HCIE Datacom V1.0 All Files Merged

1.Which of the following statements about 802.1s deployment are correct?
A.Multiple bridges share one spanning tree instance.
B.All VLANs share one spanning tree instance.
C.Each VLAN shares a spanning tree instance.
D.Multiple VLANs share one spanning tree instance.
Answer: D
2. Which type of LSA causes PRC calculation in an existing OSPF network? (Multiple Choice)
A.Type5
B.Type4
c.tyPe3
D.Type2
E.TyPE1
Answer: ABC
3.What is the main reason why RSTP converges faster than STP?
A.RSTP increases the port status.
B.RSTP has a smaller overhead.
C.RSTP is not converged based on timers,

D.RSTP has a smaller timer.
Answer: C
4.ADR needs to be elected between multicast routers running PIM-SM to send and receive multicast
data. Which of the following statements about DR election rules is correct?
A.The DR priority is compared first Ifthe DR priorities are the same, the interface IP address of the PIM
router needs to be compared to elect the DR.
B.The PiM router with the long interface masks elected as the DR.
C.The PiM router with a lower DR priority is elected as the DR.
D.The router with a smaller IP address is elected as the DR.
Answer: A.
5.Which of the following route selection tools is specificto BGP?
B.
C.AS-PATHFILTER
D.
Answer. C
6.Which of the following statements about BGP aggregation are correct? (Single choice)
A.After Aggregate ipv4-address mask is configured, only summarized routes are advertised and specific
routes are not advertised.
B.For IPV6 routes, BGP supports manual aggregation and automatic aggregation.
C.By defaull, BGP is enabled with automatic aggregation.
D.You can manually aggregate routes in the BGP local routing table.
Answer: D
7.Which of the following statements about OSPF is incorrect?
B.
C. The priority field carried in the Hello packet received from the interface must be the same as the
priority configured on the interface
D.
Answer. C
8.Which of the following statements about MPLS labels is incorrect?
A.The length of an MPLS label is 4 bytes, which is encapsulated between the link layer and the network
layer.
B.By default, the device supports the PHP feature. The egress node that supports PHP assigns the label
value 3 to the penultimate hop node,
C.Ifthe stack bottom identifier of the label is $=0, it indicates that the label is the bottom label of the
stack and is directly forwarded by the IP.
D.When the label value is 0, the label should be popped up and packets must be forwarded based on
IPv4.
answer: C
9.Ifthe link between R1 and R2is a PPP link and the directly connected interfaces are not on the same
network segment, but the directly connected interfaces of R1 and R2 can
communicate with each other, but the Ethernet ink cannot communicate with the same IP address,
which of the following is the reason?
RB se Pa
Jq2db8.e. 150 qlo3 .W.Sf5g
A.The POS interface connecting R1 and R2 leams the 24-bit subnet route of the directly connected
interface through IPCP.
B.The POS interface connected to R1 and R2 learns the 32-bit host route of the directly connected
interface through IPCP.
C.POS interfaces on R1 and R2 leam the MAC address of the peer interface through LCP and do not need
to request MAC addresses through ARP.
D.Data packets on the POS interfaces connecting R1 and R2 do not need to be encapsulated with
Ethernet headers. Therefore, they do not need to use ARP to request MAC
addresses.
Answer: BCD
10.To configure the AAA, you need to define the RADIUS server. The definition of he RADIUS server is as
follows:
A TRUE
B. False
Answer: A.
11.The four routers R1, R2, R3, and R4 run IS-IS. The type of the IS-IS router is marked. R1 does not
arrive at R1.
The reason for the route of 10.34.34.4 is as follows:
A.Configure a routing policy on R2 to filter the default route.
B.The system-ID of R2 conflicts with R3.
C.The area planning of R3 and R4 is incorrect.
D.The system1D of R2 conflicts with R1
ANSWER: C
12.ABD in a VXLAN can correspond to multiple VNIs.
A TRUE
B. False
Answer: B
13.Which Types of LSAs Are Summarized When OSPF Is Enabled on the Router HW and the Role of the
Router HW Is ABRs and the abr -surmnary Is Configured?
A. Type 4 LSAs
B. Type 5 LSAs
©. Type 2 LSAs
D. Type 1 LSAE and Type 3LSAs
‘Answer: CD
14.In a broadcast network and a P2P network, when a router receives an LSP, it needs to use the PSNP
to ensure LSDB synchronization.
A Tne
B. False
Answer: B
15.When the and Sis establish a neighbor relationship on a P2P network, they exchange Hello packets
twice to establish a neighbor relationship.
A Ture
B. False
Answer: A
16.After BGP imports routes of other protocols, the next hop in the BGP routing table is the same as the
next hop of the imported routing protocol.
A Tue
B. False
Answer: B
17.When DLOP detects a unidirectional link in a fiber, the default operations are as follows: The DLDP
state machine changes to the Disable state. Output rap information. The
interface is automatically blocked.
A Tue
B. False
Answer: A.
18.The network administrator can use the CAR technology in traffic policing. Which of the following
technologies can be applied in CAR?
A. Dual-bucket dual-rate interface
B. Single bucket rate per bucket
©. Thvee buckets ata single rate
D. Dual Bucket Single Rate
Answer: AD
19.Which of the following attacks are DoS(Denial of service) attacks?
A.Single packet atack
B.Source IP address spoofing attack
C.mim attack
D.Flood attack
Answer: BD
20.Which of the following statements about IS-IS route leakage are correct?
A. The route leaking of the ISIS can be used in the IPV6 environment.
D. IS-ISroute leaking is used to prevent routing loops.

Answer: AD
21.Assume that the traffic shaping rate of an interface is 100 Mbit/s. The input bandwidth and PIR of
each service on the interface are as follows: What is the bandwidth allocated to the
EF queue affer the first round of scheduling?
Bose mse S@AMHe(OPs) PIR(ops)
os Po 15M aM
36 PO 30M 10M,
& WFO , RES ‘90M som
AFA WO), aed 10M 10M
An wra . REI 10M 15M
AED WEO , PEED 20M 10M
AFI WFO, REET 20M 10M
be wo 100M sare
A 30M
B. 15M
c. 90M
D. 25M
Answer: B
22.Huawel two switches SWA and SWB are connected through seven Ethemet ports and are configured
with static link aggregation. The corresponding ports on the switch SW are
Ethemet1/0/2, Ethemett/0/3, Ethemet/0/4, Ethemnet1/0/5, Ethernet1/0/6, and Ethernett/0/7, the

configuration is based on the port sequence. Ifthe switch is SWA or SWB, each
aggregation group supports only six ports.
A. Ethemet 1/0/7 Unselected port when the configuration of each portis consistent
B. Ethernet1/0/6 Unselected port when the configuration of each port is consistent
C. When the configuration of each port is consistent, SWA randomly selects a port from the seven ports
as the Unselected port of the aggregation group.
D.Ethemet1/0/1 Unselected port when the configuration of each port is consistent
Answer: A
23.Assume that BGP/MPLS IPv4 VPN, OSPF, LDP, and static routing protocols have been enabled on the
PE router. Which ofthe following protocols need to enable GR on PEs to
obtain the NSF function?
A.MPLSLOP
8. OSPF
C. BGP
D. Static Route
Answer: ABC
24.Which of the following statements about the TCP sliding window are incorrect? (Multiple choices)
A. Afterthe retransmission timer times out, the transmit end does not receive the acknowledgment, and
retransmits the unconfirmed data
B. The transmit end does not needto transmit a complete window size packet
C. The TCP sliding window allows multiple data packets to be sent before an acknowledgments received,
D. The siding window size can only be increased or remains unchanged.
E. Size ofthe intial window announced by the transmit end
Answer: DE
25.Which of the following BGP prefixes is sent by a BGP router to an IBGP peer?
A.All prefixes imported to BGP by using the network or import command
B.All prefixes in the IP routing table
C.Prefix received from IBGP and EBGP neighbors
D.Prefix that is learned from IBGP and exists in the IP routing table
answer: A
26.Which of the following route selection tools is unique to BGP? (Single choice) (confirmed)
A.Route-policy
B.ACL
C.IP-prefix
D.AS-path-fiter
Answer: D
27.When AAA authentication is performed on Huawei VRP, users can be distinguished by domain
(Domain). Access users can specify the domain name in the user name
to specify the authentication domain
A Ture
B. False
Answer: A
28.Which device sends registration messages to the device near the multicast source?
A.RP
B.C-BSR
C.DR
D.Multicast Source
Answer: A
29.In addition to stateless address autoconfiguration, IPV6 devices can obtain information such as
addresses, gateways, and DNSs through DHCPY6.
A. Tue
B. False
Answer: B
30.Which of the following statements about LDP reliability is incorrect?
A.LDP FRR can also be used to generate LSPs for label mapping from the non-optimal next hop. In
addition, LDP FRR can be used as the backup of the primary
LSP to set up forwarding entries
B.When LOP is associated with IGP, IGP needs to suppress route advertisement to ensure that LOP and
IGP paths are the same
C.The default LDP FRR policy is @ 32-bit backup route, which triggers LDP to establish a backup LSP.
D. The LDP GR(Graceful Restart) separates the MPLS forwarding plane from the contral plane to ensure
uninterrupted forwarding during protocol restart or active/
standby switchover.
Answer: C
31.Which of the following statements about load balancing of data traffic on Huawei devices are
correct?
B. Huawei devices support link aggregation and load balancing for multiple types of interfaces such as
Pos serial and etherne
Answer: B
32.Which of the following statements about the AP authentication function in the P protocol CH are
correct? (Multiple Choice)
A.the authentication party is not configured with a user name, no password can be configured on the
interface of the authenticated party.
B.Use the authentication sequence ID column, random number, and key to calculate a Ha sh value
through the D5 algorithm,
C. Authentication is required for three times. Only the user name is transmitted on the network but not
the password.
D. The user name must be configured on the interface of the authenticated party in CHAP
authentication
Answer: AB
33.After an IPv6 device with the IP address FC00::1 is connected to the network, the following data
packets are captured on the network: This
‘What is the purpose of a data packet?

D. The device confirms the address configuration of other devices on the network.
Answer: D.
34.If there is a LAN running the 802.1D spanning tree protocol, which of the following parameters is not
received by the non-root switch from the root switch?
A. MaxAge
B.Root cost
C. Forward delay
D. Hold time
E.Hello time
Answer: D
35.In the lab network, the network is set up according to the following topology. SW1 is the default
configuration, and SW2 disables the STP function. Which of the following
statements is correct?
A.The G0/0/2 of Sw1 enters the Discarding state.
B.The G0/0/1 of sw2 enters the Discarding state
C.The G0/0/2 of the sw2 enters the Discarding state
D.No interface is blocked.

E.The GO/O/1 of SW1 enters the Discarding state
Answer: D
36.In the aggregate ipv4-address {mask | mask-length} [as-set | attribute-policy route-policy-namet |

detail-suppressed | origin-policy route-policy-name2 | suppress-policy
route-policy-name3] command, multiple parameters can be used to affect the summarization route and
result. Which of the following statements about this command is
correct?
A. If Suppress policy is configured, aggregated routes are generated. The if-match clause of Route-policy
is used to select specific routes to be suppressed. The
specific routes matching Route-policy are still advertised to other BGP peers.
B. If Origin-policy is configured, only the specific routes matching Route-policy can participate in the
aggregation
C. Ifthe Attribute-policy command is configured, you can change the attributes of the aggregated route
D. fAs-set is configured, the AS_ATH of the summarized route contains AS path information of all specific
routes to prevent routing loops.
Answer: BCD.
37.OSPFV3 Router-LSA is generated by each router. It describes the interface address and cost of each
link on the router and the router ID of the neighboring router.
A. Tue
B. False
Answer: B
38.The Option field of OSPFV3 is displayed in all LSAs.
A. Tue
B. False
Answer: B
39.If a port configured with stp loop-protection cannot receive BPDUs, which state does the port enter?
A. Forwarding
B. LeamingLeaming
C. Discarding (Discarding)
D.Other options are correct
Answer: C
40.If the protocol is run on the multicast network, the configuration modes of the PM-SM are classified
into dynamic RP and static RP. Which of the following statements
about the configuration of the RP.RP are correct?
A. When configuring a dynamic RP, you need to configure the BSR as the backup of the RP.
B. When configuring a static RP. you need to configure the BSR to advertise RP information
C. When configuring a static BP, you need to specify RP information on all PIM routers.
D. When configuring a dynamic RP, you do not need to configure a BSR.
Answer: C
41.Which of the following statements about the IPv6 prefix 12A800000000CD30 is correct?
D. 12AB:0:0:CD3::/64
42.When a fault occurs on the HW LAN, you find that there are many unicast frames. If there are many
unknown unicast frames, which of the following resources may be
used up?
A. Available MAC addresses in the system
B.Electric Power
C.Memory Used for Frame Buffer
D.TCAM Entry
E.Available Bandwidth
F.None of the above
Answer: E
43.Which of the following statements about Eth-Trunk link aggregation on Huawei devices are correct?
B. Link aggregation can be applied to Layer 2 and Layer 3 devices.
c
D.
Answer: B
44.The local area network (LAN) uses the 802.1D spanning tree protocol. Which of the following
parameters is received by the switch from the root bridge?
A. Maxage
B.Root Cost
C.Forward delay
D.AB and C
E.None of the other
Answer: D
45.A family user has subscribed to a 10Mb/s broadband sence. To improve user experience, the carrier
can stabilize the 12Mb/s during the speed test. Ifthe token bucket
technology is used to implement this requirement, which of the following methods is optimal?
A. cir 10000 pir 12000
B. cir 10000 cbs 10000 pbs 12000
C. cir 8000 pir 12000
D. cir 10000 cbs 12000 pbs 12000
Answer: A.
46.Which of the following statements about digital certificates is incorrect?
A.Digital signatures ensure the integrity of digital certificates.
B.The digital certificate contains the public key information
C.When the received peer certificate is within the validity period but the device time is incorrect and is
not within the validity period of the certificate, the
authentication fails.
D.Iftwo PRI entities are not in the same CA system, the two PRI entities can authenticate each other as
long as they can identify each other's CA
Answer: D.
47.In the MPLS-BGP-VPN environment, if only BGP and LDP are used to distribute labels, the MPLS label
of the packet can contain a maximum of two labels.
A. True
B. False
Answer: B
48.Which SNMP Message Type Report Event Sent to the NMS Is Reliable?
A. Response
B.Trap
C.Inform
D.Get
E.Get Bulk
Answer: C
49.Which of the following is not included in a digital certificate?
A.Public key information
B.Digital envelope
C.Digital signature
D.Issuer
Answer: B
50.The existing BGP router HW1 is running. The IBGP peer relationship is configured on the router, and
the EBGP peer relationship is configured on the router. Which of the
following statements about IBGP and EBGP neighbors are correct?
A.
B.The router sends the BGP updates leamed from its EBGP neighbors to other IBGP neighbors and EBGP
neighbors.
c.
D.EBGP peers must be directly connected: Otherwise, EBGP-Mul-hop must be configured.
E.IBGP peers can establish neighbor relationships through loopback interfaces.

Answer: [None]
51.On an IPV6 network, two nodes A and B are neighbors. fnode A sends an NS message to node B and
node B replies with an NA message after receiving the message,
check the neighbor status on node A.
A. Reachable
B. Stale
C. Probe
D.Incomplete
Answer: A.
52.In inter-AS VPN-OptionB mode, two ASBRs need to exchange public network LSP labels.
A. Tue
B. False
Answer: B
53.Which of the following statements about OSPF supporting IPv6 are correct?
A. OSPFV3 is required to support IPV6.
B. IPV6 requires Type 10 LSAs.
C. IPV6 requires Type 8 LSAs.
D. Ina broadcast network, packets need to be sent through a multicast address
Answer: ACD.
54.Which of the following is a single-packet attack?
A. Special control packet attack
B. Scanning detection attack
C. DDoS attack
D. Malformed packet attack
Answer: ABD
55.When a BGP RR receives a No_Export attribute from a client, what will the BGP RR do?
A. The RR does not advertise the prefix to any neighbor.
B. The RR advertises only the prefix to other IBGP peers.
C. The RR does not advertise the prefix to other clients and non-clients.
D. The RR does not advertise the prefix to the EBGP peer.
Answer: D.
56.There are two types of community-fiter: Basic community attribute filter and advanced community
attribute filter. Which of the following filter tools makes the advanced
‘group attribute filter more flexible than the basic group attribute filter?
A. ACL
B. Regular-expression
C. AS-path-fiter
D. IP-prefix
Answer: B
57.IPV6 introduces the solicited-node address. Which of the following statements about the address is
correct?
B. solicited-node addresses on router interfaces are automatically generated and can be multiple.
c.
D.
Answer: B
58.The switch uses IPSG to check the source IP addresses of IP packets. The check table used by IPSG is
obtained by listening to the ARP parsing process on the
network
A. Ture
B. False
Answer: B
59.VRRP RC MSE IPP, BAPE HAE 224.0.0.8, TTL 49 255, FA HINES 112.
A. Tue
B. False
Answer: B
60.As shown in the figure, two IPv6 networks can access the IPv4 network, and IPSec tunnels need to be
established between the two IPv6 networks. Which of the following
encapsulation modes can meet the preceding requirements?
A. ESPS tunnel mode
B. None of the above
C. AH+ transmission mode

D. AH# tunnel mode
Answer: A.
61.When the ACL of the VRP has multiple matching rules (rule), which of the following statements about
the matching order is correct?
A. Inthe case of confirmation, it is matched according to the RuleD in ascending order.
B. By default, the device matches packets based on the depth-first principle
C. Inthe case of confirmation, the packets are matched in the order of permit and then deny.
D. There is only one matching order and cannot be modified
Answer: A.
62.Which of the following routes are leamed by R2?
A. R2 can leam all routes of R1
Answer: A.
63.Router A has an IP route with the destination network segment being 10.0.0.1/32 and the outbound
interface being Gigabitethernet0/0/1. Add the following configuration
acl number 2000
tule 10 permit source 10. 0.1.1 0 trafic classifier test
if-match acl 2000 traffic behavior test remark dscp cs3 traffic policy test
classifier test behavior test interface Gigabitethernet0/0/1
ip address10.0.12.1255.255.255.0
traffc-policy test outbound
‘Assume that router A receives the data packet whose destination IP address is 10.0.0.1. Which of the
following statements are correct?
A.Ifthe source IP address of the data packet is 10.0.1.2, the packet can be forwarded and the DSCP field
remains unchanged.
Ifthe source IP address of the data packet is 10.0.1.2, the packet can be forwarded and the DSCP field is
marked as CS3
B.
C.Ifthe source P address of the data packet is 10.0.1.2, the packet cannot be forwarded.
D.Ifthe source IP address of the data packet is 10.0.1.1, the packet can be forwarded and the DSCP field
is marked as cS3.
‘Answer: AD
64.In RSTP, which of the following ports can provide the backup path to the root node of the spanning
tree? What is the status of the port?
A.Alternate port and leaming status. Valid values are as follows
B.Altemate port status and forwarding status
C.Root port and Listening status
D.Designate port and Listening status
E.Alternate port and Discarding status. Valid values are as follows:
Answer: E
65.Which of the following statements about BGP route filtering is incorrect?
A. Configure a routing policy for the locally advertised routes. The policies take effect before the routes
are added to the BGP routing table.
B. The filtering relationship between nodes in a Route-Policy is "OR". That is, a Route-Policy can be used
as long as it is filtered by a node.
C. When a route to a BGP peer is received, a routing policy is executed to filter out unnecessary BGP
routes. These routes are not added to the local BGP routing
table.
D. Inthe same node of a Route-Policy, the relationship between multiple if-match clauses of different
attributes is OR.
Answer: AD
66.In the following topology, all interfaces on the router are enabled with IS-IS. Which of the following
statements are correct? (Multiple answers)
A. Ifthe GE0/0/0 interface of R3 is Down, R2 becomes the master device
B. Hthe Ethemet 0/0/0 interface on R3 goes Down, R2 becomes the master device
C. Ifthe Ethemet 0/0/0 interface of R1 goes Down, R2 becomes the master device.
D. Hthe Ethernet 0/0/1 interface of R1 goes Down, R2 becomes the master device.
Answer: AC
67.In traffic policing, double buckets are used, the number of tokens in bucket C is TC, and the number
of tokens in bucket P is TP. When a packet with a length of B
enters, which of the following statements is correct?
A. IFTP-B>0 and TC-B>0, the packet is marked green.
B. IfTP-B>0 and TC-B<0, the packet is marked yellow.
C. IFTP-B<0 and TC-B<0, the packet is marked red.

D. IF TP-8>0 and TC-B<0, the packet is marked green
Answer: D
68.The interface Serial0 of a router is in OSPF 1, and Serial0 is set as the Silent interface. What is the
impact of the setting?
A. OSPF does not establish any adjacency relationship through this interface.
B. OSPF does not add the routes learned from the interface to the local routing table.
C. OSPF receives route updates from neighbors.
D. OSPF establishes available adjacencies through this interface.
Answer: A
69.Which of the following statements about port mirroring on Huawei devices are correct?
B.
C. Huawei devices support flow-based port mirroring, and mirrored traffic can be copied to multiple
observing ports
D.
Answer: C
70.Which of the following statements about port mirroring on Huawei devices are correct?
C. Huawei devices support flow-based port mirroring, and mirrored traffic can be copied to multiple
observing ports
D.
Answer: C
71.Router R1 and Router R2 run BGP. The two routers are in AS 65234. The route of router R2 exists in
the BGP routing table of router R1, but is not in the IP routing table
of router R1
So what causes the problem to happen?
A. Synchronization Is Disabled
B. BGP Peer Relationship Down
C. BGP Multi-hop is not enabled on R1
D.Routes are not optimal
Answer: D.
72.Which of the following situations causes multicast traffic to fail to be forwarded on a multicast
network? (Multiple choices)
A. The router does not have the RPF route
B. PIMis not enabled on the RPF interface.
C. The upstream router discards the received PIM Join message.
D.Multi-outer egress network. The local router is not a DR.
Answer: ABC.
73.When you troubleshoot a local area network (LAN) where Huawei devices are deployed, you find that
there are a large number of unicast frames with unknown source
MAC addresses on the LAN. if large number of unicast frames with unknown source MAC addresses
exist, which of the following is the greatest impact on the switch?
A. The available bandwidth is consumed
B.Increase the power consumption
C.Memory occupied by buffer frames
D.Consumption of available MAC address entries in the system
E.TCAM entries
Answer: D
74.When IS/IS is used to connect multiple sites on the 1.PE, which of the following statements is
correct?
B. Each site can use a VPN instance to ensure security
C. ISHS can enable the authentication function to prevent malicious attacks.
D. 1848 can enable GR to enhance network stability
Answer: BCD.
75.Which of the following statements about route import is incorrect?
A. the bgp can generate routes in import or network mode. The network mode is more accurate
B. By default, the default metric of the extemal route imported by OSPF is 1, and the type of the
imported external route is Type2
After the level-2 network route of
C. isis is imported to Level, if the import policy is not manually configured, a rauting loop occurs.
D. Routing loops may occur when ISGP routes are imported into OSPF
Answer:C
76.There are two Community-fiter
ip Community-fiter 1 permit 100: 1 200:1
ip community-fiter 2 permit 100: 1
ip Community-fiter 2 permit 200-1
Which of the following statements about Community-fiter is correct?
A.Only when the community attribute carried in the BGP route contains 100:1 and 200:1, the BGP route
matches 2
B.Only when the community attribute carried in the BGP route contains 100:1 and 200:1, the BGP route
matches 1
C.Ifthe community attribute carried in a BGP route contains 100-1, 200:1, or both, the BGP route
matches the BGP route
community-fitert
D.As long as the group attribute value carried in the BGP route contains 100:1 or 200:1 or both of them
are, . the BGP route matches community-filter2
Answer: BD
77.Which of the following statements is correct based on the output of the following figure? ()
A. R3 must be the DIS of a Level-t link.
B. R3 routers are level-2 routers.
C. R3 must be the DIS of a level-2 link.
D. The system ID of the R3 router is 003.000.0000.
Answer: CD
78.When DLDP detects that the intermediate link of an optical fiber exists, Huawei devices perform the
following operations by default: The DLDP state machine changes to
the Disable state. Output trap information. The interface is automatically blocked
A. Ture
B. False
Answer: A
79.Which of the following statements about the DSCP field is incorrect?
A.The CS class in the DSCP divides the data into eight priorities. (Correct answer) (16 priorities)
B.DSCP can indicate the data priority and the drop probability of data
C.The DSCP value can be 0. ifthe DSCP value is 0, the default forwarding mechanism is used
D.When the DSCP value is EF, it indicates that the data belongs to the acceleration forwarding class.
Answer: A.
80.Which of the following cables are used when a switch is connected to the Ethernet port of another
switch?
A.1>3,2>6,3>1,6>2
B.
C.
D.
Answer: A.
81.If multiple candidate RPs are configured in a multicast group, which of the following parameters need
to be compared to elect the RP from multiple candidate RPs?
(Multiple choice)
A.CRP priority
B.Mask length of the group range of the C-RP that matches the group address of the user
C.IP address of the C-RP interface
D.Number of the C-RP interface
Answer: ABC.
82.Which of the following statements about LDP synchronization in IS-IS are correct?
B. LDP synchronization prevents traffic loss during an active/standby link switchover.
c.
D.
Answer: B
83.Which type of prefix is advertised by a BGP router to its IBGP peer (assuming that the router is not
configured as an RR)?
A.The prefix is learned by the EBGP peer, or the prefix is leamed from the RR.
B.The prefix is learned by other BGF neighbors, or the prefix is learned by the network or route locally.
C.The prefix is learned by other IBGP peers, or the prefix is leamed from the EBGP peer, or the prefix is
learned through route import
D.Prefix that exists in the routing table

E.The prefix is leaned by the EBGP peer, or the prefix is leamed by the network or route locally.
Answer: E
84.Which of the following statements about OSPF virtual links are correct?
A. The virtual connection can be set up in any area. After the virtual connection is established. it belongs
to the area.
B. The virtual ink uses the outbound interface P as the link address.
C. Virtual links can be used to solve the problem that area 0 is segmented.
D. The cost of the virtual link is, which is the optimal link.
Answer: C
85.WRED is configured on the newly deployed router HW. Which of the following statements about
WRED are correct? (Multiple choices)
A. WRED can set different drop thresholds and packet loss rates for data packets with different priorities
B. When the traffic exceeds the minimum threshold, WRED starts to discard all ingress traffic (tail drop).
C. Selectively Discard Multiple TCP Flows to Avoid Global Synchronization
D. Lovebandwidth traffic is more likely to be discarded than traffic with high bandwidth
Answer: AC
86.Ifthe OSPF protocol is running on the network, configure the non-backbone area in the OSPP area as
the Totally Stub Totally Stub area and send the LSA with the Is-id
being 0.0.0.0. Which type of LSA? is the LSA?

