategy is difficult to deal with complex situations such as diverse users, diversified locations, diversified terminals, diversified applications and inexperienced experiences.

15. A network use Portal authentication, when the user accesses, he finds that the user name/password is not entered in the pushed Web page.
This fault may be caused by which reason?

16. In agile network, before the user is authenticated, users may need to access servers such as DNS, DHCP and Portal. When the traffic from the user access the server pass through the firewall, the firewall queries the Agile controller-campus server for the agile security group information corresponding to the traffic. Because the user is not authenticated at this time, the Agile controller-campus server informs the firewall that the user belongs to the "unknown agile security group (Unknown)". This will cause the user's traffic to match the "unknown agile security group" before the firewall refreshes the user identity.
After the user passes the authentication, the right authority can't be obtained immediately. How to solve the problem?

17. Mobile smart phone and tablet users establish IPSec encryption tunnel with AE through Any Office client. After passing authentication and compliance checks, they access enterprise services.

18. Typical application scenarios of terminal security include desktop management, illegal outreach and computer peripheral management.

19. The standard 802.1X client that is provided by the Web client and operating system only has the identity authentication function. It does not support the implementation of inspection class policies and monitoring class policies. The Any Office client supports all inspection class policies and monitoring class policies.

20. MAC authentication means that in 802.1X authentication environment, when the terminal does not respond to 802.1X authentication request from the access control device after accessing the network, the access control device automatically obtains MAC address of the terminal and sends it to RADIUS server as a certificate for accessing the network.

21. When all services are allocated according to the user group, account number and terminal IP address range, if the same service is assigned to the user group, account number and terminal IP address range (except the announcement service), the business assigned by the highest priority will take effect.
About the order of priorities, which of the following is correct?

22. The multi-level defense system is mainly embodied at the network level and system level. Which of the following options are used for security protection at the network level? (Multiple choices)

23. Location refers to the terminal environment when terminal user use AC-Campus to access controlled network.
Which of the following about the location is correct?

24. Identity authentication determines whether to allow access by identifying the access device or user.

25. Which of the following is wrong about account blacklist?