A. LSAS
B. LSA2
c. LSA
D. LSA3
Answer: D
87.Which of the following statements about 802.1x authentication, RADIUS authentication, and
HWTACACS authentication are correct?
A. RADIUSi authentication and HWTACACS authentication can authenticate the same user at the same
time, which is more secure.
B. Users can access the network in 802.1x authentication mode and pass RADIUS authentication
C. RADIUS authentication and HWTACACS authentication are mutually exclusive. The same user cannot
be authenticated at the same time
D.RADIUS authentication and 802.1x authentication are mutually exclusive
Answer: B
88.Which of the following statements about 802.1x authentication, RADIUS authentication, and
HWTACACS authentication are correct?
A. RADIUSi authentication and HWTACACS authentication can authenticate the same user at the same
time, which is more secure.
B. Users can access the network in 802.1x authentication mode and pass RADIUS authentication
C. RADIUS authentication and HWTACACS authentication are mutually exclusive. The same user cannot
be authenticated at the same time.
D.RADIUS authentication and 802.1x authentication are mutually exclusive
Answer: B
89.The router HW1 and the router HW2 are respectively connected to the network A and the network B.
as shown in the following figure, if you want to establish an IPsec
VPN between HWV1 and HW2,
Which ACL needs to be configured on the router HW1 to transmit the traffic from the LAN to the LAN
through the encrypted VPN tunnel?
Serial 1010 __ Serial 0/00
192,168.1.1/30 ~ 192.168.1.2/30
HW1 HW2
NetwotA \ iit
FastEthernet 0/0/0 FastEtheret 0/010
10.1.1,124 10.12.1124
A.rule permit ip source 192.168.1.10 destination 192.168.1.2 0

B.rule permit ip source 10.1.1.0 0.0.0.286 destination 192.168.1.2 0
C.rule permit ip source 10.1.1.0 0.0.0.286 destination 10.1.2.0 0.0.0.265
D.Rule permit ip source 192.168.1.10 destination 10.1.2.0 0.0.0.266
E.rule permit ip source 10.1.2.0 0.0.0.286 destination 10.1.1.0 0.0.0.265
Answer: C
90.Configure AS-path-Filter ip as-path-fltr 10 permit_100S to match the routes received from AS 100.
A. Ture
B. False
Answer: B
91.A new user complains about poor network performance. The possible causes are as follows:
A.The switch port enters the errdisabled state.
B.Duplicate Duplex
C.Line Error
D.Rate Mismatch
E.Other options are correct.
Answer: B
92.Mainstream large Layer 2 technologies include VXLAN, TRILL, NVGRE, and MPLS.
A Te
B.False
Answer: A.
93.Which of the following statements about LDP synchronization in IS-4S are correct?
B.LDP synchronization prevents traffic loss during an active/standby link switchover.
D.
Answer: B
94.As shown in the figure, R1, R2, and R3 run OSPF and advertise their loopback interfaces. Which of the
following statements is incorrect?
A.R2 Run the flter-policy export command to fiter routes on the loopback interface of R3.
B.R2you can run the filter export command in area 1 to filter routes on the loopback interface of R3.
C.R2 run the filter import command in area 0 to filter routes on the loopback interface of R3.
D.R1 you can run the fiter-policy import command to filter routes on the loopback interface of R3.
Answer: A
95.Which of the following tools can be used to mark routes on a router when the administrator wants to
manage certain routes on the router?
A. IF BGP is running, the community attribute is used to mark routes.
B. Use ACLs to mark routes on routers.
C. Use the tag value to mark the route on the router.
D.Use the ip-prefix to mark routes on the router.
Answer: AC
96.Which of the following statements about the RD attribute filter of BGP are correct? (Multiple choices)
A. IFRD-filter is configured but the RD of the route does not match any RD defined in the rule, the
default matching result is Permit.
B. The relationship between RD-fiter rules is "OR"
C. IFRD-fiter is not configured but RD-fiter is referenced for firing, the matching result is deny.
D. Multiple rules are matched based on the configuration sequence.
Answer: ABC
97.Which of the following statements about the MUX VLAN of Huawei switches are correct?
A.Inthe same VLAN, MUX VLAN and super VLAN can be used together.
B.MUX VLANs are classified into Principal VLAN and Subordinate VLAN, Subordinate VLAN, which are
classified into Separate VLAN and Isolate VLAN
C.Each Separate VLAN can be bound to multiple Principal VLANs
D.Principal Port can communicate with all interfaces in the MUX VLAN
Answer: D
98.Which of the following conditions is used for STP election?
A.Root Bridge Priority and MAC Address
B.Root bridge priority
C.MAC address
D.Port Penalty
Answer: A
99.Which of the following statements about RADIUS are correct?
A. MAC address authentication does not require a user name or password. Therefore, RADIUS
authentication cannot be used.
B. RADIUS authentication and Portal authentication cannot be used together because Portal servers can
be used to authenticate users when Portal authentication is
deployed
C. RADIUS authentication, authorization, and audit are separated
D. RADIUS supports wired and wireless access modes.
Answer: D
100.The network administrator can use the 6to4 automatic tunnel to carry IPv6 data on the IPv4
network. The IPv4 address of the router interface is 138.14.85.210,
Therefore, the tunnel address is 2001:8a0e:55d2:1:230:68ff fe2c:9a6
A. Tue
B. False
Answer: B
101.Which of the following statements about ISS route aggregation are correct?
A.Route aggregation can be configured and takes effect on all types of routers.
B.Route aggregation takes effect only on level~1 routers.
C.Route aggregation takes effect only on level-2 routers.

D.Route aggregation takes effect only on level-1-2 routers.
Answer: A.
102.lf a Huawei switch runs RSTP, what time will the BPDU on a port of the switch be aged? (Confirmed)
A. RSTP does not age BPDU. on an interface
B.After more than 6 seconds
C.After the MaxAge expires
D.After the Hold time expires
E.After the Forward Delay expires
Answer: D
103.To view the routing table of R1, run the display ip routing-table" command on
the routing table is correct?“R1. Router R1 runs OSPF. Which of the following statements about OSPF
information in
A.Inthe routing table, the routing entry marked with "O_ASE" indicates that the entry is leamed through
Type 1 LSAs or Type 2 LSAs
B.In the routing table, the routing entry marked with "O_ASE” indicates that the entry can be learned
only through the route.
C.In the routing table, the routing entry marked with “O_1A" indicates that the route is an intra-area
route
D. Inthe routing table, OSPF is used. The routing entry identified by the identifier is learned by the type 7
LSAs imported from other processes to OSPF.
é.In the routing table, all types of LSAs correspond to unique destination addresses
Answer: B
104.As shown in the figure, why cannot the IS-IS neighbor relationship be established between two
routers?
B. System ID conflicts between two routers
C. INTERFACE NETWORK SEGMENTS OF TWO ROUTERS ARE INCONSISTENT.
105.Which of the following statements about the RD attribute filter of BGP are correct? (Multiple
choices)
A. IFRD-ilter is configured but the RD of the route does not match any RD defined in the rule, the default
matching result is Permit.
B. The relationship between RD-fiter rules is "OR"
C. IFRD-ilter is not configured but RD-fiter is referenced for firing, the matching result is deny.
D. Multiple rules are matched based on the configuration sequence.
Answer: BD.
106.There are many transition technologies in the process of replacing the P4 address used in the
network with the Pv6 address. These technologies are classified into tw
types. One is the PVA4/IPV6 coexistence technology and the other is the v4/P6 interoperability
technology. Which of the following technologies belong to the Pv4/IP6 cc
existence technology? (Multiple choices)
A. NAT64
B. IPV6 over IPv4
C. Dual-Stack
D. ISATAP,
Answer: BCD.
107.Which of the following technologies use tunnel technologies to implement communication between
IPV6 addresses?
A. Dual Stack
B. 6to4
c. IsaTaP
D. NaTe4
Answer: BC
108.Which of the following solutions is optimal for constructing a loop-free Layer 2 network?
A. Stack + link aggregation

B. TRILL+MSTP
C. Stacking +MSTP
D. Link aggregation +MSTP
Answer: A
109.How many bits do MPLS EXP bits occupy?
com>
A.1
B.2
C.3
D.4
Answer: C
110.Which of the following statements about Route Policy are correct? (Multiple choices)
A. Advanced ACLs can be applied to route-policy to filter routes.
B.Entry permit --0 less-equal 128 indicates that all IPV6 routes are allowed to pass through
C.IF more than one node is defined in Route-policy, the matching mode of at least one node must be
permit.
D. The Route-Policy can fiter only the default route
Answer: BCD
111.As shown in the following figure, R1 and R2 establish a E-BGP neighbor relationship and enable BFD.
Which of the following statements is correct?
A.ThE detection time of BFD packets on R2 is 800ms.
B.The detection time of BFD packets on R2 is 600ms.
C.The detection time of BD packets on R1 is 660ms.
D.The detection time of BFD packets on R1 is 1280ms.
Answer: C
112.Which of the following statements about optimal route election of various protocols is correct?
A. OSPF adds all routing information in LSDP to the IP routing table
B. The route with the next hop unreachable in BGP is also added to the IP routing table.
C. Leam different routes to the same destination network segment from BGP and OSPF, and select the
optimal route based on the preference value of the protocol
to add the route to the IP routing table.
D. In BGP, the optimal route to the same destination network segment is selected by comparing the cost
value of the route
Answer: C
113.The PE and CE of the MPLS VPN can use various IGP routing protocols, including RIP,OSPF.ISIS.
Currently, other protocols are not supported.
A. Tue
B. False
Answer: B
114.Which of the following routes are learned by R27
A. R2can leaming all route of R1
‘Answer: [None]
115.As shown in the preceding figure, the two routers can establish IS-1S neighbor relationships.
ANS
SED PE IP LCE TN PEAK, SE PT ee ae See eae pe ere RE een: One Semen gerne Cnpee fone OCeeer Samo,
ee ee
configure IP-prefix-filter
ifless-equal configured , greater-equal not configure, What's the prefix range ?
A. [0, less-equal-value]
B. [mask-length, less-equal-value]
C. [less-equal-value, 32]
D. no limit
Answer: B
116.In a shared network, which of the following mechanisms is used by PIM-SM to prevent repeated
traffic?
A. Register mechanism
B. BSR/RP mechanism
C. Assert mechanism
D.Join/Prune mechanism
Answer: C
117.The HW user is transmitting a large number of files through TFTP. Which of the following protocols
is used by TFTP to transmit data?
A. lemP and UDP
B.IP and TCP
C.uDP
D.NFS
E.FTP
Answer: C
118.Which of the following are used in the Ethernet? (Multiple choices)
moog
A.MAC address in non-standard format
B.CSMAICD in multi-channel access
C.MAC address in the standard format
D.802.5 encapsulated frame
E.Frames encapsulated in 802.3 format
Answer: BCE.
119.The Serial0 interface of a router is added to OSPF area 1, and the interface is configured as a silent
interface. What are the impacts of the preceding configurations?
A. OSPF uses this port to form an available neighbor relationship,
B.OSPF receives and sends route updates from neighbors.
C.OSPF does not add any learned route to the local routing table
D.OSPF does not use this interface to form an available neighbor relationship.
E.Other options are incorrect.
Answer: D
120.The MAC address table of the default switch is empty. Host A connected to the switch sends the
first unicast data frame. What operation will the switch perform after
receiving the data frame?
A. The switch discards the data frame
B. The switch forwards the data frame to an interface according to the destination MAC address of the
data frame.
C. The switch records the source MAC address of the data frame and floods the data frame
D.The switch buffers the data frame and forwards the data frame after the destination host sends the
data frame.
Answer: C
121.There are networks formed by R1, R2, R3, and R4. The four routers are connected through a LAN.
Basic OSPF is deployed on all four routers. When you run the display
ospf peer command on Router R2, you can find that the status between Router R2 and Router R3 is
2way. So what do you get from this output
Theory?
A. Router Ré is the DR.
B.Router R2 is a DR or BDR.
C.Router R2 is not a DR.
D.Router R3 is not a DR or BDR.
E.There is no full adjacency between router R2 and router R3
Answer: CDE.
122.Which of the following advanced functions are supported by BGP EVPN?-
A.ARP broadcast suppression
B.VRRP over VXLAN
C.Multi-active gateway
D.VXLAN Qos
Answer: AC
123.Which of the following statements about the NSA area are correct?
A. Inthe Hello packet sent by the OSPF neighbor in the NSSA, the value of 1,E in the N position of the
option field is 0.
B. A Type 7 LSA is generated in an NSSA to advertise extemal routes. The FA address in a Type 7 LSA is
used to prevent loops.
C. A default LSA is automatically generated in the NSSA to access the extemal network
D. Inthe hetlo message sent by the OSPF neighbor in the NSSA, the value of 0,£ in the N position of the
option-feld is 1
Answer: A.
124.Which of the following service models are included in QoS?
A. Best Effort Model
B. IntSery model
C. DiffServ Model
D. DscP
Answer: ABC.
125.Which of the following statements about BGP confederation is incorrect?
A. Aconfederation divides an AS into several sub-ASs. The As considers that the confederation is an AS.
B. The sub-AS number of the confederation is advertised to BGP peers outside the confederation by
default.
C. The sub-ASs in a confederation can use private AS numbers. A Huawei NE/AR router can be
configured with a maximum of 32 sub-ASs.
D. Aconfederation can easily detect a route selection loop in an AS because EBGP runs between sub-As.
Answer: B
127.As shown in the figure, in the hub&spoke multicast mode of MPLS bgp VPN, to realize that the
branch can only communicate with the headquarters, the branches
‘cannot communicate with each other. Which of the following schemes can be used to set the RT?
A.HQ: Import Target: 12:3 Export Target:12:3 Branch 1: Import Target:12:3 Export Target:12:3 Branch 2:
Import Target:12:3 Export Target:12:3
B.HQ: Import Target: 1:1 Export Target:3:3 Branch 1: Import Target:3:3 Export Target:1:1 Branch 2:
C.HQ: Import Target: 2:2 Export Target:3:3 Branch 1: Import Target:3:3 Export Target:1:1 Branch 2:
D.HQ: Import Target: 12:3 Export Target:3:12 Branch 1: Import Target:3:12 Export Target:12:3 Branch 2:
Answer: D
128.Which of the following statements about the Layer 2 VPN technology are correct?
A. VPLS is a widely used technology on the live network. it can transparently transmit Layer 3 packets
and implement multi-point access.
B. The VPLS configuration is complex, and the Layer 2 network transparently transmits BUM packets
C. BGP EVPN supports tenant isolation, multi-homing, and broadcast suppression
D. BGP EVPN solves the MAC address flapping and multi-tenant problems that VPLS cannot support.
Answer: BCD
129.Which of the following statements about IS-IS route leakage are correct?
B. The route leaking of the ISIS can avoid the sub-optimal path
&.
D.
Answer: B
130.Which of the following improvements have been made in IGMPv2 compared with IGMPv1?
(Multiple choices)
A. The group-specific query packet is added.
B. The packet is added to the group.
C. The maximum response time field is added.
D.Add a Group-and-Source-Specific Query message.
Answer: ABC.
131.In a Huawei device, when ISS imports extemal routes and sets the external route tag of the route
information, the metric type of ISIS does not need to be changed.
Retain the default value
A. Tue
B. False
Answer: B
132.Which of the following statements about the FTP protocol is correct?
A. In FTP Passive mode, the client completes the initialization of control and data TCP sessions
B. In FTP Active mode, the server sends a command "PORT" to notify the client of which port to send
data.
C. FTP always uses a TCP session to transmit control information and data information
D.FIP always uses TCP port 20 to establish a data session. ICP port 21 is used to establish a control
session. E.FTP always uses TCP port 21 to establish a data
session. TCP port 20 is used to set up a control session.
Answer: A.
133.Which of the following statements about the process of sending and receiving data frames in access
mode on a switch are correct?
A. In access mode, packets with labels are discarded directly.
B. In access mode, only data frames without labels are received
C. When a data frame enters a switch interface, the switch learns the destination MAC address in the
data frame.
D. In access mode, the VLAN tag of the data frame is stripped off during transmission.
Answer: D
134.On a switch that has a spanning tree, connect the G0/0/17 and G0/0/18 ports of the switch through
a network cable. Which of the following statements is correct?
A. The GO/0V/17 interface is in the learning state.
B.The two ports are in the forwarding state.
C.GO/O/17 Interface Is Blocked
D.60/0/18 Interface Is Blocked
E.The GO/0/18 port continuously changes between listening and learning
F.Two Ports Are Blocked
Answer: D
135.Which of the following information can be contained in a basic network layer packet? (Multiple
choices)
A. Data Link Layer Header
B. Upper Layer data
C. Network Layer Header
D. Path Record
E. Network tayer tail

Answer: BC
136.Which of the following statements about BGP4+ are correct?
A. Bgp4+ You can run the dampening command to suppress the flapping of ISGP routes.
B. When the router ID of a BCP is changed, the BGP connection between routers is re-established.
C. The Next Hop attribute in BCP4+ is represented by the Pv6 address, which may be the link-local
address of the next hop.
D. bGP4+ does not support automatic route aggregation
Answer: ABD.
137.Which of the following statements about BGP RRs are correct? (Multiple choices)
A. The RR can advertise the routes leamed from IBGP peers to all clients and non-client
B. Inthe absence of an RR, IBGP peer relationships need to be fully interconnected. Route reflectors
(RRs) can reduce the requirements for full interconnection
C. The RR can advertise the routes leamed from the non-client to all clients.
D. A route reflector advertises routes leamed from a client to other clients and non-client.
Answer: BCD.
138.Which of the following statements about inter-AS vpn -Option C are correct?
A. A maximum of two labels are required during packet forwarding.
B. The ASBR does not save VPNv4 routes and does not advertise VPNv4 routes to each other.
C. VPN routes are directly exchanged between the ingress PE and egress PE. No intermediate device is
required to store and advertise VPN routes.
D. The inter-AS VPN -Option-c mode is not applicable to the scenario where multiple ASs are deployed.
Answer: BC
139.Which of the following statements about BGP route selection is incorrect? (Single choice)
A. Non-aggregated routes take precedence over aggregated routes,
B. When Pref-Val and local_preference are the same, ifthe local routes, IBGP routes, and EBGP routes
have the same BGP preference, the local valid routes are
preferred.
C. The following entries are displayed in the BGP routing table: * 172.16.1.11/32 0.0.0.0 10 0? indicates
that the route is available but not optimal.
D. The route whose nexthop is unreachable is invalid and is not preferred
Answer: A.
140.Which of the following ports belong to RSTP?
A. Discarding.
B. Blocking
C. Listening.
D. Forwarding.
Answer: ABCD
141.The company network is frequently attacked by ARP. Which of the following technologies can be
used to prevent ARP attacks?
A.DAL
B. DHCP snooping
C. ARP static MAC binding (not necessarily)
Answer: ABC
142.THE CONFIGURATION OF TWO ROUTERS IN A COMPANY IS AS FOLLOWS, WHICH OF THE

FOLLOWING STATEMENT ABOUT THE R1 TABLE IS CORRECT?
EE ————————————_
eS"
A is
a eke evel
‘stevettevet ooo mirth #00100020002
paneer cmk atom se
« c interface here
‘etc then (Danken 190122 2552552550
itemise se ee 4]
engtie '
~ awe looptaia
younerid 30014 padi, 9000 7296255 255.55
“yexoaca al
two 130%2.0000255 :
‘ Nour 10022
Wirroo0s
JQ retuor 0032000820
BY Rxehiaor anes
Only when the R2 ISIS protocol priority is changed to 5, the P route entry whose destination network
segment is 10.0.2.2/32 on R1 is generated by OSPF.
B. If the IS-IS protocol priority of R1 is changed to 5, the P route entry whose destination network
segment is 10.0.2.2/32 on R1 is generated by OSPF.
C. If the priority of the R1 ISIS protocol is changed to §, the P route entry whose destination network
segment is 10.0.2.2/32 on R1 is generated by ISS.
D.Ifthe priority of the R2 ISIS protocol is changed to 5, the P route entry whose destination network
segment is 10.0.2.2/32 on R1 is generated by ISIS.
Answer: C
143.Ifthe router only needs to forward IPv6 packets, no IP\4 protocol or address needs to be configured
on the router.
A. True
B. False
Answer: A.
144.Which of the following statements about the domain-autherticaion-mode md§ hello command in
the ISS process are correct?
B. Ifthe domain authentication mode of all routers in the same routing domain is MDS and the password
is HELLO, ISS packets are flooded normally.
c.
D.
Answer: B
145.Which of the following statements about ISIS deployment in an IPv6 environment are correct?
A. On a broadcast network, the DIS priorities of IPv4 and IPv6 can be set separately.
B. By default, the DIS priority of a Level-1 or Level-2 broadcast network interface is 1
C. Inthe same broadcast network, if each router supports both IPv4 and IPV6, the DIS of IPv4 and IPv6
must be the same device
D. When the ISIS silent command is run on an IS-IS interface, the interface does not send IS-IS packets
but receives ISS packets.
Answer: A.
146.VRRP packets are encapsulated in IP packets and the sending address is 224.0.0.8. The TTL value is
255 and the protocol number is 112.
A. Tue
B. False
Answer: [None]
147.Which Scenario Can Use AS-path -filter??
A. Apply clause in Route-policy
B. itmatch clauses in Route-policy

C. Filter routes sent to BGP peers based on the AS_PATH attribute carried in the routes. For example,
run the peer x.x.x x as-path-fiter export command,
D. Filter routes received from BGP peers based on the AS_PATH attribute carried in the routes. For
example, run the peer x.x.xx as-path-fiter import command,
Answer: BCD.
148.Which of the following statements about the LDP session establishment process are correct?
A. After the TCP connection is set up, the active party sends an initialization message to negotiate the
parameters related to the LDP session
B. The party with a larger transmission address functions as the active party and initiates a TCP
connection.
C. The Hello message discovered by the LDP neighbor uses the TCP packet with the destination address
being the multicast address 224.0.0.2
D. After both ends receive the Keepalive message from the peer end, the LOP session is set up
successfully.
Answer: AD
149.An OSPF router is connected to area 0 and area 1. You configure area 1 as a stub area. What are the
types of LSAs that are operated only in area 1?
A. Type 7 LSA
B. Type 1 LSA and Type 2 LSA
C. 1 LSAs, Type 2 LSAs, and Type 5 LSAs

D. 3 LSAs and Type 4 LSAs
E. 1 LSAs, Type 2 LSAs, and Type 3 LSAs
Answer: E
150.There is no type of LSA in the OSPF stub area
A. Type 7
B. Type 5
1. Type 4
D. Type 3
Answer: AB
151.Which of the following statements about the topology and configuration are correct?
A. The route to the destination network segment 10.0.3.3/32 does not exist on R1.
D. A route with the destination network segment 10.0.2.2/32 exists on R1
Answer: AD
152.Which of the following statements about OSPFV3 is incorrect?
A.When a router is shared, each OSPFV3 process runs independently.
B.Multiple instances can run in the same OSPFV3 process on an interface.
C.Multiple instances can be run on a single link.
D.The OSPFYv3 packet header contains the Instance ID field
Answer: B
153.Which of the following technologies are used to improve the reliability of MPLS BGP VPN?
A.VPNGR
B. VPNFRR
C. Configuring CE Dual-Homing Networking at the Access Layer
D. VPNIP route FRR between PEs and CEs
Answer: ABCD
154.Which of the following statements about LACP are correct? (Multiple Choice) 2(
A. Run the following commands to avoid frequent flapping of the Eth-Trunk interface due to physical link
faults: interface eth-trunk 1
lacp preempt enable
lacp preempt delay delay-time
B. You can run the following commands to configure source IP addresses for load balancing in an
enabled LAG: interface eth-trunk 1
load-balance src-dstip
C. You can run the following command to delete a member interface from an enabled LAG:
interface Gigabitethemnet0/0/0 shutdown
interface Gigabitethernet0/0/1 undo eth-trunk 1
interface Gigabitetheret0/0/ undo shutdown
D. You can add member interfaces to the LAG that is enabled by running the following command:
interface Gigabitethemet0/0/1 shutdown
interface Gigabitethemet0/0/1 trunkport Gigabitethernet0/0/ interface Gigabitethernet0/0/1 undo

shutdown
Answer: AC
155.Which of the following statements about inter-AS MPLS VPN is false?
A.Honly LDP is used as the public network label of an interface, Layer 3 labels are required for packet
forwarding in inter-AS vp -Option-c solution 2.
B. Ininter-AS vPN-OptionB mode, the MP-eBGP neighbor relationship needs to be established between
two ASBRs.
C. Ininter-AS ven -OptionA mode, the routes transmitted between two ASBRs are common IP\4 routes.
D. Ininter-AS vPN -OptionB mode, two ASBR-E interfaces are connected through multiple interfaces
(including sub-interfaces). Each interface is associated with a
VPN.
‘The ASBR-PE considers the peer end as a CE.
Answer: AD
156.To reduce the delay (delay) and jitter (jitter) of important traffic, FR and PPP can fragment packets
and bind multiple PVCs.
A. Tue
B. False
‘Answer: [None]
157.What are the possible causes of a BGP connection failure after it is successfully connected?
A. Open packets fail to be negotiated.
B. The mandatory attributes in the route update packet are lost.
C. After a BGP connection is set up, no keepalive packet is received within the negotiated holdtime.
D. An incorrect BGP packet is received.
Answer: A.
158.Two routers are connected through serial ports, but the interconnected ports cannot be pinged.
Now, check the port status as follows:
(No picture is attached. One PPP link and one HDLC link can be used to find the cause.)
A. The link bandwidth is insufficient
B. The IP addresses are not in the same network segment
C. The link layer protocol is inconsistent.
D. The subnet mask does not match.
Answer: C
159.Which of the following statements about the stub area and NSSA area of OSPF are incorrect?
A. Ina stub area, Type 5 LSA cannot be injected. In an NSSA, Type 5 LSA can be injected.
B. Type 3 LSA can be injected to stub areas and NSSA areas
C. Type 4 LSA cannot be injected to stub areas and NSSA areas.
D. The Type7 LSA cannot be injected into the stub area, and the Type7 LSA can be injected into the
NSSA.
Answer: A.
160.Which of the following statements about the process of NDP parsing link-layer addresses is correct?
‘Query = What is your ink address?

ICMP Type = 136
=I of
ofA
Ad ae eae dlayer address of B
A Tue
B. False
Answer: B
161.There is a AS-PATH-FILTER:
A 100
B. 3100
c. 1234 1400
Answer: ABC.
162.Configure queue-based traffic shaping. If the queue length exceeds the buffer size, tail drop is
performed by default.
A True
B. False
Answer: B
163.Which of the following statements about FR mapping are correct?
A. Dynamic address mapping is used to map the known DLC! to the next hop through the FR Inverse
ARP.
B. Even ifthe Inverse ARP function is enabled, static mapping also needs to be configured.
C. When the LMI is disabled, the Inverse ARP works properly.
D. On Huawei VRP platform, Inverse ARP is disabled by default
Answer: A.
164.Which of the following statements about ISIS authentication are correct?
A. Interface authentication can authenticate Level-1 and Level-2 Hello packets
B. After interface authentication is configured, the IIH sent by the router must cary the authentication
TLV.
C. After area authentication is configured, the IIH, SNP, and LSP sent by the router must carry
authentication information
D. Area authentication and interface authentication are configured on the two routers. Ifthe passwords
are the same, the two routers can establish neighbor
relationships
Answer: AB
165.Which of the following configurations are correct for OSPFV3 route aggregation?
A. [HuaweiJospiv3 1
[Huawei-ospfv3-t]abr-summary c00:0: 48 cost 400
B. [Huaweijospiv3 4
[Huawei-ospfv3-t]asbr-summary f00:0-: 48 cost 20 tag 100
C. [HuaweiJospiv3 1
[Huawei-ospfvd-tJarea 1
[Huawei-ospfv3-1-area-.0.0.1Jasbr-summary fc00:0:: 48 cost 20 tag 100
D. [HuaweiJospiv3 4
[Huawei-ospfv4-tJarea 1
[Huawei-ospfv3-1-area-0.0.0.t]abr-summary fc00-0:: 48 cost 400
E. [Huaweijinterface GigabiteEthemet0/0/1
[Huawei-GigabiteEthemet0/0/1Jasbr-summary fc00-0:: 48 cost 20
F. [Huaweijinterface GigabiteEthemet0/0/1
[Huawei-GigabiteEthemet0/0/1Jabr-summary f¢00:0-: 48 cost 400Answer: BD
Answer: BD
166.The Level-1-2 IS transmits the Level-2 LSP to the Level-t area. Ifthe ATT in the Level-2 LSP is 1, it
indicates the Level-1 in the area This Level-1-2 IS can be used to
connect to external areas
A. Tue
B. False
Answer: B
167.Which of the following statements about SA in IPSec is incorrect?
A. An SAis uniquely identified by a triplet, including the security parameter SP(Security Parameter
Index), source IP address, and security protocol number (AH or
ESP).
B. You can run the display ipsec command to view information about the encryption algorithm and
traffic that are used between the and another PSec peer.
IPSec supports only symmetric encryption algorithms to encrypt data
D. An Ipsec VPN connection can be established only when a bidirectional SA exists between IPSec peers.
Answer: A.
168.Which statements about IPSec VPN are true? (Multiple answers)
A. In aggressive mode, NAT traversal is supported. In master mode, NAT traversal is not supported
B. Two routers establish an IPSec VPN in master mode. The payload data is often encrypted from the fith
packet (included),
C. Two routers establish an IPSec VPN in aggressive mode. The two devices exchange four packets at
least to set up a tunnel.
D. The two routers can establish an OSPF neighbor relationship through the IPSec VPN tunnel and
exchange internal routes
Answer: BC
169.The topology and configuration are as follows. Currently, the R1 routing table does not contain the
detailed routing entries of 10.0.3.3/32. Which of the following
statements can be used to implement this requirement?
A. summarizes routes on R3 and summarizes the routes as 10.0.0.0/16.
D. Configure fiter-policy on R1, match 10.0.3.3/32 with ACL, and apply the ACL to the import direction
Answer: AD
170.As shown in the figure, the IS-IS neighbor relationship is established between R1 and R2. Which of
the following statements about the LSDB synchronization between
R1 and R2 is correct?
Ry) = R2
Ripo-oo <_ PAP
Riaq-op
A.The packet sent from R1 to R2 is a PSNP packet
B.The packet sent from R1 to R2 is a CSNP packet
C.The packet sent by R1 to R2 is an LSP packet
D.The packet sent from R1 to R2 is a Hello packet
Answer: B
171.Which of the following is the feature of IPv6 multicast compared with IPv4 multicast?
B.
D. The first eight bits of an IPV6 multicast address are always FF(1111 1111).
Answer: D
172.Which of the following statements about EVPN TypeS routes is incorrect?

A. The IP Prefix field can carry either the host IP address or the network segment address
B. TypeS is an IP prefix route
C. TypeS routes carry both Layer 2 and Layer 3 VNis
D. TypeS routes carry Layer 3 VNIs.
Answer: C
173.A company sets up an OSPF network. As shown in the following figure, all links form an OSPF
neighbor relationship. All devices advertise their loopback interface
addresses. The S1-R2 and S2-R1 links are faulty on a certain day. Which of the following statements are
correct? (Area 0 is split.)
A. R§ can leam the route of the loopback interface of R2.
B. R3 Cannot Leam the Route of the Loopback Interface of R2
C. Rt can leam the route to the loopback interface of R2.
D. R3 can eam the route of the loopback interface of R2.
Answer: AB
174.If a multicast group has multiple receivers and the administrator enables the IGMP-Snooping
function on the switch connected to the receiver, how does the receiver,
respond when the receiver receives the General Query message from the querier?
A. All receivers respond with Report messages

B. Only IGMPV1 hosts respond to Report messages.
C. The receiver with the first response timeout sends a Report message. Other receivers do not send the
Report message
ANSWER:A
175.All receivers respond to Report messages only after IGMPV2 is run
Answer: A.
176.Which of the following statements about RP is correct?
C. RP records the multicast sources of the entire network.
D.
Answer: [None]
177.Inter-device link aggregation implements data stream transmission and mutual backup between
member switches. However, because the bandwidth of stack cables
between stacking devices is limited, which of the following methods can be used to improve forwarding
efficiency?
A. Connecting a stack card through a stack card
B. Enable the multimaster check function.
C. Configure AC address switching in the stack system.
D.Enable local preferential forwarding of traffic.
Answer: B
178.Which of the following statements about the BSR mechanism are correct?
A. Multiple C-8SRs can be configured in a PIM-SM domain, but only one BSR can be elected.
B. The BSR collects C-RP information through the received C-RP packets.
C. The BSR floods Bootstrap packets to advertise BSR information and C-RP information to all routers in
the PIM-SM domain
D. AC-BSR can also collect C-RP information through the received C-RP packets.
Answer: ABC.
179.if the Option field in the OSPFv3 Hello packet sent by the GigabitEthernet0/0/0 interface of router A
is 0x000013, which of the following statements are correct? (Multiple
answers)
A. The GigabitEthernet0/0/0 interface of router A belongs to the NSSA area,

B. GigabitEthernet0/0/0 of router A participates in IPV6 route calculation
C. Router A is an OSPFV3 device with the forwarding capability
D. Router A supports AS-Extemal-LSA flooding.
Answer: BCD
180.Which of the following statements about VRRP are correct?
A. Both VRRPV2 and VRRP v3 support authentication
B. The VRRPV3 does not support the authentication function, whereas the VRRPv2 supports the
authentication function
C. VRRP\2 applies only to IP\4 networks and VRRPV3 applies only to IPV6 networks.
D. The VRRP priority of the owner of the Mater IP address is 255. Therefore, the priority range that can
be configured is 0-254
Answer: B
181.As shown in, if OSPF is configured on R1 but R1 cannot learn routes from other routers, the possible
cause is ()
[RtJospt
[Rl-ospF-t]area 2
[R1-ospf-1-area-0.0.0.2jnetwork 10.0.13.1 0.0.0.0
A. The area ID configured for the router is diferent from the area ID of the neighbor router.
B. The OSPF process ID is not configured on the router.
C. The advertising network address of the router does not match the interface mask.
D. The router is not configured with the authentication function, but the neighbor router is configured
with the authentication function
Answer: AD
182.The ip ip-prefix ip-prefix-name [index index-number] {permit | deny} ipv4-address mask-length

[match-network] [greater-equal greater-equal-value] [less-equal less-equal-
value] command is used to configure the ip-prefix.. If tess -equal-of a prefix list is specified but greater-
equald- does not exist,
Specify, so what is the range of the prefix?
A. [mask-length ,less-equal-value]
B. [less-equal-value,32]
C. There is no restriction
D.[0. less-equal-value]
Answer: A.
183.‘The authentication types of the SIS include interface authentication, area authentication, and
routing domain authentication.
A Ture
B. False
Answer: A
184.‘Which of the following operations can implement fast fault detection on a multicast network?
(Multiple choices)
A. Shorten the Holdtime of the Join/Prune message
B. Reducing the Interval for Sending Hello Messages on an Interface
C. Establishing PIM BFD Sessions Between Neighbors
D. Reducing the Interval for Sending Join/Prune Messages
Answer: BC
185.Both ISIS CSNP packets and OSPF DD packets are on the MA network, which describes the functions
of the link status database. Which of the following statements
are correct? ()
A. Both types of packets need to be confirmed by the peer router after being sent. Otherwise, the
packets need to be retransmitted
B. The master/slave relationship in the DD packet exchange of the OSPFA is not bound to the DR/BDR.
CSNP packets are generated only by the DIS.
C. After the adjacency is set up, CSNP and DD packets stop sending.
D. The two types of packets do not need to be confirmed by the peer router after they are sent
Answer: B
186.Which of the following is correct when ospf timer dead 20 is configured on Huawei VRP platform?
A. OSPF Hello Interval Cannot Be Determined
B. OSPF hello interval: 6s
C. The dead interval of OSPF is 20 seconds
D. The dead interval of OSPF is 80 seconds.
Answer: AC
187.Which of the following is not a function of the EVPN Type2 route?
A.Host MAC address advertisement
B.Host ARP notification
C.BUM packet forwarding
D.Host IP route advertisement
‘Answer: C
188.In the VLAN (802.1Q) data encapsulation, a total of six bits are represented by the priority field.
A. Tue
B. False
Answer: B
189.Which of the following statements about the IS-IS extension feature are correct?
A. ISAS can determine whether to authenticate the received SNPs and LSP packets
B. When the amount of information in the link state protocol data packet PDU to be advertised by IS-S is
too large, the ISIS router generates multiple LSP
fragments to carry more ISIS information.
D. Ifthe network has devices from other vendors and does not support LSP fragmentation, set the
fragment extension mode to Mode-1. Otherwise, non-Huawei
devices cannot identify the packets.
Answer: ABD
190.Which of the following statements about the attributes of ISS LSPs are correct?
A. The LSP fast flooding function floods the LSPs smaller than the specified number to speed up LSDB
synchronization
B. By configuring the intelligent timer generated by the LSP, the timer can automatically adjust the delay
time according to the change frequency of the routing
information.
C. When the link state information increases, the packet length of the SP may be increased, so that each
LSP may cary more information.
D. Reducing the minimum interval for sending LSPs on an interface can speed up LSP flooding.
Answer: AB
191.The network administrator defines a traffic policing policy as follows:
The router port for which the policy is applied has been idle for about 10 seconds. In this case, if there is
a large amount of burst traffic of the c1 type, how many bytes
are there in green packets?
A. 256K bytes
B. 32KB
C. 48128 bytes
D. 80128 bytes
Answer: C
192.The BGP 4+ command is run between two routers. The neighbor relationship is normal, but the BGP
routing table of the local router does not contain the routing entry of
the neighbor. Which of the following is the possible cause?
A. The routes in the peer BGP routing table are not optimal
B. The next hop address of the BGP route entry is unreachable.
C. Peer ignore is configured on the peer end.
D. Active-route-advertise is configured on the peer end.
Answer: AD
193.What is the function of RT in MPLS VPN? (Multiple choices)
A. Allow the peer PE to determine which VPNv4 routes to be imported to a specific VRF.
B. Allow the peer PE to determine which VPNv4 routes are not imported to the specified VRF.
C. Allow the peer CE to determine which VPNv4 routes to be imported to a specific VRF
D. Allow the peer CE to determine which VPNv4 routes are not imported to the specified VRF.
Answer: AB
192.If PIM-SM is run on a multicast network, a multicast forwarding tree must be established between
the multicast source and receiver so that receivers can receive
multicast data. Which of the following statements about the multicast forwarding tree are correct?
(Multiple choices)
A. The RPT is constructed between the RP and the receiver.
B. An RPT is established between the multicast source and RP.
C. An SPTis established between the RP and receiver.
D. An SPT is established between the multicast source and RP.
Answer: AD
193.Which of the following statements about the BGP anti-loop mechanism are correct?
A. ASs use the AS-PATH attribute to prevent loops.
B. Cluster List is used to prevent loops in the RR cluster. The router finds that the Cluster List of the
route contains its own.
The cluster ID will reject the route
C.The routes learned from IBGP are not advertised to IBGP peers. This prevents routing loops inside the
AS.
D.The AS-CONFED-SET attribute can be used to prevent loops in the confederation
Answer: ACD.
194.Which of the following statements about the registration mode of GVRP interfaces on Huawei
switches are correct?
B.
D. When the fixed registration mode is selected, the interface cannot propagate dynamic VLAN
Answer: D.
195.Which of the following statements about MPLS BGP VPN is incorrect?
A. IBGP enables the ALoopback interface address to establish a stable BGP neighbor relationship.
B. Static routes, OSPF multi-instance, |SiS multiinstance, and EBGP can be used for route switching
between PEs and CEs.
C. The TTL field in the label is used to prevent loops.
D.BGP Soo is used to prevent routes from a VPN site from passing through the MPLS backbone network
to the site. Soo is an extended group attribute
automatically generated by MP-BGP.
‘Answer: D
196.ISAS does not send CSNP packets on P2P networks during neighbor relationship establishment.
A. Tue
B. False
Answer: B
197.Type 5 LSAs in OSPF are used to transmit external routes. Which of the following statements about
Type § LSAs is incorrect?
A. The routers in the same area as the ASBR can calculate extemal routes through intra-area LSAs and
Type-5 LSAs.
B. A policy can be configured on the ABR and ASBR to filter Type § LSAs.
C. Type-S LSAs are advertised by ASBRs and flooded on OSPF networks in non-Stub/NSSA areas.
D. The Type 5 LSA contains the FA address, and the FA address is 0.0.0.0. The FA address is reserved and
does not take effect.
Answer: D
198.What Is the Relationship Between CIR,BC and TC?
B.
c.
D. BCICIR
Answer: D
199.The topology of a multi-protocol network is shown in the following figure. Carefully study the
topology. Router Rd (in Area 1) will use BGP.
After the learned routes are imported to the OSPF process, which types of LSAs are advertised by R3 to
the area 077
A. Type 4 LSA
B. Type 5LSA
C. Type 1LSA
D. Type 7LSA
E. Type 2LSA
Answer: AB
200.Router A and Router B are directly connected and run OSPF. However, Router A and Router B
cannot form a neighbor relationship. Which of the
following causes the neighbor relationship to fal to be established?
A. The interval between hello and dead does not match.
B. Network Mask Mismatch
C. Authentication Mismatch
D. Regions do not match.
E. Process Mismatch
Answer: ABCD
201.Ifthe default route does not exist in the local IP routing table, run the default route-import
command to advertise the default route to the BGP peer or peer group,
A. Tue
B. False
Answer: B
202.Which of the following statements about configuring BGP4+ are correct? (Multiple choices)
A. Router-ID of BGP4+ is the same as Router-1D of BGP4.

B. BGP4+ The Link-Local address must be used when a peer is specified
C. The next hop of the BGP4+ route does not use the Link-Local address.
D. BGP4+ When a reflector is configured, the role of the reflector and client must be the same as that
configured on the BGP4
E. BGP4+ does not support route reflectors.
Answer: AC
203.Which AS_PATH can be matched by the ip as-path-fiter 1 permit “12.*74S command?
A. AS_PATH (32 1274 23)
B. AS_PATH (123 621 743 2374)
C. AS_PATH (321 12 2374)
D. AS_PATH (125 328 74 23)
Answer: B
204.In the BGP EVPN distributed gateway scenario, which of the following packets is required to
implement VM migration?
A.Type 3
B.Type 5
C.Type 4
D.Type 2
E.Type 1
Answer: D
205.The sequence number parameter and the age parameter are used to determine whether the LSA is
new or old. Which of the following statements about the two
parameters are correct?
A. When the age of an LSA received by the router is set to 360s, the LSA is unavailable.
B. The sequence number and age parameters can be used to determine the old and new LSAs. The
router prefers the sequence parameter. A larger value indicates
a higher priority.
C.When the router receives two LSAs with the same sequence number, the checksum is the same, and
the smaller the age, the better
D. Ifthe sequence number of the LSA reaches the end value Ox7FFF, the current router advertises age as
the Isa of 3600s.
Answer: C
206.NSF(Non-Stopping-Forwarding) and NSR (Non-Stopping Routing) is a high reliability solution. Which

of the following statements are CORRECT? ()
A. NSR routers need to negotiate with each other through specific packets to support NSR.
B. After NSF is enabled, the routing table and forwarding table remain unchanged after the master/slave
switchover of routers. Therefore, trafic is not lost during GR.
C. After NSR is enabled, ifthe batch backup of senices is not complete, the main control board is faulty.
As a result, NR switching cannot be completed.
D. NSF routers do not need ta negotiate with each other through specific packets to support NSF.
Answer: BC
207.To configure the AAA, you need to define the XRADIUS RADIUSA server as follows:
[Huawei Jradius-server template EXAM
Huawei-radius-EXAMJradius-serve shared-key cipher HUAwei123 [Huawei-radius-EXAMJradius-se

authentication 10.7.66.66 1812
Huawei-radius-EXAMJradius-seerver authorization 10.7.66.661812
Huawei radius -EXAMJradius-sener retransmit 27. 1813,
Huawei-radius-EXAMJradius-serv accounting 10
A. Tue
B. False
Answer: B
208.What can be used to prevent users from accessing multiple devices through the hub on the access
port of the switch? (Single choice)
A. [Huaweilinterface GigabitEtheret 0/0/1

[Huawei-GigabitEthemetO/0/1]}port link type trunk
[Huawei-GigabitEthemeto/0/'Jport trunk allow pass vian 10
B. [Huaweiinterface GigabitEthemet 0/0/1
[Huawei-GigabitEthemetO/0/1]}port link type access
[Huawei GigabitEthemeto/O/jipsg enable
C. [Huaweilinterface GigabitEthemet 0/0/1
[Huawei-GigabitEthemet0/O Jport link-type access
[Huawei-GigabitEthemet0/O Jport-security enable
D. [HuaweiJinterface GigabitEthemet 0/0/1
[Huawei-GigabitEthemet0/O Jport link-type access
[Huawei-GigabitEthemet0/O Jport-isolate enable
Answer: C
209.Which of the following statements about LDP LSP establishment are true?
A. By default, the label mapping received by the LSR for the same FEC can only come from the optimal
next hop rather than the non-optimal next hop.
B. When the next hop neighbor changes due to the network topology change, the liberal label retention
mode is used. The LSR can directly use the label sent by the
‘non-optimal next hop neighbor to reestablish the LSP.

C. In the label advertisement DoD mode, for a specific FEC, the LSR does not need to obtain the label
request message from the upstream, and distributes and
distributes the label.
D. The process of establishing an LSP is to bind the FEC to the label and advertise the binding to the
upstream LSR of the LSP.
Answer: BCD
210.What happens after the configuration is complete according othe curent network and configuration
information?
Ip adress 20.1.1.1 256.255 258.0
Ospf 200
‘1930000
Network 20:1.1.00.00285
Network 201..00.00.286
A.The neighbor relatonshp can not estabish between RTA and RTE
B.The neighbor relatonshp cannot estabish between RTE and RTC
C.wILL cause the routing flapping
D.The neighbor relationship is established and al network segments are reachable
ANSWER:D
211.Which of the following statements about IBGP and EBGP neighbors are correct? (Multiple choices)
A. The router sends the BGP updates learned from its IGP peers to other IBGP neighbors and EBGP
neighbors
B. The router sends the BGP updates learned from its EBGP neighbors to other IBGP neighbors and EBGP
neighbors.
C. IBGP peers must be directly connected. Otherwise, IBGP-Multi-hop must be configured.
D. EBGP peers must be directly connected. Otherwise, EBGP-Multi-hop must be configured.
E. IBGP neighbors can establish neighbor relationships through loopback interfaces.
F. EBGP peers must establish neighbor relationships through directly connected physical interface
addresses.
Answer: BDE
212.Which of the following routes is used to advertise extemal routes in BGP EVPN?
A.Type 4
B.Type l
C.Type 2
D.Type 3
E.Type 5
Answer: E
213.As shown in the figure, an IPSec VPN is established between the branch and headquarters using
redundant links, and traffic from branch 1 is enabled on Router_B.
Which of the following statements about URPF are correct? (Multiple answer)
A.When the IPSec active/standby link redundancy mode is used, URPF is used on physical interfaces.
URPF loose mode is recommended,
B.When IPSec multi-link redundancy is used and URPF is enabled on the tunnel interface, the URPF strict
mode can be used
C.When the IPSec active/standby link redundancy backup is used, the URPF strict mode can be used
when URPF is enabled on the physical interface
D.When IPSec multi-link redundancy is used and URPF is enabled on a physical interface, the URPF strict
mode can be used
Answer: A.
214.The multicast IP address is 229.130.130.1, and the corresponding MAC address is:
A.00-00-5-02-82-01
B.00-00-5E-82-82-01
C.01-00-5E-82-82-01
D.01-00-5E-02-82-01
Answer: D
215.Which of the following statements about the current topology are correct?
9 eee eae —teararser $e
1a
work-entity 49,0002-0901.0901.0001.00 ini 1
a iestevel devel 1
Interface Fthenaet0/0/0. hetnork-ene sty 49,.0001,0907..9007 .0007.08
Tp address 10:0-12.1 255, 255.255.0 Summary 19-0-0.0 255.258.0,0 Level-a
ibas enable 1 ®
‘ Interface Fthernet0/0/0
he Bddress 1b.0.22.2 25%, 255.255.0
network-entity 49.0001.0003.0003.0003.00 gn ie
’ Totenface Etherneto/ 0/1
Interface ethe
0/070 6 98.9/ 358. 268-258.0
Tp address 10,8:23,3°255,255,255.0
ainterface Laoptacko Intertace Loopback
1p address 10.0-3.3 255.255.255.255, ip address 10.0+212 255.255.255.255
Abt2 enable t ifs enable 1
’*
A. Because R2 routes are aggregated, only 10.0.0.0/16 routes exist in the IP routing table of R1
B. The routing entries of 10.0.2.2/32 and 10.0.3.3/32 exist in the IP routing table of R1
C. The routing entries of 10.0.3.3/32 and 10.0.0.0/16 exist in the IP routing table of R1
D. The routing entries of 10.0.2.2/32 and 10.0.0.0/16 exist in the IP routing table of R1
Answer: C
216.An OSPF protocol is running on a network of a company. To understand the OSPF mechanism, an
engineer performs the following operations on the network:
Which of the following statements about OSPF packets is correct? (Multiple choices)
A. LS Update packets are synchronized to the LSDB by sending detailed LSA information.
B. After receiving the LS Update packet, the router must send LS Ack to acknowledge the packet
C. After an interface is added to an OSPF area, the interface immediately sends Hello packets
D. LS Update packets are sent only when the adjacency relationship is established
Answer: BC
217.Which of the following statements about the inter-AS VPN Option-B solution is incorrect?
A.During packet forwarding, the two ASBRs need to exchange VPN private LSPs.
B.MP-EBGP neighbor relationships need to be established between two ASBRs.
C.The inter-AS VPN-option-B solution is not restricted by the number of links between ASBRs.
D.The two ASBRs exchange outer labels for VPNv4 routes.
Answer: D
218.Which of the following statements about Filter-policy are correct?
A. Using the FilterPolicy command, you can fitter the generation of type 5 LSA and type 7 LSA on the
ASBR in OSPF.
B. The prefix list can fiter routes or fiter data packets
C. The Filter-Policy can fier the received or advertised link status information and modify the attributes
of route entries.
D. When the prefix list is used to filter routes, ip ip-prefix 1 deny 0.0.0.0 0 less-equal 32 indicates that
only the default route is matched.
Answer: A
219.After the shutdown command is run on two directly connected devices that establish an IBGP peer
relationship, the BGP connection is not interrupted immediately.
A. Tue
B. False
Answer: A
220.Which of the following statements about HTTPS is incorrect?
A. HTTPS protocol uses TCP port 443 by default
B.HTTPS uses SSL VPN to ensure data security
C. When auser uses HTTPS to access a website, if the user's browser cannot identify the digital
certificate of the website, the user cannot access the website
D. ifthe HTTPS traffic contains viruses, the router cannot use the IPS technology to detect viruses.
Answer: B
221.The RD is used to distinguish the same IP address in different VPNs. How many bits does an RD
contain?
A.16
B.64
C.32
D. 128
Answer: B
222.In an IS-4S broadcast network, if the interface priority of a router is set to 0 during adjacency
establishment, the router does not participate in DIS election.
A Ture
B. False
Answer: B
223.Which of the following statements about IS-IS route priorities are correct?
B. The priority of the IS-4S default route is 16.
D.
Answer: B
224.Which of the following statements about IPv6 Over VXLAN is incorrect?
A. IPV6 over VXLAN indicates that the overlay network of the VXLAN is an IPV6 network.
B._IPV6 over VXLAN can solve the problem of insufficient IP address resources for terminal tenants.
C. The tunnel between Layer 2 and Layer 3 VXLAN gateways is an IPvd network,
D. The IPV6 Over VXLAN does not generate entries.
Answer: D
225.Which of the following statements about the packet processing mode in the MPLS network model is
incorrect?
A.The label forwarding path LSP is determined and established through various protocols during packet
forwarding.
B.LER and LSR distribute labels.
C.The label is not stripped on the LSR.
D. The device discards the IP packets that enter the MPLS domain
Answer: AD
226.Which of the following statements about R2 routing entries are correct?
A. 2020:-/64 The router is displayed in the IP routing table
B. 2022:-/64 The router is displayed in the IP routing table.
C. 2019:-/64 The router is displayed in the IP routing table.
D. 2021::/64 routers are displayed in the IP routing table.
Answer: ABC
227.Which of the following statements are correct?

A. Ifthe R2 Ethemet0/0/1 interface goes Down, the R1 BFD session can quickly detect the fault and
notify R1 that the OSPF neighbor relationship is Down.
B. The BFD session goes Up only when the OSPF status changes to Full
C. Ifthe R2 Ethemet0/0/0 interface goes Down, the next hop of the route from R1 to 10.0.2.2 is changed
to 10.0.21.2.
D. Ifthe BFD function is disabled in R2, the BFD session of R1 becomes Down. As a result, the OSPF
neighbor relationship goes Down
E. Ifthe R2 Ethemet0/0/1 interface goes Down, the next hop of the route from R1 to 10.0.2.2 is changed
to 10.0.12.2.
Answer: AD
228.The router HW1 serves as the MPLS LSR router and exists on the carriers network. The router
receives a packet carrying a label, but the label entry does not exist in its
LFIB. How does the router process the packet?
A. Router HW1 uses LDP to create an LSP and creates a new path for the label carried in the packet in
LFIB.
B. The router HW1 discards the packet.
C. The router HW1 uses the default label to forward the packet.
D. The router HW/1 strips the label and searches the FIB for the IP destination address.
Answer: B
229.Which of the following statements about OSPFv33 LSAs are correct?
A. Link State id of Inter-Area Prefix-LSA, including prefix information

B. Router-LSA and Network-LsA do not contain routing information.
C. When Referenced Link State Type-2 of Intra-Area Prefix LSA, Referenced Link State id contains the DR
interface ID.
D. Inter-Area-Prefix LSA also contains Link-Local information.
Answer: BC
230.Which of the following statements about the packet processing mode in the MPLS network model is
incorrect?
A. The label forwarding path LSP is determined and established through various protocols during packet
forwarding.
B. LER and LSR distribute labels.
C. The label is not stripped on the LSR.
D. The device discards the IP packets that enter the MPLS domain.
Answer: AD
231.If there is a LAN that runs the 802.1D spanning tree protocol, which of the following information is
received by the switch on this network from the root switch?
A. Maxage
B. Forward delay
C. Root Cost
D.All the preceding options are correct.

Answer: D
232.What is the relationship between CIR, BC, and TC?
A. TC=CIRIBC
B. CIR=TC/BC
C. CIR=BE/TC
D. TC=BC/CIR,
Answer: D
233.In an intra-domain MPLS BGP VPNF network, two MPLS labels are encapsulated when packets enter
the public network. Which of the following statements about two
labels is incorrect?
A. By default, the router allocates the same label value to all VPNv4 routes destined for the peer PE.
B. The private network label is distributed by MP-BGP, and the public network label is distributed by
LDP.
C. The egress PE uses the inner label to determine the egress CE to which the packet is sent
D. Two labels are used in MPLS BGP VPN. A public network label (also called an outer label) and a private
network label (also referred to as an inner label)
Answer: A.
234.Which of the following statements about MPLS is incorrect?
A. The label space range of dynamic signaling protocols such as LDP and MP-BGP is 16-1023.
B. The MPLS label is 20 bits long and is used for packet forwarding.
C. When the TTL processing mode in pipe mode is used, IP packets are transmitted on the MPLS
network. The TTL value of IP packets is decreased by 1 only on
the ingress node and egress node of the MPLS network,
D. MPLS supports multilayer label nesting. The S bit of the inner label is 1
Answer: A.
A. Tue
B. False
ANSWEr A,
A Tne
B. False
‘Answer: A
237.LDP and IGP association means that IGP suppresses the advertisement of reachable routes to
ensure that LDP and IGP are associated to implement network
convergence. In this manner, IGP and LDP keep consistent paths, minimizing trafic loss and improving
the reliability of the entire network.
A Tue
B. False
‘Answer: A
238.Currently, one switch runs RS TP. If the network topology changes, what is the change of the Layer 2
forwarding entries automatically leamed by the switch? C
A. Allentries are deleted
B.Only the entries related to the port that receives the messages from the TC are deleted
C.All entries except the entries related to the edge port are deleted.
D.If the aging time is set to 15 seconds, all entries that exceed the aging time will be deleted
E.Other entries except the entries related to the edge port and the entries related to the port for
receiving TC messages are not deleted
Answer: C
239.Which of the following statements about the link state routing protocol are correct when no area is
divided?
A.Each router establishes a topology of the entire flood domain
B.Each router learns routes from the route update and adds them to the routing table
C.The router in the flood domain may repeatedly receive the same link state information
D.All routers in the flood domain have the same error state database
Answer: ACD
240.In the topology shown in the following figure, establish the corresponding peer relationship. AS400
receives the 1.1.1.1/32 network route from AS 100. The AS-Path
attribute is?
100 200 300
400 300 200 100
400 200 300 400
300 200 100
B.
ic
D.
‘Answer: [None
241.IPSG can be configured with static binding entries, or DHCP-snooping can be used together to form
a binding table.
A Tue
B. False
Answer: A
242.There is a AS-path-fiter, ip as-path-fiter 1 permit “100(_100)*(_400)*, which cannot match the AS-
PATH.
Attribute
A. 100 400
B. 100 400 400 400
c. 100 200 900
D. 100
Answer: C
243.If the information shown in is displayed, some LSPs in the LSDB of a router are shown in the first
figure in the following figure. A new LSP is received first, as shown in
the second hop in the following figure. Which of the following statements is incorrect?
A.The local router places the newly received LSP in the LSDB.
answer:A
244.Which of the following statements about ISS GR are correct?
A. ISIS GRis enabled by default
B. There are four timers in IS1S GR.
C. ISIS GR uses CSNPs to notify events and maintain neighbor relationships.
D. ISis GR defines a new TLV structure to support this feature.
Answer: D
245.In the process of establishing a neighbor relationship, |S-IS does not send a CSNP packet in a P2P
network type.
A. Ture
B. False
Answer: B
246.The protocols used by TCP ports 443,179,137,110 and 23 are as follows:
E. HTTPS BGP NetBios Name Server POPS, Telnet

Answer: E
247.On a broadcast network, DIS election starts only after the neighbor relationship is established.
A Tue
B. False
Answer: AB
248.Ifa Huawei switch runs RSTP, what time will the BPDU on a port of the switch be aged? (Confirmed)
A. RSTP does not age BPDU. on an interface
B.After more than 6 seconds
C.After the MaxAge expires
D.After the Hold time expires
E.After the Forward Delay expires
Answer: D
249.Which of the following statements about the TCP sliding window are incorrect? (Multiple choices)
A. After the retransmission timer times out, the transmit end does not receive the acknowledgment, and
retransmits the unconfirmed data
B. The transmit end does not need to transmit a complete window size packet
C. The TCP sliding window allows multiple data packets to be sent before an acknowledgment is
received
D. The sliding window size can only be increased or remains unchanged.
E. Size of the initial window announced by the transmit end
Answer: DE
250.Which of the following tools can be used to mark routes on a router when the administrator wants
to manage certain routes on the router?
A. IFBGP is running, the community attribute is used to mark routes
B. Use ACLs to mark routes on routers.
C. Use the tag value to mark the route on the router.
D. Use the ip-prefix to mark routes on the router.
Answer: AC
251.Which of the following statements about digital certificates is incorrect?
A. Digital signatures ensure the integrity of digital certificates.
B. The digital certificate contains the public key information

C. When the received peer certificate is within the validity period but the device time is incorrect and is
not within the validity period of the certificate, the
authentication fails.
D. Iftwo PRI entities are not in the same CA system, the two PRI entities can authenticate each other as
long as they can identify each other's CA
Answer: D
252.Currently, one switch runs RS TP. Ifthe network topology changes, what is the change of the Layer 2
forwarding entries automatically leamed by the switch? C
A. Allentries are deleted
B.Only the entries related to the port that receives the messages from the TC are deleted
C.All entries except the entries related to the edge port are deleted.
D.Ifthe aging time is set to 15 seconds, all entries that exceed the aging time will be deleted
E.Other entries except the entries related to the edge port and the entries related to the port for
receiving TC messages are not deleted
Answer: C
253.When IS-IS is used to connect multiple sites on the 1.PE, which of the following statements is
correct?
B. Each site can use a VPN instance to ensure security.
C. ISS can enable the authentication function to prevent malicious attacks

D. ISS can enable GR to enhance network stability
Answer: BCD
254.The existing BGP router HW1 is running. The IBGP peer relationship is configured on the router, and
the EBGP peer relationship is configured on the router. Which of the
following statements about IBGP and EBGP neighbors are correct?
A.The router sends the BGP updates leamed from its EBGP neighbors to other IBGP neighbors and EBGP
neighbors.
D. EBGP peers must be directly connected: Otherwise, EBGP-Mul-hop must be configured.
IBGP peers can establish neighbor relationships through loopback interfaces,
‘Answer: [None]
255.The switch can suppress traffic to control the impact of loops and other faults on running. Which of
the following traffic configurations is incorrect?
A. [Quidway]interface gigabitethernet 0/0/1
[Quidway-Gigabitethernet 0/0/1}broadcast-supperssion 80
[Quidway-Gigabitethernet 0/0/‘}quit
B. [Quidway]an 10
[Quidway-vian10]broadcast-suppression 1000
[Quidway-dan10}quit
C. [Quidwaylicmp rate-imit enable
[Quidwaylicmp rate-limit total threshold 20
D. [Quidwaylinterface gigabitethemet 20
[Quidway-Gigabitethernet 0/0/'}mulitcast-supperssion 80
[Quidway-Gigabitethernet 0/0/‘}quit
E. [Quidway}an 10
[Quidway-vian10]mulitcast-supperssion 80
[Quidway-wan10}qui
Answer: [None]
256.The network administrator can use the CAR technology in traffic policing. Which of the following
technologies can be applied in CAR?
A.Dual-bucket dual-rate interface
B.Single bucket rate per bucket

C.Three buckets at a single rate
D.Dual Bucket Single Rate
Answer: AD
257.On a RIPng network, a router can advertise default routes to the entire network. Which of the
following statements is correct?
B.
&
D.
Answer: B
258.When AAA authentication is performed on Huawei VRP, users can be distinguished by domain
(Domain). Access users can specify the domain name in the user name
to specify the authentication domain
A. Ture
B. False
Answer: A.
259.Which SNMP Message Type Report Event Sent to the NMS Is Reliable?
A. Response
B.Trap
C.Inform
D.Get
E.Get Bulk
Answer: C
260.The process of and RSVP bandwidth reservation is as follows:
The RSVP bandwidth reservation process is as follows: R1 applies for bandwidth reservation from the
downstream node R2 through the PATH message. R2 uses the
RESV message to respond after receiving the request. R2 continues to apply for bandwidth reservation
through the path message to its downstream node R2 until the
egress router.
A. Ture
B. False
Answer: B
261.The router HWV1 and the router HWV2 are respectively connected to the network A and the
network B. as shown in the following figure, if you want to establish an IPsec.
VPN between HW1 and HW2,
Which ACL needs to be configured on the router HWV1 to transmit the traffic from the LAN to the LAN
through the encrypted VPN tunnel?
192,168.1.1/30 ~ 192,168,1.230
FastEthernet 0/0/0 FastEtheret 0/0/0
10.1.1.1/24 30.12.1724 we
Serial 0100 _— Serial /0/0
A.rule permit ip source 192.168.1.10 destination 192.168.1.2 0
B.tule permit ip source 10.1.1.0 0.0.0.256 destination 192.168.1.2 0
C.rule permit ip source 10.1.1.0 0.0.0.266 destination 10.1.2.0 0.0.0.255
D.tule permit ip source 192.168.1.10 destination 10.1.2.0 0.0.0.266
E.rule permit ip source 10.1.2.0 0.0.0.286 destination 10.1.1.0 0.0.0.255
Answer: C
262.Which of the following statements about LDP LSP establishment are true?
A. By default, the label mapping received by the LSR for the same FEC can only come from the optimal
next hop rather than the non-optimal next hop.
B. When the next hop neighbor changes due to the network topology change, the liberal label retention
mode is used. The LSR can directly use the label sent by the
" non-optimal next hop neighbor to reestablish the LSP.
C. Inthe label advertisement DoD mode, for a specific FEC, the LSR does not need to obtain the label
request message from the upstream, and distributes and
distributes the label.
D. The process of establishing an LSP is to bind the FEC to the label and advertise the binding to the
upstream LSR of the LSP.
Answer: BCD
263.Which of the following statements about IS-1S broadcast network database synchronization are
correct?
RL
S&S R3
R2DIS
A.When R2 functions as the DIS, it periodically sends CSNPs.
Answer: A.
264.Which of the following statements about R2 routing entries are correct?
A.2020::/64 The router is displayed in the IP routing table,
B.2022::164 The router is displayed in the IP routing table.
C.2019:-/64 The router is displayed in the IP routing table,
D.2021-164 routers are displayed in the IP routing table.
Answer:ABC
A. Ture
B. False
Answer: A
266.ADR needs to be elected between multicast routers running PIM-SM to send and receive multicast
data. Which of the following statements about DR election rules is
correct?
A. The DR priority is compared frst. the DR priorities are the same, the interface IP address of the PIM
router needs to be compared to elect the DR.
B. The PIM router with the long interface mask is elected as the DR.
C. The PIM router with a lower DR priority is elected as the DR.
D.The router with a smaller IP address is elected as the DR.
Answer: A.
267.OSPFV3 Router-LSA is generated by each router. It describes the interface address and cost of each
link on the router and the router ID of the neighboring router.
A. Tue
B. False
Answer: B
268.Which of the following routes are leamed by R2?
A. R2can leam all routes of R1
Answer: A.
268.Which of the following statements about SA in IPSec is incorrect?

A. An SAis uniquely identified by a triplet, including the security parameter SP(Security Parameter
Index), source IP address, and security protocol number (AH or
ESP)
B. You can run the display ipsec command to view information about the encryption algorithm and
traffic that are used between the and another PSec peer.
IPSec supports only symmetric encryption algorithms to encrypt data
D. An Ipsec VPN connection can be established only when a bidirectional SA exists between IPSec peers.
Answer: A
269.When a BGP RR receives a No_Export attribute from a client, what will the BGP RR do?
A. The RR does not advertise the prefix to any neighbor.
B. The RR advertises only the prefix to other IBGP peers.
C. The RR does not advertise the prefix to other clients and non-clients.
D. The RR does not advertise the prefix to the EBGP peer.
Answer: D
270.Sinn a faiRioccurs-on the HIVEAN, youtdnd that there. ore many-anicast Eames: there! re.many
inknawm unicast frames silat the kelowang resources may be
used up’
A. Available MAC addresses in the system
B.Electric Power
C.Memory Used for Frame Buffer
D,TCAM Entry
E.Available Bandwidth
E.None of the above
Answer: E
271.When does a BGP peer start to send keepalive packets?
A. Connect Status
B. OpenSent Status
C. OpenConfirm Status
D. Indicates the Established state
Answer: C
272.if a port configured with stp loop-protection cannot receive BPDUs, which state does the port
enter?
A. Forwarding
B. LeamingLeaming
C. Discarding (Discarding)
D.Other options are correct
Answer: C
273.Which of the following is a single-packet attack?
A. Special control packet attack
B. Scanning detection attack
C. DDoS attack
D. Malformed packet attack
Answer: ABD.
274.Which of the following statements about IS-IS deployment in an IPv6 environment are correct?
A. On a broadcast network, the DIS priorities of IPvt and IPv6 can be set separately.
B. By default, the DIS priority of a Level-1 or Level-2 broadcast network interface is 1
C. Inthe same broadcast network, if each router supports both IPv4 and IPV6, the DIS of IPv4 and IPv6
must be the same device
D.When the ISIS silent command is run on an ISIS interface, the interface does not send IS-IS packets but
receives IS-IS packets
Answer: A.
275.After BGP imports routes of other protocols, the next hop in the BGP routing table is the same as
the next hop of the imported routing protocol.
A. Tue
B. False
Answer: B
276.Which of the following statements about LDP synchronization in IS-IS are correct?
B. LDP synchronization prevents traffic loss during an active/standby link switchover.
&
Answer: B
277.To configure the AAA, you need to define the XRADIUS RADIUSA server as follows:
[Huawei Jradius-server template EXAM
Huawei-radius-EXAMJradius-serve shared-key cipher HUAwei123 [Huawei-radius-EXAMJradius-se

authentication 10.7.66.66 1812
Huawei-radius-EXAMJradius-seerver authorization 10.7.66.661812
Huawei radius -EXAMIradius-sener retransmit 27. 1813
[Huawei-radius-EXAMJradius-serv accounting 10
A. Tue
B. False
Answer: B
278.There are many transition technologies in the process of replacing the P4 address used in the
network with the Pv6 address. These technologies are classified into two
types. One is the PV4/IPV6 coexistence technology and the other is the v4/P6 interoperability
technology. Which of the following technologies belong to the Pv4/IP6 co-
existence technology? (Multiple choices)
A. NAT64
B.IPV6 over IPv4.
C. Dual-Stack
D. ISATAP.
Answer: BCD.
279.OSPF\3 is an independent protocol, which is different from OSPF v2. OSPF%3 is based on links
rather than network segments. Which of the following statements is
incorrect?
A. Two routers connected to a link can stil establish neighbor relationships even if their IPv6 address
prefixes are different.
B. A neighbor relationship can be established even if no unicast IPv6 address is configured for the two
routers connected to the link.
C. The OSPFY3 router uses the Link-local address of the neighbor as the next hop for forwarding packets.
D. All OSPFV3 interfaces use the Link-local address as the destination address of packets.
Answer: D
280.Which statements about IPSec VPN are true? (Multiple answers)
A. Imaggressive mode, NAT traversal is supported. In master mode, NAT traversal is not supported
B. Two routers establish an IPSec VPN in master mode. The payload data is often encrypted from the fith
packet (included).
C. Two routers establish an IPSec VPN in aggressive mode. The two devices exchange four packets at
least to set up a tunnel
D. The two routers can establish an OSPF neighbor relationship through the IPSec VPN tunnel and
exchange intemal routes.
Answer: BC
281.The company network is frequently attacked by ARP. Which of the following technologies can be
used to prevent ARP attacks?
A DAI
B. DHCP snooping
C. ARP static MAC binding (not necessarily)
Answer: ABC
282.Which of the following statements about IS-IS route leaking are correct?
A. ISHS route leaking can be used on an IPV6 network
B. ISHS route leaking does not cause neighbor flapping.
C. IntS4S route leaking on an interface, the route before the route leaking cannot be an aggregated
route
D. ISAS route leaking can be deployed on Levelt routers. IS-IS route leaking is used to prevent routing
loops.
Answer: AB
283.Which of the following statements about the stub area in OSPF are correct?
A. ASBRs cannot exist in the stub area.
B. The virtual ink cannot traverse the stub area.
C. type7 LSA cannot be injected in stub areas.

D. The backbone area cannot be configured as a stub area.
Answer: ABCD
284.You need to configure policy-based routing on the router to specify the traffic to be forwarded
through an interface. When policy-based routing is used, which two types of
most typical information can be used to forward traffic along a specific path?
A. TiLand source IP address of data packets
B.Source IP Address and Layer 2 Source Address.
C. Source IP address and specific protocol (such as FTP and HTTP)
D. Senice Type Header and Packet Length
Answer: C
285.Which of the following conditions are met?
(1).BGP router A can select whether to carry the attribute in the Update packet.
(2) frouter B receives an Update packet that contains the attribute, router B cannot identify the
attribute, but also advertises the Update packet that contains the
attribute to router C. router C may identify and use the attribute
A. Aggregator (Aggregator)
D. Community
Answer: AD
286.The process of and RSVP bandwidth reservation is as follows:
The RSVP bandwidth reservation process is as follows: R1 applies for bandwidth reservation from the
downstream node R2 through the PATH message. R2 uses the
RESV message to respond after receiving the request. R2 continues to apply for bandwidth reservation
through the path message to its downstream node R2 until the
‘egress router.
A. Ture
B. False
Answer: B
287.When OSPFV3 and ISS are running on 2 router, you need to import OSPFY3 routes to ISIS. Which of
the folowing configurations ae corect?(Mulpe choices)
A. tue isis 1
[Husnevisis-1]ssevel levels
{Huavvetsis-tnetuorkentty47.0001.0000,0000,0002.00
[Huswevieet] pv? enable topology stanaars
{[Huawetisist]ipv® importsoute ospfv3 tleveht
(Huswevis-t} aut
Huawei osptv3 1
‘[Huaweesptv-t]outersd 22.22
B.[Bua iis 1
THuawerisis-Tistovel evelt
(Huavvetsis-] netwo-ntity 47-0001 0000,0000.0002.00
[Huswensiet] ev® enabe topology stenaard
[Huawetsi-t] pv8 importoute ospv3 1
THuaweiospfv2-]routersd 2222
C.[tua iis 1
{Huayvetsis-1] natwork-entty 47.0001,0000,00000002.00

‘[Hunesisis-1] impor-outeospfv2 1
Huawetisiet} aut
{Huawel ospfv3 1
[Huawetosptv-1]outersd 22.22
D.[OE tua iis 1
Tuawetisis Tis tevel evelt
(Hua vetsis-] netwot-antity 47-0001,00000000.0002.00
THuawetisis-t] mportoute ospfv3 1 evelt
(Huawetsis-thquit [Huawe] ospfv2 1
Huawei osptv2-t} outer 22.22
ANSWER: AC
288.Which of the following statements about ISIS broadcast network database synchronization are
correct?
RL
SB R3
R2DIS
A.When R2 functions as the DIS, it periodically sends CSNPs
Answer: A.
289.Which of the following statements about IS-IS route priorities are correct?
B. The priority ofthe IS-1S default route is 15.
D.
Answer: B
290.Which type of LSA causes partial SPF calculation in an OSPF network? Three correct answers
A. 1LSA
B.2 18A
C.3 Lsa
D.5 LSA
Answer: ABC
291.The Layer 2 network architecture of a company is shown in the following figure. After the
configuration is complete, services cannot be transmitted between departments. Run the
following command to check the device status. The possible causes are as follows:
(No picture is attached. In other words, the three elements of MSTP are different. As a result, the master
portis displayed in the entry.)
A. Revision Level Configurations Between Switches Are Inconsistent
B. The BPDU Interval Between Switches Is Inconsistent
C. Region Name Configurations Between Switches Are Inconsistent
D.Instance VLAN Mapping Configurations Between Switches Are Inconsistent
Answer: ACD
292.On an OSPF broadcast network, there are four routers (RTA, RTB, RTC, and RTD) on the same
network segment. The DR priorities of RTA, RTB, RTC, and RTD are 2, 1, 1, and 0.
‘The router IDs are 192.168.1.1, 192. 168.21, 192.168.3.4, and 192. 168.4.1. Ifthey are enabled on the
four routers,
OSPF protocol. The BDR selected by OSPF is
A.RTB
B.RTC
C.RTA
D.RTD
Answer: B
293.Which of the following statements about ISIS LSP fragment extension are correct?
A. Enable the IS4S router to generate more LSP fragments to carry more IS- information.
B._IS4S fragment extension is also valid for Hello packets.
C. ISS fragment extension is implemented by adding virtual systems. A maximum of 1000 virtual systems
can be extended,
D.The maximum number of fragments that an IS-IS router can generate is 1024
Answer: A
294.Which of the following statements about the domain-authentication-mode md5 hello command in
the ISS process are correct?
A.Routing domain authentication is used to carry authentication information during the transmission of
Level-1 and Level-2 SNPs and LSPs.
B.If the domain authentication mode of all routers in the same routing domain is MDS and the password
is hello, the ISIS SNP and LSP can be flooded normally.
C.This command is used to enable IS-1S Hello packets to carry authentication information during
transmission.
D.IS48 authentication cannot be applied to IPv6.
Answer. B
295.When a router is connected to two EBGP neighbors through two parallel cables, which of the
following methods can be used to implement bidirectional load balancing between
two EBGP neighbors connected through the two parallel serial cables?
A. Configure the loopback interface to establish the EBGP neighbor relationship and configure the EBGP
Multi—-hop. Configure the loopback interface as the update source,
and then use the IGP to implement load balancing among equal-cost paths.
B. Without any method, BGP automatically implements load balancing among different ASs on available
links,
C. Run the ebgp-load-balance command at both ends.
D. Configure the EBGP neighbor relationship with the loopback interface as the update source. The IGP
in each AS must have two equal-cost paths to the loopback interface
address of the EBGP neighbor. in addition, you need to run the next-hop-local command,
E.Configure the EBGP neighbor relationship with the loopback interface as the update source. In each
AS, two equal-cost paths to the loopback interface address of the
EBGP neighbor need to be imported. In addition, you need to run the ebgp-max-hop and next-hop-local
commands.
‘Answer: A
296.Which of the following statements about the detailed information about all VPN instance incorrect?
(Multiple choices:
A The number of instances enabled with IPvé address family in the VPN configured on the local endis 1
B. The device assigns a label to each route of the VPN-Instance vpna
C. VPNnstance vpna does not receive VPN routes whose RT is 2:1
D. The Gigabitethemet1/010 interface is bound to VPN-Instance vpna
answer:AB
297.Which of the following statements about the assertion mechanism is correct?
A.During the winner election, the IP address size is not used as the election condition,
B.The winner is responsible for forwarding multicast data to the broadcast network segment.
C.Assertion mechanism is used for DR election.
D.The loser shut down is connected to the broadcast network in the assertion mechanism.
Answer: B
298.An engineer performs an import operation on an OSPF router on a network of a company. Which of
the following statements about importing route LSAs are correct?
A. Advertising Route is set to the router ID of the ASBR.
B. Setnetmaskto 0.
C. link state id is set to the destination network segment address.
D. link state id and advertising Router can uniquely identify an LEA,
Answer: AC
299.OSPFV3 is an independent protocol, which is different from OSPFv2. OSPFVv3 is based on links
rather than network segments. Which of the following statements is incorrect?
A. Two routers connected to link can stil establish neighbor relationships even if their IPv8 address
prefixes are diferent,
B. Aneighbor relationship can be established even ifno unicast IPv6 address is configured for the two
routers connected to the link.
©. The OSPFV3 router uses the Link-local address of the neighbor as the next hop for forwarding
packets.
D. All OSPFV3 interfaces use the Link-local address as the destination address of packets
Answer: D
300.Which of the following statements about VRRP load balancing are correct?
A.Multiple VRRP backup groups can be created on an interface of a router. The router can serve as the
master of a VRRP backup group or the backup of another VRRP
backup group.
B.VRRP load balancing requires that at least two virtual routers provide forwarding services at the same
time.
C.When load balancing is deployed, the IP addresses of different virtual routers must be configured on
the hosts in the same LAN as the default gateway address.
E.When configuring the priority, ensure that the same router functions as the master in three VRRP
backup groups.
1 Cross-device link aggregation enables data stream transmission and mutual backup of stack member switches However, because of the limited bandwidth of stack cables between stack devices, which of the folowing methods can be used to
improve forwarding efficiency?
□ A. Connect stack devices through stack cards
□ B Enable stack multiple master check function

□ C Configure stack system MAC address switching
□ D Enable traffic local priority forwarding (Right Answers)
Answer: D
2 About the description of CHAP authentication function in the PPP protocol, which of the following are correct? (Multiple Choice)
□ A. If the authenticator does not have a username, the password cannot be configured on the authenticated interface.
□ B Calculate a hash value using the authentication sequence ID, random number, and key by the MD5 algorithm (Right Answers)
□ C. Three-message interactive authentication is required, and the username is transmitted only on the network without transmitting the password (Right Answers)
□ D. The user name must be configured under the authenticated interface of CHAP authentication. (Right Answers)
Answer: BCD
3. A switch is running the Rapid Spanning Tree Protocol (RSTP).

Upon a topology change, what happens to dynamic entries in the L2 forwarding table?
□ A. Only entries behind the port where TC was received are removed.
□ B. All entries are removed except for those behind edge ports and the port where TC was received (Right Answers)
□ C. All entries are removed (purged).
□ D. All entries are removed except for entries behind edge ports.
□ E. The aging timer is set to 15 seconds, so idle entries age out.
Answer: B
4. Which of the following statements is true about the MUX VLAN feature of Huawei switches?
□ A The MUX VIAN and the Super VLAN features can be used together on the same VLAN
□ B The Principal Port can communicate with all ports in the MUX VLAN (Right Answers)
□ C. The Mux VLAN is classified into Principal VLAN and Subordinate VLAN. The Subordinate VLAN is classified into Separate VLAN and Isolate VLAN
□ D. Each Separate VLAN can be bound to multiple Principal VLANs.
Answer: B
5. When you perform troubleshooting on a LAN deployed with Huawei devices, you find that there is a large number of unicast frames with unknown MAC addresses.
What is the biggest risk for the switches?
□ A. Available MAC address table entries in the system will be consumed. (Right Answers)
□ B. Increased power consumption.
□ C. Exhausts memory for buffered frames.
□ D. Exhausts available TCAM entries.
□ E. Exhausts available bandwidth
Answer: A
6. About the description of the process of sending and receiving data frames in the Access mode of the switch interface, which is correct?
□ A. Directly discards when receiving a tagged data frame in Access mode
□ B. Only receive unlabeled data frames in Access mode
□ C When the data frame enters the switch interface, the switch learns the destination MAC address in the data frame
□ D in the Access mode, the VLAN tag of the data frame will be stripped off when sent (Right Answers)
Answer: D
7. In Rapid Spanning Tree Protocol (RSTP), which port provides a backup path to the root bridge and which state should this port be in?
□ A Root port/listemng
□ B. Alternate port/forwarding
□ C. Alternate port/leaming
□ D. Designated port/leaming
□ E. Alternate port/discarding (Right Answers)
Answer: E
8. Which of the following options may affect the establishment of IBGP neighbors? (Multiple Choice)
□ A. Authentication is unsuccessful (Right Answers)
□ B. The BGP protocol version is inconsistent (Right Answers)
□ C. IBGP-Multi-hop is not configured
□ D. IGP routing is unreachable (Right Answers)
Answer: ABD
9. The following is about the RD attribute filter of BGP, what is the correct description? (Multiple Choice)
□ A. If RD-fitter is configured, but the RD of the route does not match any of the RDs defined in the rule, the default match result is Permit
□ B The relationship between the rules configured by RD-filter is "or" (Right Answers)
□ C. If RD-filter is not configured, but this RD-filter is used for filtering, the matching result is deny.
□ D Matching multiple rules in the order of configuration (Right Answers)
Answer: BD
10 ISIS will elect DIS in the broadcast multi-access network Which of the following statement about DIS is correct? (Multiple Choice)
□ A. ISIS elects the DIS by comparing the priorities and compares the MAC addresses if the priorities are the same. (Right Answers)
□ B DIS guarantees database synchronization by periodically sending CSNP messages (Right Answers)
□ C In a broadcast multi-access network, the DIS sends Hello PDUs three times as often (Right Answers)
□ D. DIS supports the preemption function. After the new DIS preemption is successful, you do not need to flood any LSP packets.
Answer: ABC
11. About Filter-policy, which of the following description is correct?

□ A Filtering the generation of type 5 LSAs and type 7 LSAs on the ASBR in OSPF using Filter-Policy (Right Answers)
□ B The prefix list can filter routes as well as filter packets.
□ C. Filter-Policy can filter the received or advertised link state information and can modify the attributes of the route entry.
□ D. When filtering routes using the prefix list, the entry ip ip-prefix 1 deny 0.0.0.0 0 less-equal 32 means that only the default route is matched.
Answer: A
12 The OSPFv3 protocol is a separately developed protocol It differs from OSPFv2 in that OSPFv3 is based on links rather than network segments Which of the following statement is wrong?
□ A. The two routers connected to the link can establish neighbor relationships even if their IPv6 address prefixes are different.
□ B The two routers connected to the link can establish neighbor relationships even if no unicast IPv6 address is configured.
□ C. The routing information obtained by the OSPFv3 router from the neighbor uses the link-local address of the neighbor as the next hop of the forwarded packet.
□ D. All OSPFv3 interfaces use the Link-local address as the destination address of the packet except the virtual link (Right Answers)
Answer: D
13. Which of the following statements are NOT true regarding the TCP sliding window? (Multiple Choice)
□ A If the retransmission timer expires but the sender has not received the acknowledgement, it will retransmit the unacknowledged data
□ B The sender need not transmit a full window's worth of data.
□ C. TCP sliding window allows the transmission of multiple frames before waiting for an acknowledgement
□ D The size of the sliding window can only increase or stay the same (Right Answers)
□ E. The size of initial window is advertised by the sender (Right Answers)
Answer: DE
14. As shown in the following figure, in IPv4 and IPv6 environments the SEL value in an IS-IS NET address is always 00.
___
■OP
API I I DI H^h Ordor DSP Systom ID sr,
- Area ID <i-aa«)
□ A. Ture (Right Answers)
□ B. False
Answer: A
15. As shown in the following figure, a part of the LSP of the LSDB of a router is shown in the first line of the figure. First received a new LSP, the second hop in the following picture, which of the following statement is wrong?
Level 2 Link State Database

LSPID Seq Nua Checksua Holdtiac Length ATT/P/OL
0002. 0007. 0002. 00-00 0x00000019 0x4reb 786 102 0/0/0
Level-2 Link State Database

LSPID Seq Nua Checksua Holdtlae Length ATT/P/OL
0002.0002.0002.00-00 0x00000020 Ox4reb tQO 102 0/0/0
□ A. The router will put the newly received LSP into the LSDB
□ B This router will ignore the LSP received from the neighbor. (Right Answers)
□ C. If it is a point-to-point network, this router will send PSNP
lTD. If it is a broadcast network, the DIS will include the summary information of the LSP in the next CSNP packet
Answer: B
16. Regarding the Stub area and the NSSA area of OSPF, the wrong statement of the following is_____ .
□ A Type 5 LSA is not allowed in the Stub area, but Type 5 LSA is allowed in the NSSA area. (Right Answers
□ B Both the Stub area and the NSSA area are allowed to inject Type 3 LSA.
□ C. Stub area and NSSA area are not allowed to inject Type 4 LSA.
□ D. Type 7 LSA is not allowed in the Stub area, but Type 7 LSA is allowed in the NSSA area.
Answer: A
17. Regarding BGP route filtering, which of the following description is wrong?
□ A. For a locally advertised route, configure a routing policy. The policy takes effect before the route is added to the BGP routing table. (Right Answers)
□ B. The filtering relationship between the nodes of the Route-Policy is "OR", that is, the Route-Policy can be passed with a node filter only.
□ C. When receiving a route from a BGP peer, perform a routing policy to filter unwanted BGP routes. These routes are not added to the local BGP routing table.
□ D in the same node of Route-Policy, the relationship of multiple if-match clauses for different attributes is "OR". (Right Answers)
Answer: AD
18. If the value of the Option field in the 0SPFv3 Hello packet sent by GigabitEthernet 0/0/0 on Router A is 0x000013, the correct description of the following is: (Multiple Choice).
□ A. GigabitEthernetO/O/O of Router A belongs to the NSSA area.
□ B. GigabitEthernetO/O/O of Router A will participate in IPv6 route calculation (Right Answers)
□ C. Router A is an 0SPFv3 device with forwarding capability (Right Answers)
□ D Router A supports AS-External-LSA flooding (Right Answers)
Answer: BCD
19. The ISIS protocol is deployed in an IPv6 environment. The correct statement in the following is:
□ A. In broadcast networks,, the DIS priorities of IPv4 and IPv6 can be set separately.
□ B. By default, the DIS priority of the broadcast network interface on Level-1 and Level-2 is 1
□ C. In the same broadcast network, if each router supports both IPv4 and IPv6, the DIS of IPv4 and IPv6 must be the same device. (Right Answers)
□ D. Configure ISIS silent on the ISIS interface, then this interface will not send ISIS packets, but will receive ISIS packets.
Answer: C
20. After BGP imports routes of other protocols, the next hop in the BGP routing table is the same as the next hop of the introduced routing protocol.
□ A. True
□ B False (Right Answers)
Answer: B
21 There is an AS-path-filter, ip as-path-filter 1 permit A100(_100)*(_400)*, which AS-PATH attribute cannot be matched by the As-path-filter?
□ A. 100 400
□ B. 100 400 400 400
□ C. 100 200 900 (Right Answers)
□ D. 100
Answer: C
22. Which statements about BGP route reflection are true? (Multiple Choice)
□ A IBGP peers must be fully connected in the absence of a route reflector (RR). The BGP route reflection mechanism is introduced to lower the requirement
□ B After learning routes from a non-client, a route reflector (RR) advertises these routes to all clients. (Right Answers)
□ C After learning routes from a client, an RR advertises these routes to all other clients and non-clients. (Right Answers)
□ D. After learning routes from an IBGP peer, an RR advertises these routes to all clients and non-clients (Right Answers)
Answer: BCD
23 Regarding the BGP alliance, which of the following description is wrong?
□ A. The alliance divides an AS into several sub-ASs, and the external AS still considers the alliance to be an AS.
□ B. The sub-AS number of the alliance is advertised to BGP peers outside the alliance by default. (Right Answers)
□ C. The sub-AS number in the alliance can use a private AS number. A Huawei NE/AR router can be configured with up to 32 sub-AS numbers.
□ D. The alliance can easily detect the routing loop in the AS because EBGP is running between sub-ASs.
Answer: B
24. After the BGP connection is successful and it is down again. What are the impossible reasons?
□ A. Open packet negotiation failed (Right Answers)
□ B. The mandatory attribute in the routing update message is lost.
□ C. After the BGP connection is established, the keepalive packet is not received within the negotiated holdtime
□ D. Received incorrect BGP packets.
Answer: A
25. When ISIS area authentication is configured, which ISIS packet carries the authentication information?
□ A. SNPs and LSPs of ISIS Level-1 (Right Answers)
□ B. Hello message of ISIS Level-1
□ C. SNPs and LSPs of ISIS Level-2
□ D. Hello packet of ISIS Level-2
Answer: A
26. The Type 5 LSA in OSPF are used to pass external routes. Which of the following statements about the Type 5 LSA are wrong?
□ A. The router in the same area as the ASBR can calculate the external route through the intra-area LSA and the Type 5 LSA.
□ B. Configure the corresponding policies on the ABR and ASBR to filter the Type 5 LSA.
□ C. Type 5 LSAs are advertised by the ASBR and flooded in the OSPF network in the non-Stub/NSSA area.
□ D The FA address is included in the Type 5 LSA, and the FA address is 0.0.0.0, but has no practical effect as a reservation (Right Answers)
Answer: D
27. Which of following statements is true about the domain-authentication-mode md5 hello command in the IS-IS process?
□ A. The routing domain authentication is used to carry the authentication information during the delivery process of SNPs and LSPs of Level-1 and Level-2.
□ B. The domain authentication mode of all routers in the same routing domain is MD5, the password is hello, and the ISIS SNP and LSP are flooded (Right Answers)
□ C. This command is mainly used to enable ISIS Hello packets to carry authentication information during the delivery process.
□ D. ISIS certification cannot be applied in IPv6 environment.
Answer: B
28 The level-1-2 IS transmits the Level-2 LSP to the Level-1 area. If the ATT bit in the Level-2 LSP is set to 1, the level-1 in the area can pass the Level-1-2 IS to the outside region.
□ A. True
□ B. False (Right Answers)
Answer: B
29 In the OSPF broadcast network, there are four routers in the same network segment, RTA, RTB. RTC, and RTD The DR priorities are 2, 1 1, and 0, and the Router IDs ai 1192 168 1 1,192 168 2 1,192 168 3 1 and 192 168 4 1 If OSPF
protocol is enabled on all the four routers, the BDR selected by OSPF is________
D A RTB
□ B RTC (Right Answers)
□ C. RTA
□ D. RTD
Answer: B
30. Which AS_PATH can be matched by command ip as-path-filter 1 permit A12.*74$?
□ A ASPATH ( 32 1274 23 )
□ B ASPATH ( 123 621 743 2374 ) (Right Answers)
□ C ASPATH ( 321 12 2374 )
□ D ASPATH ( 125 328 74 23 )
Answer: B
31 An OSPF protocol is running on a company network An engineer wants to understand the OSPF mechanism to perform packet capture operations on the network, which of the folowing description about the OSPF packet is correct?
(Multiple Choice)
□ A LS Update message synchronizes the link state database by sending detailed LSA information (Right Answers)
□ B After receiving the LS Update message the router must send LS Ack to confirm
□ C Sending Hello packets immediately after the interface joins the OSPF area (Right Answers)
□ D The LS Update message is sent only when the adjacency is established
Answer: AC
32. In the following topology picture. R1 can access the Internet through R2 and R3. R1 and R2, and R1 and R3 establish an EBGP connection. R2 and R3 belong to the same AS. The default route is advertised through BGP. R2 is the
optimization when requiring R1 to access the Internet traffic. The following practices that can be achieved are (Multiple Choice)
□ A. R2 specifies that the peer R1 sets the MED attribute to 150 in the export direction.
□ B R1 specifies that the peer R3 sets the MED attribute to 150 in the import direction (Right Answers)
□ C. R2 specifies that the peer R1 sets the local priority to 150 in the export direction
□ D R1 specifies that the peer R2 sets the local priority to 150 in the import direction. (Right Answers)
Answer: BD
33. In addition to stateless address autoconfiguration, IPv6 devices can also obtain information such as addresses, gateways, and DNS through DHCPv6.
□ A. True
□ B. False
34 The network administrator is ready to use the 6to4 automatic tunnel to carry IPv6 data on the IPv4 network The IPv4 address of the router interface is 138 14 85 210. so the corresponding tunnel address is 2001 8a0e 55d2:1 230 65ff:
fe2c9a6
□ A True
□ B False (Right Answer*)
Answer: B
35 In an IPv6 network, two nodes A and B are neighbors If node A sends an NS message to node B, if node B replies to the NA message after received the message, so what neighbor status wil be marked as when viewing on the node A?
□ A Reachable (Right Answers)
□ B Stale
□ C Probe
□ D Incomplete
Answer: A
36. As the description of MPLS, which of the following is wrong?

□ A The label space range of dynamic signaling protocols such as LDP and MP-BGP is 16-1023 (Right Answers)
□ B. The length of the MPLS label is 20 bits and is used for packet forwarding
□ C. In the TTL processing mode of the Pipe mode, IP packets are transmitted on the MPLS network The TTL value of the IP packets is reduced by 1 in the MPLS ingress node and the egress node respectively
□ D. MPLS supports multi-layer tag nesting, the S-bit value of the innermost tag is 1.
Answer: A
37. RD is used to distinguish the same IP address in different VPNs. How many bits does the RD contain?
□ A. 16
□ B. 64 (Right Answers)
□ C. 32
□ D 128
Answer: B
38 In the packet forwarding by the way of inter-AS VPN-Option B, the two ASBRs exchange the LSP labels of the public network
□ A True
Answer: B
39 About the description of MPLS lable related information, which of the following is wrong?
□ A The length of the MPLS label is 4 bytes and it is encapsulated between the link layer and the network layer
□ B By default, the device supports the PHP feature, and the label value of the egress node supporting PHP which is allocated to the penultimate hop node is 3.
□ C. If the bottom mark of the label is S=0, it indicates that the label is the bottom label and directly performs IP forwarding. (Right Answers)
□ D When the tag value is 0, it indicates that the tag should be ejected, and the packet must be forwarded based on IPv4
Answer: C
40 View the details of all VPN instances on a network device The results are as follows. Which of the following statements are incorrect? (Multiple Choice)
<Huiw«i> di spiny ip vpn-lnstance verbose

Total VPN-In»tanccs configured : 3
Total IPv4 VPN Instances configured : 1
Total TPv<. VPN-Inolanren ronfigirred : 2
VPN Instance Name and ID : vpna. 6

Description : vjrwl
Service ID : 12
Interfaces : ClgabltEthemetl/O/O
Address family ipv4
Create date : 2018/6/3 16:36:20
Up time : 6 days. 04 hours, 41 minutes and 6" seconds
Route Distinguisher : 100:1
Fsport VPN Targets : 1:1 2:1
laport VPN Targets : 1:1
Label Policy : label per Instance
Per-lnstance Label : 1024
IP FKR Route Policy : 20
WN FRR Route Policy : 12
□ A The total number of instances of the IPv6 address cluster enabled in the VPN configured on the local end is 1 (Right Answers)
□ B The device will assign a label to each route of the VPN-lnstance vpna (Right Answers)
□ C. VPN-lnstance vpna will not receive VPN routes with RT 2:1
□ D. GigabitEthernet 1/0/0 interface is bound to the VPN-lnstance vpna.
Answer: AB
41. The following are the statements about LDP reliability, which one is wrong?
□ A. LDP FRR can also be used to generate an LSP for the label mapping from the non-optimal next hop. And it can be as a backup of the primary LSP to establish the transfer entries.
□ B The association between the LDP and the IGP requires the IGP to suppress the advertisement of the route and ensure that the LDP path is consistent with the IGP path.
□ C. The manually configured LDP FRR policy defaults to a 32-bit backup route that triggers LDP to establish a backup LSP. (Right Answers)
□ D. LDP GR Graceful Restart uses the feature that the MPLS forwarding plane is separated from the control plane. The device does not interrupt when the protocol is restarted or the active/standby switchover is performed
Answer: C
42. What improvements have been made to the IGMPv2 protocol compared to IGMPvl? (Multiple Choice)
□ A Added specific group query message (Right Answers)
□ B. Added off-group messages (Right Answers)
□ C. Added maximum response time field (Right Answers)
□ D. Added specific source group query messages
Answer: ABC
43. If multiple candidate RPs are configured in a certain group of multicasts, which of the following parameters need to be compared between the multiple candidate RPs? (Multiple Choice)
□ A C-RP priority (Right Answers)
□ B Group-wide mask length of the C-RP service matching the group address to which the user joins (Right Answers)
□ C. IP address of the C-RP interface (Right Answers)
□ D. Number of the C-RP interface
Answer: ABC
44 If a DR is elected between the multicast routers running PIM-SM to be responsible for receiving and receiving multicast data on the source or member, what is the correct description of the DR election rules?
□ A. Compare the DR priorities first, if the priorities are the same, you need to compare the IP addresses of the PIM router interface to elect DRs (Right Answers)
□ B. The PIM router with a long interface mask is elected as the DR
□ C. A PIM router with a low DR priority value is elected as the DR
□ DA router with a small IP address is elected as a DR
Answer- A
45. If you run PIM-SM on a multicast network, you need to construct a multicast forwarding tree between the multicast source and the receiver for the receiver to receive multicast data, so the following descriptions are about the constructed
multicast forwarding tree, which are the correct options? (Multiple Choice)
□ A. The RTP tree is constructed between the RP and the receiver (Right Answers)
□ B The RPT tree is constructed between the multicast source and the RP
□ C. The SPT tree is constructed between the RP and the receiver
□ D The SPT tree is constructed between the multicast source and the RP (Right Answers)
Answer- AD
46 As shown in the figure, the IPSEC VPN is established between the branch and the headquarters using redundant links. At the same time, URPF is enabled on the traffic from the branch 1 on Router B. Which of the following options is
.( IPsec Tunnel (>
□ A When using IPSEC backup link redundancy backup, URPF loose mode is recommended when the URPF function enables on the physical interface (Right Answers)
□ B When using IPSEC multi-link redundancy backup, URPF strict mode can be used when URPF function enables on the tunnel interface (Right Answers)
□ C. When using IPSEC backup link redundancy backup, URPF strict mode can be used when URPF function enables on the physical interface.
□ D. When using IPSEC multi-link redundancy backup, URPF strict mode can be used when URPF function enables on the physical interface
Answer: AB
47 The HTTP protocol is based on TCP. Therefore, you can use the TCP Flood attack defense method to defend against HTTP flood attacks.
□ A True
Answer- B
48 As shown in the figure, there are two IPv6 networks that can access the IPv4 network. At the same time, an IPSEC tunnel needs to be established between the two IPv6 networks for communication Which of the following encapsulation
modes can meet the requirements above?
□ A. ESP + tunnel mode (Right Answers)

□ B None of the above options
□ C. AH + transmission mode
□ D. AH + tunnel mode
Answer- A
49. When there are multiple matching rules in the ACL of the VRP, which of the following statements is correct about the matching order?
□ A. On confirmation, follow the Rule-ID, match from small to large (Right Answers)
□ B. By default, match according to the principle of "depth first"
□ C. On confirmation, match the order by matching the permit first and then matching the deny
□ D. There is only one matching order and cannot be modified.
Answer: A
50. The LAND attack is performed by the attacker sending a source address and a destination address to the destination host, they are all the destination hosts The source port and the destination port are the same SYN packet When the
receiver waits for the final ACK packet from the sender, The connection is always in a semi-connected state resulting in waste of limited TCP resources at the receiving end
□ A True
Answer- B
51. What is the relationship between CIR, BC and TC?
□ A. TC=CIR/BC
□ B. CIR=TC/BC
□ C. CIR=BE/TC
□ D TC=BC/CIR (Right Answers)
Answer: D
52 A home user has opened a 10Mb/s broadband To improve the user experience the operator can stabilize at 12Mb/s when measuring speed If we use token bucket technology to achieve this demand, which of the folowing methods is
optimal?
□ A cir 10000 pir 12000 (Right Answers)
□ B cir 10000 cbs 10000 pbs 12000
□ C cir 8000 pir 12000
□ D cir 10000 cbs 12000 pbs 12000
Answer: A
53. Which of the following options is correct for the description of the optimal routing elections for various protocols?
□ A OSPF puts all routing information in the LSDP into the IP routing table
□ B The route with the next hop unreachable in BGP is also put into the IP routing table
□ C. Different routing entries learning from BGP and OSPF to the same destination network segment select the optimal route to join the IP routing table by comparing the preference value of the protocol (Right Answers)
□ D. BGP selects the optimal route to the same destination network segment by comparing the cost value of the route entry.
Answer: C
54. As shown in the following topology diagram, all the interfaces of the router in the figure are all enabled with the ISIS protocol The correct statements of the following are (Multiple Choice)
□ A. If the GE0/0/0 interface of R3 is down, then R2 will become the master device (Right Answers)
□ B If the Ethernet 0/0/0 interface of R3 is down, then R2 will become the master device
□ C. If the Ethernet 0/0/0 interface of R1 is down, then R2 will become the master device (Right Answers)
□ D. If the Ethernet 0/0/1 interface of R1 is down, then R2 will become the master device (Right Answers)
Answer: ACD
55 Which of the following statements about the BFD one-armed echo function are correct? (Multiple Choice)
□ A. The BFD one-armed echo function must be configured with a local identifier and a remote identifier
□ B. The default destination IP address of the BFD one-armed echo function protocol packet is 224 0.0 184
□ C. The BFD one-armed echo function is applicable to scenarios where one device supports BFD and the other device does not. (Right Answers)
□ D After the BFD one-armed echo function is enabled, the destination IP address and source IP address of the BFD packets are the same. (Right Answers)
Answer: CD
56. Which of the following is not the role of EVPN Type2 routing?
□ A. Host MAC address Announcement
□ B. Host ARP Announcement
□ C. BUM message forwarding (Right Answers)
□ D. Host IP route Announcement
Answer: C
57. One BD in VXLAN can correspond to multiple VNI.

□ A. True
Answer: B
58. Which of the following is optimal for building a loop-free Layer 2 network?
□ A. Stacking + link aggregation (Right Answers)
□ B. TRILL+MSTP
□ C. Stacking + MSTP
□ D. Link Aggregation + MSTP
Answer: A
59. By default, the switch configures the MAC address table to be empty. Host A connected to the switch sends the first unicast data frame. What operation will the switch perform after receiving the data frame?
□ A. The switch will discard the data frame
□ B. The switch forwards the data frame out of an interface according to the destination MAC address of the data frame.
□ C. The switch records the source MAC address of the data frame and floods the data frame. (Right Answers)
□ D. The switch caches the data frame and waits for the destination host to send the data frame and then toward it.
Answers C
60. As shown in the figure, three switches SW1, SW2 and SW3, where SW1 is the root bridge, the link between SW1 and SW2 is congested, and SW2 cannot receive the configuration BPDU sent by the root bridge. Which spanning tree
protection mechanism does the administrator need to configure to prevent link congestion?
Sv*/,
z \
------------ ^3
□ A Loop protection (Right Answers)
□ B Root protection
□ C TC-BPDU protection
□ D BPDU protection
Answer: A
61. Which of the following command is displayed to determine that the loop fault of the switch is generated?
A
O LCE02]di splay cpu-defend statistics
Packet Type Pass(Packet/Byte) Drop(Packet/Byte) Last -dropping-t iite
arp-rcply 24 0 -
1536 0
arp“request 2003 0 2018-05-21 16:56:39
140044 0
O [CE02]di splay interface brief I Include up

InUti/OutUti: input uti1ity/output utility
Interface PHY Protocol Inllti Out Uti inErrors outErrors
IEthO/O/1 up up 0. 03* 0. 01* 0 0
HULLO up up(s) 0* 0* 0 0
Vlanifl up up — — 0 0
XClgabltEthernet0/0/l up up 0. 32* 0. 32* 0 0
XGIgobltEthernet0/0/2 up up 0. 32* 0. 32* 0 0
c
O [CE02]di splay cpu-usage
CPU Usage Stat. Cycle: 60 (Second)
CPU Usage : 30% Max: 44% £>
CPU Usage Stat. Time : 2018-05-21 17:19:26
CPU utilization for five seconds: 18%: one minute: 18%: five minutes: 18%
■ax CPU Usage Stat. Time : 2018—05—16 15:56:53.
• [CEO2)dlapl ay trapbuffcr
Trapping buffer configuration and contents : enabled
Allowed mow buffer size : 1024
Actual buffer alze : 266
Channel nunber : 3 . Channel na»e : trapbuffer
Current messagm : 178
■lay 21 2018 16:26:3b CBO2 L21FPP1Z4/WLFVLAMA1.AW1:01D 1.3.6.1.4.1.2011.6.26.160.3.7 MAC nove detected. VLAMID = 1.
lacAddrees - 60de-f326-lbtt>. Original Port = XGEO/O/2. Plopping port * XCEO/O/1.
Please check the network acceesed to flapping port.
Answer: D
62. A total of 6 bits indicating the priority field in the VLAN (802.1Q) data encapsulation
□ A. True
Answer: B
63. Four routers R1, R2, R3, and R4 run ISIS, the ISIS router type is marked, and the routing table is viewed on R1. The reason why R1 does not reach the route of 10.34.34.4 is
Route Flogs: R - reloy, D - download to fib
Routing Tables: Public

Destinations : 5 Routes : 5
Dest1nat1on/lask Proto Pre Cost Flags NextHop Interface
10. 12. 12. 0/24 Direct 0 0 D 10. 12. 12. 1 GlgobltEthernet0/0/0

10. 12. 12. 1/32 Direct 0 0 D 127. 0. 0. 1 GlgabltEthernet0/0/0
10. 23. 23. 0/24 ISIS*-L1 15 20 D 10. 12. 12. 2 GlgobltEthernet0/0/0
□ A. Configure a routing policy on R2 to filter the default route.

□ B. R2's system-ID conflicts with R3
□ C. Regional planning errors for R3 and R4 (Right Answers)
□ D. R2's system-ID conflicts with R1
Answer: C
64. The OSPFv3 Option field appears in all LSA.

□ A. True
Answer: B
65. Which of the following is true about Link-LSA for OSPFv3?

□ A. The Option field exists in the LSA header, not the data area of Link-Isa.
’□ B. Contains both the link-local address of this interface and all IPv6 prefixes of this interface. (Right Answers)
□ C. If the Prefix Option field of a prefix of the Link-LSA is 0x00, the Prefix will not be included in the IPv6 unicast calculation.
□ D. Contains both the link-local address of the interface and all Ipv6 prefixes in the same area on the router.
Answer: B
66. The following topology is available, and based on this analysis, the following statements which are correct?
Rl
isis 1 R2
network entity 49.0001.0001.0001.0001.00 isis 1
ft is-level level-1
interface EthernetO/O/O network ent ity 49.OOOl.0002.0002.0002 .OO
ip address 10.0.12.1 255.255.255.0 suaMary 10.0.0.0 255.255.O.O level 1
isis enable 1 It
interface tthcrnctO/O/O
R3 ip address 10.0.12.2 255.255.255.0
isis 1 isis enable 1
network entity 49.O0O1.O0O3.OO03.OOO3.OO
interface rthernetO/O/l
interface EthernetO/O/O . ip address 10.0.23.2 255.255.255.©
ip address 10.0.23.3 255.255.255.0 1 isis enable 1
isis enable 1 •
•interface LoopBackO interface LoopBackO
ip address 10.0.3.3 255.255.255.255 ip address 10.0.2.2 255.255.255.255
isis enable 1 isis enable 1
□ A. Because R2 does route aggregation, only the routing entry of 10.0.0.0/16 exists in the IProuting table of R1.
□ B. The routing entries of 10.0.2.2/32 and10.0.3.3/32 in the IP routing table of R1.
□ C The routing entries of 10.3.3.3/32 and10.0.0.0/16 exist in the IP routing table of R1.(RightAnswers)
□ D. The routing entries of 10.0.2.2/32 and10.0.0.0/16 in the IP routing table of R1.
Answer: C
67. Which type of prefix will the router running BGP advertise to its own IBGP neighbor (assuming the router is not configured as a route reflector)?
□ A. The prefix is learned through the EBGP neighbor, or the prefix is learned from the RR.
□ B. The prefix is learned by other BGF neighbors, or the prefix is locally learned through network or route introduction.
□ C. The prefix is learned by other IBGP neighbors, or the prefix is learned from the EBGP neighbor, or the prefix is learned through the route introduction.
□ D. Presences existing in routing shows
□ E. The prefix is learned through the EBGP neighbor, or the prefix is learned locally through the network or route (Right Answers)
Answers E
68 As shown in the figure, the AS100 has two paths to the AS400. By default, the best route is transmitted from the AS200 It is known that the path to the AS400 through the AS300 is better Therefore, the following configuration is performed
on the R2 After the configuration is complete, the optimal route is not changed Which of the following operations can make the configuration take effect?
|R2| ip as-path-lilter 1 permit «400$
R2] route-policy med permit node 10
r2-route-policyj if-match as-path-fiter 1
Ir2-route-policy| apply cost 20
1 A Configure deterministic-med in the BGP process of R1

□ B Configure compare- different-as-med in the BGP process of R2
□ C Configure deterministic-med in the BGP process of R2.
□ 0. Configure compare- different-es-med in the BGP process ol R1 (Right Answers)
Answer. D
69. A network consisting of an existing router R1. router R2, router R3 and router R4 These four routers are interconnected via a LAN network Basic OSPF is deployed on al four routers When you execute the common -
the router R2. the status between router R2 and router R3 is "2way" na™ display ospf peer" on
What conclusion can you draw from this output?
□ A Router R4 is DR
□ B. Router R2 is DR or BDR
□ C. Router R2 is not DR (Right Answers)
□ D Router R3 is not DR, nor BDR (Right Answers)
□ E There is no full adiacency between router R2 and router R3 (Right Answers)
Answer. CDE
70 The following statement about the NSSA area, which is correct.
□ A In the OSPF neighbor relationship sent by the OSPF neighbor, the N position in the option field is set to 1. The E position is 0. (Right Answers)
□ B. The NSSA area generates seven types of LSAs to advertise external routes The FA address in the seven types of LSAs is used to prevent loops.
□ C. A default LSA must be automatically generated in the NSSA area to access the external network.
□ D. The OSPF neighbor in the NSSA area sends the hello text The N position in the option- field is 0, and the E position is 1.
Answer: A
71. In the aggregate ipv4-address { mask | mask-length }| as-set | attnbute-pokcy route-policy- namel | detail-suppressed | origin-pokey route-pokey-name2 | suppress-pokey route-pokey- name3 ] command, multiple parameters can be
specified to affect the route summarization process and results
Which statements about this command are true? (Multiple Choice)
□ A If as set is configured the AS_Path of the generated summarized route contains AS_Paths of al specific routes This avoids routing loops (Right Answers)
□ B If suppress pokey is configured the summarized route can be generated the if match clauses of the route pokey can be used Io seleclrvely suppress specific routes Those specific routes that match this route-pokey wil stil be advertised
Io other BGP peers
□ C It origin-policy is configured, only the specific routes that match the route-policy are used Io generate the summarized route (Right Answers)
□ D If attribute-pokey is configured attnbutes can be set ter the summarized route (Right Answers)
Answer. ACD
72. There are two community-fitters:

ip community-filter 1 permit 100:1 200:1
ip community-filter 2 permit 100:1
ip community-filter 2 permit 200:1
Which of the following statements are true? (Multiple Choice)
□ A A BGP route matches community-filter 1 only when the community attributes carried in the route contain both 100:1 and 200:1 (Right Answers)
□ BA BGP route matches community-filter 1 as long as the community attributes carried in the route contain 100:1 or 200:1, or both
□ C. A BGP route matches community-filter 2 only when the community attributes carried in the route contain both 100 1 and 200:1.
□ DA BGP route matches community-filter 2 as long as the community attributes carried in the route contain 100:1 or 200:1, or both (Right Answers)
Answer: AD
73. We can use basic community-fitters or advanced community-filters to fitter BGP routes.
Which of the following tools make the advanced community-filter more flexible than the basic community- filters?
□ A. IP-prefix
□ B. AS-path-filter
□ C. Regular expression (Right Answers)
□ D. ACL
Answer: C
74. The ip ip-prefix ip-prefix-name [ index index-number] {permit | deny} ipv4-address mask-length [ greater-equal greater-equal-value] [ less-equal less-equal-value] command is used to configure an IP-prefix-filter.
If less-equal is specified but greater-equal is not, what is the prefix range?
□ A. [0, less-equal-value]
□ B. [mask-length, less-equal-value] (Right Answers)
□ C. [less-equal-value, 32]
□ D. Not limited
Answer. B
75. The interface SerialO of an existing router goes to OSPF and sets the interface SerialO to the Silent interface. What effect does this setting have?
□ A OSPF does not establish any adjacencies through the interface. (Right Answers)
□ B. OSPF does not add routes learned from the interface to the local routing table.
□ C. OSPF will receive routing updates from neighbors
□ D. OSPF establishes available adjacencies through this interface.
Answer: A
76. Router HW is enabled with OSPF and the role of the router HW is ABR, and abr-surmnary is configured. Which classes of LSA will be aggregated?
□ A. Class 4 LSA
□ B. Class 5 LSA
□ C. Class 2 LSA (Right Answers)
□ D. Class 1 LSA (Right Answers)
□ E. Class 3 LSA (Right Answers)
Answer: CDE
77. Both ISIS CSNP packets and OSPF DD packets are in the MA network, describing the role of the link state database profile. Which of the following statements is correct?
□ A. Both routers need to confirm the two routers after sending them. Otherwise, they need to be retransmitted.
□ B. The master-slave relationship in the DD packet exchange of OSPFA is not bound to the DRZBDR. The CSNP packet is generated only by the DIS. (Right Answers)
□ C. Once the adjacency relationship is established, CSNP packets and DD packets will stop sending.
□ D. The two routers do not need to confirm the peer router after sending.
Answer: B
78. If the default route is not used in the local IP routing table, the default route-import command is used to advertise the default route to the BGP peer (group).
□ A. True
Answer: B
79. Which scenario can use AS-path -filter?

Q A. apply clause in Route-policy
Lt B. If-match clause in Route-policy (Right Answers) . J
□ C Filter the route sent to the BGP neighbor according to the AS_PATH attnbute earned in the route. For example, the command peer x.x.x.x as-path-filter export (Right Answers)
□ D. Filter the route received to the BGP neighbor according to the AS_PATH attnbute carried in the route. For example, the command peer x.x.x.x as-path-filter import (Right Answers)
Answer: BCD
80. Regarding the BGP alliance, which is wrong description?
□ A The Alliance divides an AS into several sub-AS alliances External As still considers the Alliance to be an AS.
□ B. The sub-AS number of the confederation is advertised to BGP peers outside the confederation by default (Right Answers)
□ C. The sub-autonomous system within the federation can use a private AS number A Huawei NE/AR router can be configured with up to 32 sub-AS in a single alliance
□ D. The federation can easily detect the routing loop within the AS because EBGP is running between the sub-AS
Answer: B
81. Which of the following is the correct description of route penetration for ISIS?
□ A. ISIS route penetration can be used in an IPv6 environment (Right Answers)
□ B. ISIS route penetration does not cause neighbors to oscillate. (Right Answers)
□ C. In the route penetration of ISIS, the route before penetration cannot be an aggregate route.
□ D. ISIS route penetration can be deployed on Level-1 routers.
□ E. ISIS route penetration is used to prevent routing loops.
Answer: AB
82. Two EBGP neighbors connected by two parallel cables. What method will you use to achieve bidirectional load sharing between two EBGP neighbors connected through these two parallel serial cables?
□ A. Configure the loopback interface to establish an EBGP neighbor relationship and configure EBGP Multi-hop. Configure the loopback interface as the update source, and then use IGP to implement equal-cost path load sharing between
addresses. (Right Answers)
□ B. Without any method, BGP automatically implements load sharing between different autonomous systems on the available links.
□ C. Use the command at both ends "ebgp-load-balance
□ D. Configure the EBGP neighbor relationship with the loopback interface as the update source. The IGP in each AS must have two equal-cost paths to the EBGP neighbor loopback address. You need to use the command "next-hop-local".
□ E. Configure the EBGP neighbor relationship with the loopback interface as the update source. The IGP in each AS needs to import two equal-cost paths to the EBGP neighbor loopback address. You need to use the commands ebgp-max-
hop and next- Hop-local
Answer. A
83 OSPFv3 and ISIS are running on the router at the same time You need to import OSPFv3 routes to ISIS Which of the folowing configurations is correct (Multiple choice)
□ A (Huawei) isis 1 (Huawei-rsis-1) is-level level-1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-rsis-11 ipv6 enable topology standard (Huawei-isis-1) ipvO import-route ospfv3 1 level-1 (Huawei-isis-1) quit (Huawei) ospfv3 1
|Huaweiospfv3 11 router id 2 2 2 2 (Right Answers )
□ B (Huawei) isis 1 [Huawei-isis-1]is-level level-1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 [Huawei-isis-1] ipvO enable topology standard [Huawei-isis-1] ipv6 import-route osptv3 1 [Huawei-isis-1] quit (Huawei) ospfv3 1
[Huawei-ospfv3-1| router-id 2 2 2 2
□ C (Huawei) isis 1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) ipv6 enable topology standard (Huawei-isis-1) ipv6 import-route ospfv3 1 level-1 (Huawei-isis-1) quit (Huawei) ospfv3 1 (Huaweiospfv3-1) router-id
2 2 2 2 (Right Answers)
□ D (Huawei) isis 1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) import-route osptv3 1 [Huawei-isis-1] quit (Huawei) ospfv3 1 (Huawei-ospfv3-1) router-id 2 2 2 2
□ E (Huawei) isis 1 (Huawei-tsis-1]is-level level-1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) import-route ospfv3 1 level-1 (Huawei-isis-1) quit (Huawei) osph/3 1 [Huawei ospfv3-t) router-id 2 2.2 2
Answer. AC
84. If the router only needs to forward IPv6 packets, there is no need to configure any IPv4 protocols and addresses on the router
□ A True (Right Answers)
□ B False
Answer: A
85, In the intranet MPLS BGP VPNF network, when a packet enters the public network for forwarding, it will be encapsulated with two layers of MPLS labels The following description of the two-layer label, which is wrong?
□ A By default, the router assigns the same label value to all VPNv4 routes destined for the peer PE (Right Answers)
□ B. The private network label is carried and distributed when the route is delivered by MP-BGP The public network label is distributed by the LDP protocol
□ C The egress PE uses the inner label when determining which egress CE the message should be sent to
□ D MPLS BGP VPN uses two layers of labels: public network labels (also known as outer labels) and private network labels (also known as inner labels)
Answer: A
86 The following is about the LDP protocol session establishment process, which is the correct description?
□ A After the TCP connection is successfully established, the active party sends an initialization message to negotiate the parameters related to the LDP session. (Right Answers)
□ B The party with the larger transmission address acts as the active party and initiates the establishment of TCP connection. (Right Answers)
□ C. The Hello message discovered by the LDP neighbor uses TCP packets. The destination address is the multicast address 224.0.0.2.
□ D. After both parties receive the Keepalive message from the peer, the LDP session is established successfully. (Right Answers)
Answer: ABD
87. The router HW1 exists as an MPLS LSR router in the network of the operator HW. The router receives a packet carrying a label, but the label entry does not exist in its LFIB.
So how does the router handle the message?
□ A. Router HW1 uses LDP to create an LSP and creates a new path for the label carried in the packet in the LFIB
□ B. Router HW1 will discard the message. (Right Answers)
□ C. Router HW1 will forward the message using the default label.
□ D. Router HW1 will strip the label and find the IP destination address of the FIB.
Answer: B
88. The following statement about cross-domain MPLS VPN, which is the wrong description?
□ A. When the public network label is only LDP, the cross-domain vp-Option-c scheme 2 needs to use three-layer labels in the packet forwarding process. (Right Answers)
□ B. For the cross-domain vPN-OptionB mode, an MP-eBGP neighbor relationship needs to be established between the two ASBR.
□ C. For the cross-domain vPn-OptionA mode, the route between the two ASBR is a common IPv4 route.
□ D. For the cross-domain vPN-OptionB mode, two ASBR are interconnected by multiple interfaces (including sub-interfaces). Each interface is associated with one VPN. Each ASBR-PE uses the peer as the CE. (Right Answers)
Answer: AD
89 If there are multiple receivers in a multicast group, the administrator enables IGMP-Snooping on the switch connecting the receiver Alter the receiver receives the general query message from the querier the receiver receives multiple
receivers How to respond?
□ A All recipients will respond to the Report message (Right Answers)
□ B Only when IGMPvl is running, all receivers respond to the Report message
□ C The first responder with a response timeout sends a Report message, and the other recipients do not send it.
□ D Only the IGMPV2 is running, and all receivers respond to the Report message
Answer: A
90. Which of the following is the correct description of the process of registering the source DR with the RP in the PIM-SM?
□ A. The registration message encapsulates the multicast service data (Right Answers)
□ B. The RP sends a registration stop message as soon as it receives the registration message.
□ C. The registration message is used to construct an RPT tree between the source DR and the RP
□ D. The registration message is a multicast message.
Answer: A
91. Ina shared network, what mechanism does PIM-SM use to prevent duplicate traffic?
□ A. Register mechanism
□ B. BSR/RP mechanism
□ C. Assert mechanism (Right Answers)
□ D. Join/Prune mechanism
Answer: C
92. Which of the following statements about 802.1x authentication, RADIUS, and HWTACACS authentication is correct?
□ A. RADIUS authentication and HWTACACS authentication can perform dual authentication for the same user at the same time, which is more secure.
□ B. Users can access the network using 802.1x authentication and complete identity authentication through Radius. (Right Answers)
□ C. RADIUS authentication and HWTACACS authentication are mutually exclusive. You cannot perform dual authentication for the same user at the same time. (Right Answers)
□ D. RADIUS authentication and 802.1x authentication are mutually exclusive.
Answer: BC
93. Which of the following statements about RADIUS is correct?

□;A. MAC authentication does not require a username and password, so you cannot use RADIUS to authenticate a user.
□ B. RADIUS authentication and Portal authentication cannot be used together. Because Portal authentication is usually used, the Portal server can be used to authenticate users.
□ C. RADIUS protocol authentication, authorization, and audit separation.
□ D. RADIUS supports both wired and wireless access methods. (Right Answers)
Answer: D
94. To configure AAA, you first need to define the XRADIUS RADIUS server as follows:
[Huawei] radius-server template EXAM
[Huawei-radius-EXAM] radius-serve shared-key cipher HUAwei123
[Huawei-radius-EXAM] radius-se authentication 10.7 66.66 1812
[Huawei-radius-EXAM] radius-se authorization 10.7.66.661812
[Huawei radius -EXAM] radius-server retransmit 27 1813
[Huawei-radius-EXAM] radius-serv accounting 10
□ A. True
Answer: B
95. Which of the following does the digital certificate not contain?
□ A. Public key information
□ B. Digital envelope (Right Answers)
□ C. Digital signature
□ D. Issuer
Answer: B
96. Network administrators can use CAR technology in traffic policing. Which of the following technologies can be applied in CAR?
□ A. Double barrel double speed (Right Answers)
□ B. Single barrel single speed (Right Answers)
□ C. Three barrels single speed
□ D Double barrel single speed (Right Answers)
Answers ABD
97. Router A has an IP router with a destination network segment of 10.0.0.1/32 and an outbound interface of Gigabitethernet 0/0/1.
Now add the following configuration
acl number 2000
rule 10 permit source 10. 0.1.1 0
traffic classifier test
if-match acl 2000
traffic behavior test
remark dscp cs3
traffic policy test
classifier test behavior test
interface GigabitethernetO/O/1
ip addressl 0.0.12.1255.255.255.0
traffic-policy test outbound
Suppose Router A receives a packet with a destination IP of 10.0.0.1. The following statements which are correct?
□ A.If the source IP address of the packet is 10.0.0.1, it can be forwarded while the DSCP field remains unchanged. (Right Answers)
□ B.If the source IP address of the packet is 10.0.0.1, it can be forwarded and the DSCP field is marked as CS3.
□ C. If the source IP address of the packet is 10.0.0.1, it cannot be forwarded.
□ D. If the source IP address of the packet is 10.0.0.1, it can be forwarded and theDSCP field is marked as cS3.(Right Answers)
Answers AD
98. Which SNMP message type report event sent to the NMS is reliable?
□ A. Response
□ B. Trap
□ C. Inform (Right Answers)
□ D. Get
□ E. Get Bulk
Answer: C
99. Non-Stopping-Forwarding (NSF) and Non-Stopping Routing (NSR) are two solutions for high reliability. The following statements which are correct?
□<A. NSR routers need to negotiate NSR support through specific packet negotiation.
□ B. After the NSF is enabled, the router performs the master/slave switchover. The routing table and the forwarding table remain unchanged. Therefore, traffic is not lost during the GR time. (Right Answers)
□ C. After the NSR is enabled, if the main control board fails when the service batch backup is not completed, the NR switch cannot be completed. (Right Answers)
□ D. NSF routers do not need to support NSF through specific packet negotiation.
Answer: BC
100. As shown below, R1 and R2 establish E-BGP neighbors and enable BFD detection. The following statements which are correct?
BSMeo/o/o___ ro/o/j I
Rl
Rl
bfd
interface EthcrnetO/O/O
ip address 10 O 1? 1 255 255 255 O
a
bqp 1OO
peer 10.0.12 2 as-number 200
peer 1OO 12 2 bfd min-tx-interval 300 min-rx-interval 200 detect-multiplier 4
peer 10.0 12 2 bfd enable
R2:
bfd
interface tthemetOZO/O
ip address 10.0.12 2 255.255.255.0
a
bgp 200
peer 1OO 12 1 as number 1OO
peer 10 0 12 1 bfd min-tx-mterval 220 mm-rx-mterval 320
peer IO O 12 1 bfd enable
□ A. The detection time of BFD packets on R2 is 800ms.
□ B The detection time of BFD packets on R2 is 600ms.
□ C. The detection time of BFD packets of R1 is 660ms. (Right Answers)
□ D The detection time of BFD packets on R1 is 1280ms
Answer: C
101. Which is wrong about IPv6 Over VXLAN?

□ A IPv6 over VXLAN means that Vxlan's Overlay network is an IPv6 network.
□ B. IPv6 over VXLAN can solve the problem of insufficient IP address resources for terminal tenants.
□ C. The tunnel between the Layer 2 and Layer 3 gateways of the VXLAN is an IPv4 network.
□ D. IPv6 Over VXLAN does not generate entries. (Right Answers)
Answer: D
102 Which is wrong about the EVPN Type 5 class routing?

□ A The IP Prefix field can carry either the host IP address or the network segment address.
□ B. Type 5 is an IP prefix route.
□ C. Type 5 routing carries both Layer 2 VNI and Layer 3 VNI (Right Answers)
□ D. Type 5 routing carries Layer 3 VNI.
Answer: C
103. VXLAN uses BGP EVPN to establish a tunnel. What kind of packets are used?
□ A. Type3 (Right Answers)
□ B. Type5
□ C. Type4
□ D. Type2
□ E. Typel
Answer: A
104. Which of the following advanced features does BGP EVPN support?
□ A ARP broadcast suppression (Right Answers)
□ B VRRP over VXLAN
□ C Multi-live gateway (Right Answers)
□ D VXLAN Qos
Answer: AC
105 Which of the following statements about VXLAN messages is correct?

□ A The outer destination IP address is the IP address of the remote VTEP of the VXLAN tunnel (Right Answers)
□ B The source UDP port number is 4789
□ C Destination UDP port number is 4789 (Right Answers)
□ D VNI has 24 bits and is used to distinguish VLAN segments (Right Answers)
106. Which of the following types of packets is required to implement virtual machine migration in the BGP EVPN distributed gateway scenario?
□ A. Type3
□ B. Type5
□ C. Type4
□ D. Type2 (Right Answers)
□ E. Typel
Answer: D
107. Which of the following statements about the VRRP protocol are correct?
□ A. Both VRRPv2 and VRRP v3 support authentication.
□ B. VRRPv3 does not support authentication, while VRRPv2 supports authentication. (Right Answers)
□ C. VRRPv2 is only applicable to IPv4 networks, and VRRPv3 is only applicable to IPv6 networks
□ D. The owner of the Mater IP address has a VRRP priority of 255, so the priority range that can be configured is 0-254.
Answer: B
108. HW users are transmitting a lot of files through TFTP. What protocol does TFTP rely on for transmission?
□ A. IcmP and UDP
□ B. IP and TCP
□ C. UDP (Right Answers)
□ D. NFS
□ E FTP
Answer: C
109. When deploying LLQ, you need to configure bandwidth parameters What is the meaning of bandwidth parameters?
□ A. Provide a built-in policer to limit the maximum available bandwidth of low latency queues during congestion (Right Answers)
□ B. This parameter should be as small as possible. It means that the bandwidth is always reserved, even if LLQ is used, this parameter will reduce the available bandwidth of the interface
□ C. It indicates that the reference CR is used to calculate the burst size of the built-in tactical merging bucket.
□ D. This parameter is an option because LLQ always takes precedence over other queues
Answer: A
110. Assume that the port shaping rate is 100Mbps. The input bandwidth and PIR of each service on the interface are as follows.
Queue type Queue type Input bandwidth (bps) PIR(bps)
CS7 PQ 1SM 25M
CS6 PQ 30M 10M
EF WFQ, Weights5 90M 10M
AH WFQ, Weightsl 10M 10M
AF3 WFQ, Weights3 10M 15M
AF2 WFQ, Weights2 20M 10M
AF1 WFQ, Weightsl 20M 10M
BE LPQ 100M Not configured
Then, after the first round of scheduling, what is the bandwidth allocated by the EF queue?
□ A. 30M
□ B 15M (Right Answers)
□ C. 90M
□ D 25M
Answer: B
111 Which of the following statement about the security association SA in IPsec is wrong?
□ A. The SA is uniquely identified by a triplet that includes the Security Parameter Index (SP), the source IP address, and the security protocol number used (AH or ESP). (Right Answers)
□ B. Use display IPsec to view information about encryption algorithms, traffic, and other information used between another IPsec peer
□ C. IPsec only supports the use of symmetric encryption algorithms to encrypt data.
□ D. There must be a two-way SA between IPsec peers to establish an IPsec VPN connection.
Answer: A
112. The HW network consists of Network A and B that are connected via Router HW1 and Router HW2 The HW network is shown in the following exhibit
To set up an IPSec VPN between routers HW1 and HW2, which of the following crypto access-lists must be configured on Router HW1 in order to send LAN to LAN traffic across the encrypted VPN tunnel?
□ A. rule permit ip source 192.168.1 10 destination 192.168.1.2 0
□ B rule permit ip source 10.1.1.0 0.0.0.255 destination 192.168.1 2 0
□ C. rule permit ip source 10.1 1.0 0.0 0.255 destination 10 1 2.0 0.0.0.255 (Right Answers)
□ D. rule permit ip source 192.168.1 10 destination 10.1.2.0 0.0.0.255
□ E. rule permit ip source 10.1.2.0 0.0.0.255 destination 10.1 1.0 0.0.0.255
Answer: C
113. Which of the following description about the assertion mechanism is correct?
□ A. The size of the IP address will not be used as a condition for election during the election of the winner
□ B. In the assertion mechanism, the winner is responsible for forwarding multicast data to the broadcast network segment (Right Answers)
□ C. The assertion mechanism is used for the election of the DR.
□ D. In the assertion mechanism, loser shut down the interface connected to the broadcast network
Answer: B
114. Which of the following statements about the BSR mechanism are true? (Multiple Choice)
□ A A PIM-SM domain can have multiple C-BSRs, but only one elected BSR (Right Answers)
□ B An elected BSR can collect C-RP information by using the C-RP packets received (Right Answers)
□ C. An elected BSR floods Bootstrap packets to advertise BSR information and C-RP information to all routers in a PIM-SM domain (Right Answers)
□ D A C-BSR can also collect C-RP information by using C-RP packets.
Answer: ABC
115 The association between the LDP and the IGP is to suppress the release of the reachable route through the IGP This ensures that the LDP and the IGP are synchronized to complete the network convergence The IGP and the LDP
maintain the same path, minimize the loss of traffic, and improve the reliability of the entire network
□ B False
Answer. A
116 Regarding the processing mode of MPLS for TTL, which of the following description is correct?
□ A. In the Pipe mode, when an IP packet passes through the MPLS network, the IP TTL is decremented by 1 to the MPLS TTL field in the ingress node.
□ B. The TTL of the MPLS label has the same meaning as the TTL in the IP header, which can prevent the MPLS network from generating a routing loop (according to the reason A) (Right Answers)
□ C. Uniform simulation, when the IP packet passes through the MPLS network, the IP TTL of the ingress node is decremented by 1, and the MPLS TTL field is a fixed value
□ D. In MPLS VPN, if you want to hide the structure of the MPLS backbone network, you can use the uniform mode in Ingress for private network packets.
Answer. B
117. On an MPLS VPN network, different CEs can use different routing protocols to exchange routing information with the same PE. These routing protocols are independent from one another
□ A. True (Right Answers)
□ B. False
Answer: A
118 Which of the following technologies use tunneling technology to communicate between IPv6 addresses?
□ A Dual Stack
□ B 6to4 (Right Answers)
□ C ISATAP (Right Answers)
□ D NAT64
Answer. BC
119. The following procedure for NDP to resolve the link layer address is correct or not
_I_____ J_
ICMP Type = 135 .
Src = IPv6-Addr of A ______________ __ ________________ >
Dst = soltcitod-node multicast of B
(Data * null
Query ■ What is your link address7
ICMP Type *136
NA Src = IPv6 Addr of B
M * IPv6-Addr Of A
Data -18*-layer address of B
□ A. True
Answer: B
120 BGP 4+ is running between the two routers The neighbor relationship is normal However, the BGP routing table of the local router does not have any neighbor routing entries Which of the following is the possible reason?
□ A The routing entries o, the peer BGP routing table are non-optimal (Right Answers)
□ B The next hop address of the BGP routing entry is unreachable
□ C Peer ignore configured on the peer
□ D The peer is configured with Active-route-advertise (Right Answers)
Answer: AD
121. Which of the following information can be included in a basic network layer packet? (Multiple choice)
□ A Data link layer header
□ B. Upper layer data (Right Answers)
□ C. Network layer header (Right Answers)
□ D. Path record
□ E. Network layer tail
Answer: BC
122. Which of the following description about configuring BGP4+ is correct? (Multiple choice)
□ A. The BGP4+ router-ID is the same as the BGP4 router-ID (Right Answers)
□ B. BGP4+ must use the Link-Local address when specifying the peer
□ C. The next hop of the BGP4+ route does not use the Link-Local address. (Right Answers)
□ D. When BGP4+ configures a reflector, the roles of the reflector and the client must be consistent with the configuration of BGP4
□ E. BGP4+ does not support route reflectors.
Answer: AC
123. Regarding the stub area in the OSPF protocol, which of the following statement is correct? (Multiple Choice)
□ A. ASBR cannot exist in the stub area (Right Answers)
□ B. The virtual link cannot traverse the stub area (Right Answers)
□ C stub area is not allowed to inject type7 LSA (Right Answers)
□ D. The backbone area cannot be configured as a stub area. (Right Answers)
Answer: ABCD
124. What type of LSA does not exist in the OSPF stub area? (Multiple Choice)
□ A. Type-7 (Right Answers)
□ B. Type-5 (Right Answers)
□ C. Type-4 (Right Answers)
□ D. Type-3
Answer: ABC
125. A router is configured for OSPF and is connected to two areas area 0 and area 1 You configure area 1 as a stub area Which LSA types will exist inside area 1?
□ A Type 7
□ B. Type 1 and 2
□ C. Type 1, 2, and 5
□ D. Type 3 and 4
□ E. Type 1, 2, and 3 (Right Answers)
Answer: E
126. An engineer performs an import operation on an OSPF router in a company network. Which of the following statement about the introduction of a route LSA is correct? (Multiple choice)
□ A The Advertising Route is set to the router-id of the ASBR (Right Answers)
□ B netmask is set to 0
□ C. link state id is set to the destination network segment address (Right Answers)
□ D. Use link state id and advertising Router to uniquely identify an LSA
Answer: AC
127 In broadcast network, the election of DIS is started after the neighbor relationship is established
□ B. False
128. Which of the following statements about the ISS protocol route aggregation is correct?
□ A. Route aggregation can be configured and validated on all types of routers. (Right Answers)
□ B Route aggregation can only be configured on the level-1 router to take effect.
□ C Route aggregation can only be configured on the level-2 router to take effect.
□ D Route aggregation can only be configured on the level-1-2 router to take effect.
Answer: A
129 Ounng the process in which IS IS establishes a neighbor relationship, IS-IS does not send CSNP packets on a P2P network
□ A True
Answer: B
130. OSPFv3 Router-LSA is generated for each router. It describes the interface address and cost of each link of the router. It also contains the router ID of the neighboring router.
□ A. True
Answer: B
131. Which of the following description of the ISS's GR is correct?

□ A. The GR feature of ISIS is enabled by default.
□ B ISIS's GR has a total of four timers.
□ C. The ISIS's GR notifies the event and maintains the neighbor relationship through the CSNP packet.
□ D ISIS's GR defines a new TLV structure to support this feature. (Right Answers)
Answer: D
132. As shown in the figure, R1, R2, and R3 run OSPF at the same time and announce their respective loopbacks. Which of the following description is wrong?
□ B. You can use the filter export command to filter the loopback route of R3 in R2.
□ C. You can use the filter import command to filter the loopback route of R3 in AreaO.
□ D. You can use the filter-policy import command to filter the loopback route of R3 in R1
Answer: A
133. Regarding the introduction of routes, which of the following description is wrong?
□ A. bgp supports both import and network when generating routes. Network mode is more accurate.
□ B. By default, the default metric of the external route redistributed by OSPF is 1, and the imported external route type is Type2.
□ C. After ISIS's level-2 network route is imported to the level-1 network, if the import policy is not manually configured, a routing loop is formed. (Right Answers)
□ D. Introducing IBGP routes in OSPF may cause routing loops.
Answer: C
134 Which of the following description is true about the ISIS LSP fragmentation extension?
□ A Enable the ISIS router to generate more LSP fragments to carry more ISIS information. (Right Answers)
□ B ISIS's fragmentation extension is equally valid for Hello packets.
□ C. ISIS's fragmentation extension is achieved by adding virtual systems that can scale up to 1000 virtual systems
□ D ISIS routers can generate up to 1024 shards.
Answer: A
135 The configurations of the defined route-policy test are as follows:

ip community-filter 1 permit 100 1
ip as-path-filter 2 permit A100$
route-policy test permit node 10
if-match community-filter 1
if-mafch AS-path-filter 2
apply as-path 200
Which of the folowing statements is true?
□ A The BGProutes will match the route-policy test only when they contain either community attribute 100:1 or as-path 100 The as-path of the matched routes is then changed to200
□ B The BGProutes will match the route-policy test only when they contain both community attribute 100:1 and as-path 100. The as-path of the matched routes is then changed to 200. (Right Answers)
□ C. The BGProutes will match the route-policy test only when they contain as-path 100 The as-path of the matched routes is then changed to 200.
□ D. The BGProutes will match the route-policy test as long as they contain community attribute 100:1 The as-path of the matched routes is then changed to 200
Answer: B
136. Which of the following statements is true about the database synchronization process on an IS-IS broadcast network?
□ A. As the DIS, R2 sends a CSNP packet periodically. (Right Answers)

□ B. The interval at which R2, as the DIS, sends Hello packets is three times that of other routers.
□ C. As the DIS, R2 does not receive the PSNP requests from other routers.
□ D. R1 and R3 maintain the database consistency by sending PSNP packets periodically.
Answer: A
137. The second-layer network architecture of a company is as shown in the figure. After the engineer is configured, the services between the departments cannot be communicated. Check the status of the device as follows. Which is the
possible reason? (No figure is shown, the MSTP three elements are different, causing the entry to appear on the master port)
□ A The Revision Level configuration between switches is inconsistent (Right Answers)
□ B. The BPDU interval configuration between switches is inconsistent.
□ C The Region Name configuration between the switches is inconsistent (Right Answers)
□ D Instance VLAN mapping configuration between the switches is inconsistent (Right Answers)
Answer^ ACD
138. Two routers are connected through the serial port, but the interconnection interface cannot be pinged. Now check the port status as follows, which is the possible reason? (No figure is shown, one PPP, and one HDLC, you can find the
reason )
□ A Link bandwidth is not enough
□ B The IP address is not on the same network segment
□ C. Link layer protocol is inconsistent (Right Answers)
□ D. Subnet mask does not match
Answer; C
139 When DLDP detects a unidirectional link on an interface, the default operations on Huawei devices include: DLDP switches to the interface to Disable state, generates a trap and sets the interface state to DLDP Down
OA TRUE (Right Answers)
O B. FALSE
Answer; T
140 Why does RSTP converge faster than STP?
□ A. RSTP has more Port states.
□ B. RSTP has smaller timers.
□ C. RSTP has less overhead.
□ D. RSTP convergence is based on mechanisms other than the timers. (Right Answers)
Answer: D
141. Which of the following description about the characteristics of the cross-domain vpn-Option C is correct? (Multiple choice)
□ A. Up to two layers of labels need to be used in the packet forwarding process.
□ B. VPNV4 routes are not saved on the ASBR, and VPNv4 routes are not advertised to each other. (Right Answers)
□ C. The VPN route is directly exchanged between the ingress PE and the egress PE, and no intermediate device is required to save and advertise the VPN route (Right Answers)
□ D. Cross-domain VPN-Option-c mode is not suitable for use when spanning multiple ASs.
Answer: BC
142. Which of the following configurations can be performed to implement fast failure detection on a network? (Multiple Choice)
□ A. Reduce the hold time of Join/Prune messages.
□ B. Reduce the interval for an interface to send Hello messages (Right Answers)
□ C. Set up a PIM BFD session between network segment neighbors (Right Answers)
□ D Reduce the interval for sending Join/Prune messages.
Answer: BC
143 If you run the PM-SM protocol on the multicast network, you need to configure the RP The configuration mode of the RP is classified into dynamic RP and static RP Which of the following description of the RP configuration is correct?
□ A When configuring a dynamic RP, you need to configure the BSR as the backup of the RP
□ B When configuring a static RP, you need to configure the BSR advertisement RP information
□ C When configunng a static BP, you need to specify the RP information on all PIM routers (Right Answers)
□ D When configuring a dynamic RP, you do not need to configure a BSR
Answer: C
144. In a multicast network, which of the following situations will cause forwarding failure of multicast traffic? (Multiple Choice)
□ A. Router does not have RPF routing (Right Answers)
□ B. PIM is not enabled on an RPF interface (Right Answers)
□ C. The upstream router discards the received PIM Join messages (Right Answers)
□ D. On a network with multiple egress routers, the router is not selected as the DR.
Answer* ARP.
145 The IPSG can be configured with a static binding table or used with DHCP-snooping to form a binding table
□ B False
Answer: A
146. As shown in the figure, the router load balances the traffic between the branch network 1 and the branch network 2. In this case, the URPP defense source P address spoofing attack must be configured in the loose mode on the physical
interface of the router

□ B. False
Answer: A
147. Which of the following is a single package attack? (Multiple choice)

□ A. Special control packet attack (Right Answers)
□ B. Scanning detection attacks (Right Answers)
□ C. DDoS attack
□ D. Malformed packet attack (Right Answers)
Answer: ABD
148. Which of the following statement about the digital certificate is wrong?
□ A. Digital signatures guarantee the integrity of digital certificates.
□ B The digital certificate contains public key information
□ C. When the received peer certificate is valid, but the device itself is in the wrong time and is not within the validity period of the certificate, the authentication fails.
□ D. Even if the two PRI entities are not in the same CA system, the two parties can complete the authentication as long as they can identify each other. (Right Answers)
Answer: D
149 A newly deployed HW router is configured for Weighted Random Early Discard (WRED) on the HW network.
WRED has which of the following characteristics? (Multiple Choice)
tl'A. For packets of different priorities, WRED can set different packet drop thresholds and packet loss ratios (Right Answers)
□ B. When the minimum threshold is crossed, WRED begins dropping all incoming packets (tail-drop).
□ C. Global Synchronization is avoided by selectively dropping packets from multiple TCP flows. (Right Answers)
□ D. Low bandwidth flows are experiencing packet drop at a higher rate than higher bandwidth flows.
Answer: AC
150. Which of the following descriptions about the FTP protocol is correct?
□ A. In the FTP Passive mode, the client completes the initialization of the TCP session for control and data. (Right Answers)
□ B. In FTP Active mode, the server uses the command "PORT" to tell the client which port it expects to send data
□ C. FTP always uses a TCP session to transmit control information and data information.
□ D. FTP always uses TCP port 20 to establish a data session, using ICP port 21 to establish control Session
□ E. FTP always uses TCP port 21 to establish a data session and TCP port 20 to establish a control session.
Answer: A
151. If a Huawei switch runs the RSTP protocol, when will the BPDU on a port of the switch be aged?
□ A. On the interface, RSTP does not age BPDUs
□ B. After more than 6 seconds
□ C After MaxAge times out
□ D. After the Hold time expires (Right Answers)
□ E. After the Forward Delay expires
Answer: D
152 In the process ol using the IACP protocol winch ol the lolowing description is correct? (Multiple choice)
□ A You can prevent the Elh-Trunk interface from frequently flapping due to physical link reasons Interface eth-trunk 1 Lacp preempt enable Lacp preempt delay delay-time (Right Answers)
□ B You can configure the source IP address for load balancing in the enabled link aggregation group by using the folowing command Interface eth trunk 1 Load balance srcdst ip
□ C You can remove a member interface in an enabled link aggregation group by using the folowing command Interface GigabitethemnetO O'O Debug Interface GigabitethernetO. CL 1 Undo eth-trunk 1 Interface GigabitetheretO 0 Undo
shutdown (Right Answers)
D You can add member interfaces to the link aggregation group enabled by the folowing command Interface GigabitethernetO 0 1 Debug Interlace GigabitethernetO 0 1 Trunkport GigabitethernetO 0 Interlace GigabitethernetO 01 Undo
shutdown
Answer i AC
153. In the lab network, the network is built as follows SW1 is the default configuration and SW2 disables STP Which of the following description about scenario is correct?
11
□ A. GOZOZ2 of sw1 enters Discarding state
□ B. GOZOZ1 of sw2 enters Discarding state
□ C. GOZOZ2 of sw2 enters Discarding state
□ D. No interface is blocked (Right Answers)
□ E. GOZOZ1 of SW1 enters Discarding state
Answer: D
154 Which of the following are used in Ethernet networks? (Multiple Choice)
□ A Non-Canonical format MAC addresses.
□ B CSMA/CD for media access. (Right Answers)
□ C. Canonical format MAC addresses. (Right Answers)
□ D 802.5 encapsulated frames.
□ E. 802.3 encapsulated frames (Right Answers)
Answer: BCE
155 When judging the old and new LSA, the serial number parameter and the age parameter will be used Which of the following statements about the two parameters is correct?
□ A. When the router receives an LSA age set to 360s, it means that the LSA is unavailable.
□ B. Both the serial number and the age parameter can judge the LSA is old or new, and the router preferentially compares the sequence parameters, the bigger, the better
□ C When the router receives two LSAs, the serial number is the same, the checksum is the same, and the smaller the age, the better (Right Answers)
□ D. If the serial number of the LSA reaches the end value of 0x7FFF, the current router advertises the age of 3600s for Isa
Answer: C
156. In the broadcast network and the P2P network, when the router receives the LSP, it needs to use the PSNP to confirm the LSDB.
□ A. True
Answer: B
157. Which of the following statements about the attributes of the ISIS protocol LSP packet is correct?
□ A. The LSP fast flooding feature first spreads out LSPs smaller than the specified number to speed up the synchronization process of the LSDB. (Right Answers)
□ B. Configure an intelligent timer generated by the LSP, which can automatically adjust the delay time according to the change frequency of the routing information (Right Answers)
□ C. When the link state information increases, the packet length of the SP can be increased, so that each LSP can carry more information
□ D. Reduce the minimum interval for sending LSPs on an interface to speed up LSP diffusion
Answer: AB
158 Routers R1 and R2 are configured for BGP Both routers are in AS 65234 Routes from Router R2 are in the BGP table on Router R1. but not in the IP routing table What could be the cause of this problem?
□ A Synchronization is off
D B The BGP peers are down
□ C BGP muli-hop is disabled on Router Rl
□ D Routing is not optimal (Right Answers)
Answer: D
159. Which of the following statement about the R2 routing entry is correct?
ut R2
interface I onpRjffcO Ml ipvb number AMJ
pvt> enable rule 5 permit source 2019. ,/O4
pvh address 2O1*:t/64 rule 10 permit source MW0. /64
• nJc IS deny source 2021 /64
ntwt.re hxtpttdtkt n4e HI permit
l(M) duUr N
ip*C •xJdrc’.’. XJ2O 1/f>4 isis 1
• ipvt> filter policy 200U inipmt
ft
Ute t oopBatk?
ipvb-fvdbte
ipvf> address 202 1 .1/M
M
irledai r 1t ripfeackt
SJVt ••fulilc
pwfc address 2022::1/64
oljl
□ A. 2020:764 router will appear in the IP routing table. (Right Answers)

□ B. 2022:764 router will appear in the IP routing table. (Right Answers)
□ C. 2019:764 router will appear in the IP routing table. (Right Answers)
□ D. 2021:764 router will appear in the IP routing table.
Answer: ABC
160. Regarding the OSPFv3 protocol, which of the following description is wrong?
□ A When sharing a router, each OSPFv3 process runs independently
□ B Multiple instances can be run in the same OSPFv3 process on the same interface. (Right Answers)
□ C. Support multiple instances running on a single link
□ D. The Instance ID field is included in the OSPFv3 packet header
Answer: B
161. Which of the following statement about the LSA of OSPFv33 is correct?
□ A. The Link State id of the Inter-Area Prefix-LSA contains the prefix information.
□ B. Router-LSA and Network-LSA do not contain routing information (Right Answers)
□ C. When the Intra-Area Prefix LSA is Referenced Link State Type-2, the Referenced Link State id contains the interface id of the DR (Right Answers)
□ D. Inter-Area-Prefix LSA also contains Link-Local information.
Answer: BC
162 A company has built an OSPF network as shown in the following figure The links form an OSPF neighbor relationship. Al devices have announced their own loopback address On one day. the S1-R2 and S2-R1 links are faulty Which of
the folowing description is correct? (Area 0 is spW)
□ C R1 can learn the loopback route of R2 normaly

□ 0 R3 can leam the loopback route of R2 normaly
Answer. AB
163. In Huawei devices, when ISIS imports external routes and sets external route tags for routing information, ISIS's metric types do not need to be modified, keep the default.
□ A. True
Answers B
164. Which of the following description about the information of BGP4+ is correct?
□ A Bgp4+ can use dampening command to suppress IBGP routes. (Right Answers)
□ B. Modifying the BCP's router ID will cause the BGP connection between the routers to be re-established. (Right Answers)
□ C. The Next Hop attribute in BCP4+ is represented by the Pv6 address, which can be the link-local address of the next hop.
□ D. bGP4+ does not support automatic route aggregation (Right Answers)
Answer: ABD
165. As shown in the following figure, the corresponding peer relationship is established. The AS400 receives the 1.1.1.1/32 network route from the AS100. What is the AS-Path attribute?
□ A. 100 200 300

□ B. 400 300 200 100
□ C. 100 200 300 400
□ D. 300 200 100 (Right Answers)
Answer: D
166. Which of the following description is true about the OSPF virtual link?
□ A. A virtual connection can be established in any area, and it belongs to the area itself after it is established.
□ B. The virtual link uses the outbound interface P as the link address
□ C. The virtual link can be used to solve the problem that area 0 is divided (Right Answers)
□ D. The cost of the virtual link is 0, it is the optimal link.
Answer: C
167. In the case of not dividing the area, which of the following description is true about the link state routing protocol? (Multiple Choice)
□ A. Each router establishes a topological structure of the entire flood domain (Right Answers)
□ B. Each router learns the route directly from the routing update and adds it to the routing table
□ C. Routers in the flooding domain may repeatedly receive the same link state information (Right Answers)
□ D. Routers in the entire flooding domain have the same wrong path state database (Right Answers)
□ E. The router will send all the wrong path status information sent by one neighbor to all other neighbors to ensure the synchronization of the database.
Answer: ACD
168 If the OSPF protocol is running on the network, configure the non-backbone area in the OSPP area as the LSA with the Is-id of 0.0 0.0 in the Totally Stub Totally Stub area. Which LSA does the LSA belong to?
□ A. LSA5
□ B. LSA2
□ C. LSA1
□ D. LSA3 (Right Answers)
Answer: D
169. When an administrator wants to manage some routes on the router during operation and maintenance, which of the following tools can mark these routes so that the administrator can configure the policy? (Multiple Choice)
□ A. If the BGP protocol is running, use the community attribute to mark the route (Right Answers)
□ B. Use ACLs to mark routes on the router
□ C. Use Tag value to mark routes on the router. (Right Answers)
□ D. Use ip-prefix to mark routes on the router
Answer: AC
170. Which statements regarding IBGP or EBGP neighbors are true? (Multiple Choice)
□ A BGP updates from an IBGP peer are propagated to other IBGP and EBGP peers.
□ B BGP updates from an EBGP peer are propagated to other IBGP and EBGP peers (Right Answers)
□ C. IBGP peers must be directly connected; otherwise, the IBGP-muttihop option must be configured.
□ D EBGP peers must be directly connected; otherwise, the EBGP-multihop option must be configured (Right Answers)
□ E IBGP neighbor peering can be established using the loopback interface address. (Right Answers)
□ F. EBGP neighbor peering must use the physical interface address to establish peering.
Answer: BDE
171. In an MPLS-BGP-VPN environment, if only BGP and LDP are used to distribute labels, the MPLS label of the packet can be up to two layers.
□ A. True
Answer: B
172. Which of the following description is wrong regarding the inter-domain VPN Option-B solution?
□ A During the packet forwarding process, exchange the private network LSPs of the VPN on the two ASBRs.
□ B. An MP-EBGP neighbor relationship needs to be established between the two ASBRs.
□ C The inter-domain VPN-option-B scheme is not limited by the number of interconnection links between ASBRs
□ D Exchange the outer label of the VPNv4 route between the two ASBRs. (Right Answers)
Answer: D
173 Huawei's two switches, SWA and SWB. are connected through seven Ethernet ports and are configured with static link aggregation The corresponding ports on the switch SW are Ethernet 1/0/2, Ethernet 1/0/3, Ethernet 1/0/4. and
Ethernet 1/0/5, Ethernet 1/0/6, and Ethernet 1/0/7. The configuration mode is configured in the order of the ports If the switch SWA and SWB support only 6 ports in each aggregation group
□ A Ethernet1/0/7 Unselected port with consistent port configuration (Right Anawers)
□ B Ethemet1/0/6 Unselected port with consistent port configuration
□ C In the case that the configurations of the ports are the same, the SWA randomly selects one of the seven ports as the aggregation group Unselected port
□ D. Ethemetl/0/1 Unselected port when the configurations of the ports are the same
Answer: A
174. You need to configure policy routing on the router to specify that specific traffic is forwarded through an interface
When using policy-based routing, which two types of most typical information can be used to forward traffic along a particular path?
□ A TTL and source IP address of the packet
□ B Source IP address and Layer 2 source address
□ C. Source IP address and specific protocols (such as FTP, HTTP, etc.) (Right Answers)
□ D Service type header and message length
Answer: C
175. As shown in the figure, the ISIS neighbor relationship between R1 and R2 has just been established, which of the following statement is true about the database synchronization process between R1 and R2?
ft) ---- M
7
fevpo-OP-* | W
R|.oo-pp
□ A. The packet sent from R1 to R2 is a PSNP packet.
□ B. The packet sent from R1 to R2 is a CSNP packet. (Right Answers)
□ C. The packet sent from R1 to R2 is an LSP packet.
□ D. The packet sent from R1 to R2 is a Hello packet.
Answer: B
176. As shown in the figure, R1 and R2 are PPP links, and the direct connection ports are not on the same network segment, but the R1 and R2 direct connection ports can communicate, and the Ethernet link cannot communicate under the
same IP planning.what are the reasons? (Multiple Choice)
/jo
□ A. R1 and R2 are connected to the POS port, and the 24-bit subnet route of the direct connection port of the other party is learned through IPCP.
□ B. R1 and R2 are connected to the POS port, and the 32-bit host route of the direct connection port of the other party is learned through IPCP (Right Answers)
□ C. The interconnected POS port of R1 and R2 learns the MAC address of the peer interface through LCP, and does not require the ARP request MAC address.
□ D. The data packets of the interconnected POS interface of R1 and R2 do not need to encapsulate the Ethernet header, and do not need to use ARP to request the MAC address. (Right Answers)
Answer: BD
177 What command can be used to prevent users from accessing multiple devices through the HUB on the access port of the switch?
□ A [Huawei]interface GigabitEthemet 0/0/1 [Huawei-GigabitEthernetO/O/1] port link type trunk [Huawei-GigabitEtherneto/0/1] port trunk allow pass vlan 10
□ B [Huaweiinterface GigabitEthemet 0/0/1 [Huawei-GigabitEthernetO/O/1] port link type access [Huawei GigabitEtherneto/O/jipsg enable
□ C. [Huawei]interface GigabitEthemet 0/0/1 [Huawei-GigabitEthemetO/O] port link-type access [Huawei-GigabitEthernetO/O] port-security enable (Right Answers)
□ D. [Huaweijinterface GigabitEthemet 0/0/1 [Huawei-GigabitEthernetO/O] port link-type access [Huawei-GigabitEthernetO/O] port-isolate enable
Answer: C
178. Combined with the output result in the following figure, which statements are correct? (Multiple Choice)
roL4l LSP<sl: 4
•(Io TLV) Leaktwq fcoato, • <»y LSPlW «>ir LSP. » S«lf LSPCKxtr-ndmU ,
ATT Attached, °l. <MR»r load
.z’tn*! 2 ulnk St ate Oatabaaa
•rtldt iar Lenqtfc • «/P/OL

Seq Moa Checks ja
lspid
onoooooooo imiirr ATS 102
0C-' a * >00.00 >3 ss
< 3000.01 OO OnonowMM)? wrMI
1 10
w . • lns« *000020 nxWM
0990 • ww* Sd
.««« i/kAA SMWW1.63.OQ* C/O/C
to
(/>00<XXX)lC OaOQrt
Total LSF(A): * Self L3r, • 0alf USP(Csr»BdMI •

• (in TLV>-ir«kltuj pbur
ever load
□ A R3 must be a DIS of a level-1 link
□ B R3 router is level-2 router
□ C. R3 must be a DIS of a level-2 link (Right Answers)
□ D. The system ID of the R3 router is 0003 0000 0000 (Right Answers)
Answer: CD
179. To display the routing table of router R1, the "display ip routing-table" command was issued Router R1 is running OSPF
Which one of the following statements is true regarding the OSPF information in a routing table?
□ A. A routing designated with only an “O_ASE" represents either a type-1 or type-2 LSA.
□ BA route that has been imported into OSPF can only be represented with an “O_ASE" designation (Right Answers)
□ C Routes that are within an area (intra-area) are marked with an “OJA" in the routing table
□ D. Type-7 LSAs display routes are imported into OSPF from another process, and are indicated by an "OSPF" marking
□ E All LSA types have unique designations in the IP routing table.
Answer: B
180 Regarding the certification of the ISIS protocol, which statements are correct? (Multiple Choice)
□ A Interface authentication can implement hello packet authentication for Level-1 and Level-2 (Right Answers)
□ B After the interface authentication is configured, the IIH sent by the router must carry the authentication TLV. (Right Answers)
□ C After the area authentication is configured, the IIH, SNP, and LSP sent by the router must carry the authentication
□ D. Two routers are configured with regional authentication and interface authentication, and the passwords are the same Then two routers can establish neighbor relationships.
Answer: AB
181 Regarding the BGP anti-ring mechanism, which of the following descriptions are correct? (Multiple Choice)
□ A Use the AS-PATH attribute between the autonomous systems to prevent loops (Right Answers)
□ B. The Cluster List attribute is used for the anti-ring in the reflector cluster. The router discovers that the cluster list of the route entry contains its own Cluster ID and rejects the route.
□ C Routes learned from IBGP are not advertised to IBGP neighbors to prevent routing loops within the AS (Right Answers)
□ D. You can use the AS-CONFED-SET attribute to prevent loops within the federation (Right Answers)
Answer: ACD
182. Regarding Route Policy, which of the following descriptions are correct? (Multiple Choice)
□ A An advanced ACL can be applied to the route-policy to filter routes
□ B The entry permits less-equal 128 indicates that all IPv6 routes are allowed to pass (Right Answers)
□ C. If more than one node is defined in the Route-policy, at least one of the nodes should have a matching mode of permit (Right Answers)
□ D. Route-Policy can only filter the default route (Right Answers)
Answer: BCD
183. Which of the following routing tools is unique to B6P?
□ A Route-policy
□ B ACL
□ C. IP-prefix
□ D. AS-path-filter (Right Answers)
Answer; D
184. As shown in the following scene, which description is true?
ltn>Mnr«y(Vo inwmHQAyn
R1
K?
his 1
isfcl network entity 49 (11)1 OOO? 0002 OOOZOO
network entity 49.0001 (Mill 0081 OOO1 HO
0
0
interface) thernctO/O/O
interface HN*nw«y<yo
ip address 10.0.U J 2SS.2S5.2SSS
ip addfpss 10.0 1? 1 2SS2SSJSS.O
ivs enable 1
ims ettjbk? i
hrs circuit type P-'P
bbtiavit type p?p
his peei ipignore
ims pee« ip t&nuie
0
• interface t cxspHjrftI)
O address W 0.2-2 2SS JS5.2SS 2SS
rsi\ enable 1
□ A. R1 has both Level-1 and Level-2 LSDB
□ B. R1 can ping the interface address of R21 loopbapkO
□ C. R1 has a route to R2 loopbackO 10.0.2.2/32 (Right Answers)
□ D. No neighbor relationship can be established between R1 and R2.
Answer: C
185. The configuration of two routers in a company is as follows, which of the following statement about the R1 routing table is correct?
^■ithmwUlAIAI IlhrtnrlOAVIlBBI
Rl R?
imi
nn 1
is l<wt l«vd 1
is kvN kvrt 1 network entity 49.0001 000? 000? 01
network entity 49 0001 0001 0001 0001 00
•
• inter1 ate 1 thernetll/tl/fl
interface I t het netO/C/0 ip address 100.1? ? ?bbJbb-?b52,
ip address 10.0.12.1 ?bb JSb.ibb.O IMS enjlite 1
tus en/We i f
N mterfarr loopOekO
ospr 1 trailer id 10.0.1.1 ip address 10 0 2 2 255.255 255Jbb
area 0 0.0.0 iseen.»i*r 1
network 10 0 1? OOjOJUW 4
• router id 10 0 ? ?
area 00.0.0
network 100 12 0000 255
network 100 2 2 000.0
□ A Only when the priority of the R2 ISIS protocol is adjusted to 5, the P route entry with the destination network segment of 10 1 2.2/32 on R1 is generated by OSPF
□ B If the priority of the ISIS protocol of R1 is adjusted to 5, the P route entry of the destination network segment with the destination network segment of 10.1.2.2/32 is generated by 0
□ C. If the priority of theR1 ISIS protocol is adjusted to 5, the P route entry with the destination network segment of 10 0 2.2/32 on R1 is generated by ISIS (Right Answers)
□ D. If thepriority of the R2 ISIS protocol is adjusted to 5, the P route entry with the destination network segment of 10.0.2.2/32 on R1 is generated by ISIS
Answers C
186. Which of the following description is true about BGP aggregation?

□ A After the Aggregate ipv4-address mask is configured, only the aggregated routes are advertised and the detailed routes are not advertised
□ B. For IPv6 routes, BGP supports manual aggregation and automatic aggregation.
□ C. BGP enables automatic aggregation by default
□ D. Manually aggregate routes in the BGP local routing table (Right Answers)
Answer: D
187 Which of the following description is wrong about BGP route selection?
□ A Non-aggregated routes take precedence over aggregated routes (Right Answers)
□ B in the case where Pref-Val and local_preference are equal, if the BGP preference of the locally generated route, the IBGP route, and the EBGP route are the same, the locally generated valid route takes precedence
□ C See the folowing entry in the BGP routing table * 172 16 1 11/32 0.0 0 0 10 0? Indicates that the route is available non-optimal
□ D The route that is unreachable for nexthop is an invalid route and does not participate in the preference
Answer: A
188 A number of transition techniques have emerged in the process of replacing a P4 address used in a network with a Pv6 address These technologies are divided into two categories, one is PV4/IF\6 coexistence technology and the other is
v4/P6 interworking technology Which of the following options belong to Pv4/IP6 coexistence technology? (Multiple Choice)
□ A NAT64
□ B IPv6 over IPv4 (Right Answers)
□ C Dual-Stack (Right Answers)
□ D ISATAP (Right Answers)
Answer: BCD
189 Which of the following descriptions are true about the establishment process of LDP LSP? (Multiple Choice)
□ A. By default, the LSR is for the same FEC The received label mapping can only come from the optimal next hop. It cannot be from the non-optimal next hop
□ B When the network topology changes cause the next hop neighbor to change, the LSR can directly reestablish the LSP by using the label sent by the original non-optimal next hop neighbor (Right Answers)
□ C. In the label publishing DoD mode, for a specific FEC, the LSR does not need to obtain the label request message from the upstream to perform label distnbution and distribution (Right Answers)
□ D The process of establishing an LSP is actually the process of binding the FEC to the label and advertising the binding to the upstream LSR of the LSP (Right Answers)
Answer: BCD
190 As shown in the figure, in the hub&spoke multicast mode of MPLS bgp VPN, in order to realize that the branch can only communicate with the headquarters, the branches cannot communicate with each other Which of the following
I I AHeadquarters: Import Target 12:3 Export Target: 12:3 Branch 1 Import Target 12 3 Export Target: 12:3 Branch 2 Import Target 12:3 Export Target 12:3
□ BHeadquarters: Import Target: 1:1 Export Target: 3:3 Branch 1: Import Target: 3:3 Export Target 1:1 Branch 2: Import Target: 3:3 Export Target 2:2
□ C Headquarters: Import Target: 2:2 Export Target: 3:3 Branch 1: Import Target: 3:3 Export Target 1:1 Branch 2: Import Target: 3:3 Export Target: 2:2
□ D. Headquarters: Import Target: 12:3 Export Target: 3:12 Branch 1: Import Target: 3:12 Export Target: 12:3 Branch 2: Import Target: 3:12 Export Target 12:3 (Right Answers)
Answer: D
191. Which of the following attacks are DoS (Denial of Service) attacks? (Multiple Choice)
□ A. Single packet attack
□ B. Source IP address spoofing attack (Right Answers)
□ C. Man-in-the-middle attack
□ D. Flood attack (Right Answers)
Answer: BD
192. Which of the following statements are true about IPSec VPN? (Multiple Choice)
□ A. Savage mode can support NAT traversal, while main mode does not support NAT traversal
□ B. Two routers establish IPSec VPN through the main mode. Starting from the fifth packet (including), the payload data is often encrypted. (Right Answers)
□ C. Two routers establish IPSec VPN through aggressive mode, then only two packets are exchanged between the two devices to establish a tunnel. (Right Answers)
□ D. Two routers can establish OSPF neighbor relationships through IPSec VPN tunnels and exchange intranet routes.
Answer: BC
193. Configure queue-based traffic shaping. If the queue length exceeds the cache size, the tail is discarded by default.
□ A. True
Answer: B
194. As shown in the figure, which of the following statement is correct? (Multiple Choice)
If the R2 Ethernet 0/0/1 interface is down, the R1 BFD session can quickly detect the fault and notify R1 to make the OSPF neighbor relationship down.
B. The OSPF status changes to FULL, which triggers the BFD session.
C. If the R2 EthernetO/O/O interface is down, the next hop of the route that R1 reaches 10.0.0.2 is changed to 10.0.21.2.
If the BFD function is disabled on R2, the BFD session on R1 will be down This will result in the ospf neighbor relationship down
E. If the R2 Ethernet 0/0/1 interface is down, the next hop of the route that R1 reaches 10 0.0.2 is changed to 10.0 12.2.
Answer: AD
195. For Layer 2 VPN technology, which of the following statements are correct? (Multiple Choice)
□ A. VPLS is a widely used technology on the live network. It can provide Layer 3 packet transparent transmission and achieve
□ B. The VPLS configuration is highly complex. The Layer 2 network transparently transmits BUM packets. (Right Answers)
□ C BGP EVPN supports tenant isolation, multi-homing and broadcast suppression (Right Answers)
□ D. BGP EVPN solves the problem of MAC address drift and multi-tenancy that VPLS cannot support. (Right Answers)
Answer: BCD
196. If there is a LAN running the 802.1D Spanning Tree Protocol, which of the following parameters will the non-root switch not receive from the root switch?
□ A MaxAge
□ B Root cost
□ C Forward delay
□ D. Hold time (Right Answers)
□ E Hello time
Answer: D
197. 802.1s defines deployment for which of the following?

□ A. One STP instance for each set of Bridges
□ B. One global instance for all VLANs
□ C. One STP instance for each VLAN
□ D. One STP instance for each set of VLANs (Right Answers)
Answer: D
198. Between the two directly connected devices that have established IBGP peers, run the shutdown command to shut down the interface of one of the devices. The BGP connection will not be disconnected immediatelv
□ B. False
Answer: A
199. In order to reduce the number of OSPF routes in some stub areas, OSPF has developed a special area function Which of the following description is true about the OSPF special area feature?
□ A. Special area routers cannot establish OSPF neighbor relationships with regular area routers (Right Answers)
□ B Any OSPF area can be configured as a special area
□ C. As -External-lsa is released to the Stub area
□ D ASBR-Summary-LSA is allowed to be advertised to the NSSA area.
Answer: A
200 An engineer builds a network topology to study the working mechanism of OSPFv3 protocol The configurations of R1 and R2 are as follows What are the LSA types exchanged between R1 and R2? (Multiple Choice)
OSPFv3 Aren 0
G0/0/0 |
R1 configuration
ospfv3 1
router-id 1.1.1.1
interface GigabitethemetO/O/O
ipv6 enable
ipv6 address auto link-local
ospfv3 1 area 0
R2 configuration
ipv6
ospfv3 1
router-id 2.2.2.2
interface GigabitethemetO/O/O
ipv6 enable
ipv6 address auto link-local
ospfv3 1 area 0. 0 0.0
□ A. Router-lsa (Right Answers)
□ B Link-LSA (Right Answers)
□ C Network-LSA (Right Answers)
□ D. Inter-area-prefix-lsa
Answer: ABC
201 The topology map and configuration are as follows Now I hope that there is no detailed routing entry of 10.6.3.3/32 in the R1 routing table Which of the following statements can achieve this requirement? (Multiple Choice)
Rl R2
•>.*>*
network-entity 49.0001 OOO1 OOO1 OOO1 OO Is-level level-1
network entity 49.0001.0002.0002 0002.00
Interface tlhernetO/O/O e
ip address 10 0 12 1 2SS.25S.2SSO Interface ItbernetO/O/O
ms enable 1 ip address 10.0.12.2 2SS.2SS.2SS.O
Isis enable 1
Interface rthernetO/D/l
Ip address 10.0.23.2 2SS.2SS.2SS.O
Isis enable 1
R3 •
Interface loopRackO
network entity 49.0001.0003.0003.0003 OO ip address 10.0.2.2 2SS.2SS.2SS.2SS
Isis enable 1
Interface rthernetO/O/O
Ip address 10.0.23.3 2SS.2SS.2SS.O
isis enable 1
interface loopbackO
Ip address 10.0.3.3 3SS.2SS.2SS.2SS
isis enable 1
□ A Configure route summarization on R3 and summarize the routes to 10.0.0.0/16(Right Answers)

□ B. Configure route summarization on R2 and summarize the routes to 10.0.0.0/16
□ C. Configure filter-policy on R2, match ACL 10.0.3.3/32, and apply it in the expot direction.
□ D. Configure filter-policy on R1, match ACL 10 0.3 3/32, and apply it in the import direction (Right Answers)
202 As shown in the configuration, if the administrator configures OSPF on R1 but R1 cannot learn the routes of other routers, what are the possible reasons? (Multiple Choice)
[RIJospf
[RI-ospf-1] area 2
[R1-ospf-1-area-0.0 0 2] network 10 0.13 1 O O O O
□ A The area ID configured by this router is different from the area ID of its neighbor router (Right Answers)
□ B. This router is not configured with an OSPF process ID.
□ C. The router's announcement network address does not match the interface mask
□,'D. This router is not configured with authentication, but the neighbor router is configured with authentication (Right Answers)
Answer: AD
203 Configure AS-path-Filter ip as-path-filtr 10 permit_100$ to match the route received from AS100
□ A True
Answer: B
204. The following topology and configuration are available. Which of the following statements are correct? (Multiple Choice)
Rl R? R3
Rl R2
!&l ms i
is-level level-1 network-entity 49.0001.0002.0002.0002.00
network entity 49.0001.0001.0001 OOO1.00 import-route l>ls level-2 into level-1
ft set-overload
Interface EthernetO/O/O 9
Ifi address 10.0.12.1 255.255.255.0 interface EthernetO/O/O
m* enable 1 •paddress 10.0.12.2 255.255.255.0
N l
*
interface LthernetO/O/1
ipaddress 10.0.23.2 255.255.255.0
R3 ms enable 1
ISIS 1 w
ls-level level-2 interface LoopBackO
network-entity 49.0003.0003.0003.0003.00 Ipaddress 10.0.2.2 255.255.255.255
N ISIS enable 1
interface EthernetO/O/O 9
ipaddress 10.0.23.3 255.255.255.0
l$ls.enablc 1
9
Interface Loop&ackO
ip address 10.0.3.3 255.255.255.255
Isis enable 1
□ A. There is no route with the destination network segment being 10.6.3.3/32 on R1. (Right Answers)
□ B. There is no route with the destination network segment being 10.0.2.2/32 on R1.
□ C. There is a route with the destination network segment being 10.6.3.3/32 on R1.
□ D. There is a route with the destination network segment being 10.0.2.2/32 on R1. (Right Answers)
Answer: AD
205. As shown in the following figure, what routes can R2 learn?
Rl R2
Rl R2
isis 1 ■sis 2
network-entity IO OOOO OOOO OOOl OO network-entity 10 0000 0000 0002 00
filter polity atl name abc export isis 2 a
import-route direct interface GigabitEthernetO/O/O
• ip address 1OO 112 2SS 2SS 2SS O
interface loopbackO isis enable 2
ip address IO 1 11 2SS 2SS 2SS O
ip address IO 131 2SS 2SS 2SS O sub
ip address IO 1 21 2SS 2SS 2SS O sub
a
interface GigabitfthernetO/O/O
■ p address 1OO 1 1 1 2S5.2SS.25S O
isis enable 1
•
acl name a be
rule IO permit ip source IO 1 1 O O O O 2SS
□ A R2 can learn all the routes of R1 (Right Answers)
□ B R2 can learn the route 10.1.1.0/24.
□ C R2 can learn routes 10.1.2.0/24 and 10.1.3.0/24.
□ D R2 can learn the LSPs of R1 but cannot add them to the routing table
Answer: A
206 What is the role of RT in MPLS VPN? (Multiple Choice)
□ A Allow the peer PE to decide which VPNv4 routes to import into the specific VRF. (Right Answers)
□ B Allow the peer PE to decide which VPNv4 routes will not be imported into the specific VRF (Right Answers)
□ C Allow the peer CE to decide which VPNv4 routes to import into the specific VRF.
□ D Allow the peer CE to decide which VPNv4 routes will not be imported into the specific VRF.
Answer: AB
207. Regarding the way the device handles packets in the MPLS network model, which of the following descriptions are wrong? (Multiple Choice)
□ A The label forwarding path LSP is determined and established through various protocols during the forwarding of the message (Right Answers)
□ B Both LER and LSR will carry out label distribution
□ C. LSR must not strip labels
□ D. The device discards the IP packets that enter the MPLS domain (Right Answers)
Answer: AD
208 Which of the following description is wrong about the MPLS BGP VPN?
□ A. IBGP establishes a stable BGP neighbor relationship for the ARPback interface address
□ B. Route switching between PE and CE can be static route, OSPF multi-instance, IS-iS multi-instance, EBGP
□ C. The TTL field in the tag has the effect of preventing loops
□ D BGP Soo is used to prevent routes routed from a VPN site from going back to the site through the MPLS backbone. Soo is an extended community attribute automatically generated by MP-BGP (Right Answers)
Answer: D
209. Which of the following are the techniques for improving MPLS BGP VPN reliability? (Multiple Choice)
□ A. VPN GR (Right Answers)
□ B VPN FRR (Right Answers)
□ C. Configure CE dual-homing networking at the access layer. (Right Answers)
□ D. Private network IP routing between the PE and the CE FRR (Right Answers)
Answer: ABCD
210. Which of the following description is wrong about the VPNv4 address?
□ A When BGP advertises reachable and unreachable VPNv4 routes, it carries the RD attribute
□ B. By default, the PE does not perform vpn-target filtering on the received VPNv4 routes. (Right Answers)
□ C The VPNv4 address has a total of 12 bytes, including an 8-word route identifier RD (Route Distinguisher) and a 4-byte IPv4 address prefix
□ D Before the local PE advertises the VPNv4 route learned from the site directly connected to itself to other PEs, it sets the Target attribute for these routes and advertises it as a BGP extended community attribute along with the route
Answer: B
211 Regarding the basic forwarding process of MPLS, which of the following descnption is wrong?
□ A When the IP packet enters the MPLS domain, the tunnel ID corresponding to the destination IP address is checked If the tunnel ID is 0x0, the MPLS forwarding process is entered (Right Answers)
□ B By default, the value of the label assigned to the penultimate hop node by the Egressl node that supports PHP is 3
□ C When the packet is forwarded in the MPLS domain, the top label of the MPLS packet is replaced with the label assigned by the next hop according to the label forwarding table
□ D When an IP packet enters the MPLS domain, the MPLS border device inserts a new label between the packet header and the IP header
Answer: A
212. The multicast IP address is 229.130.130.1, and what is its corresponding MAC address?
□ A. 00-00-5E-02-82-01
□ B 00-00-5E-82-82-01
□ C. 01-00-5E-82-82-01
□ D 01-00-5E-02-82-01 (Right Answers)
Answer: D
213 Which of the following statement is true about IPSG technology?
□ A The IPSG can perform binding table matching check on P packets that enter the interface and leave the interface
□ B On the Huawei router, you can configure the IPSG function on the Vlamf
□ C If an interface is configured with DHCP snooping Trust HCP ACK, DHCP NAKHCP, and Offerf packets, other untrusted ports cannot receive these packets The ip source check user-bind check-item command is used to configure IP-
based check packets for the dynamic or static entries (Right Answers)
Answer: C
214. Which of the following is wrong about HTTPS?

□ A HTTPS protocol uses TCP port 443 by default
□ B HTTPS secures access to data by using SSL VPN (Right Answers)
□ C. When using HTTPS to access a website, if the user’s browser does not recognize the digital certificate of the website, the website cannot be accessed.
□ D If the HTTPS traffic contains a virus, the router cannot directly detect the virus using IPS technology
Answers B
215. In traffic policing, the dual-bucket dual-speed is used. The number of tokens in the C bucket is TC, and the number of tokens in the P bucket is TP. When a message of length B enters, which of the following statements are correct?
(Multiple Choice)
□ A. If TP-B>0 and TC-B>0, the message is marked as green (Right Answers)
□ B. If TP-B>0 and TC-B<0, the message is marked as yellow (Right Answers)
□ C If TP-B<0 and TC-B<0, the message is marked in red (Right Answers)
□ D. If TP-B>0 and TC-B<0, the message is marked as green
Answer: ABC
216 The network administrator defines the following policy for traffic policing:
tHuowrl)dlsplay tiafflc pulley uxer-defined

User Defined Traffic Policy Information:
Policy: i-l
Claonlfler: el
Operator: UK
Behavior: bl
Comnltted Accrue Rate:
CIK 2b6 (Kbpn). PIK O (Kbps). CBS 48128 (byte). PBS 80128 (byte)
Color Mode: color Blind
Conform Action:
Yellow Action: pni
Exceed Action: discard
■tatlatlc: enable
If the policy is applied to a router port and there is no traffic on the port for about 10 seconds, how many bytes of burst will be available for class cl for packets to be marked as green?
□ A 256K bytes
□ B. 32K bytes
□ C. 48128 bytes (Right Answers)
□ D 80128 bytes
Answer: C
217. Which of the following types of routes are used to advertise external routes in BGP EVPN?
□ A. Type4
□ B. Typel
□ C. Type2
□ D. Type3
□ E Type5 (Right Answers)
Answer: E
218. Mainstream second-tier technologies include VXLAN, TRILL, NVGRE and MPLS.
□ B False
Answer: A
219. In Huawei device, when ISIS imports external routes and sets external route tags for routing information, the ISIS metric type does not need to be modified to keep the default.
□ A. True
Answer: B
220. The order for the protocols using TCP ports 443, 179, 137, 110, and 23 is:
A. BGP, POP3, SNMP, TFTP, Telnet
B. LDAP, SNMP, TFTP, POP3, Telnet
C. Https, SNMP, Pop3, DNS, Telnet
D. Finger, DHCP Server, NetBios Name Server, POP3, Telnet
E. Https, BGP, Netbios Name server Pop3, TelNet
Answer: E
221. What benefits can be achieved after using WRED? (Multiple Choice)
□ A. Thoroughly avoid congestion
□ B. Avoid TCP global synchronization (Right Answers)
□ C. Provide minimum bandwidth guarantee
□ D. Provide a certain low latency
□ E. Can avoid UDP taking up most of the bandwidth when it is congested (Right Answers)
Answer: BE
222. When there are multiple matching rules in the ACL of the VRP, which of the following statements is correct about the matching order?
□ A. By default, match according to rule-id, from small to large (Right Answers)
□ B. By default, match the permit first and deny later.
□ C. By default, match according to the principle of “depth first"
□ D. There is only one matching order and cannot be modified
Answer: A
223. Use WRED to avoid congestion. Which of the following scenarios is better for deploying WRED?
□ A. The main is UDP traffic in the network
□ B. The main is TCP traffic in the network (Right Answers)
□ C. Deploy on low bandwidth links.
□ D. Deploy on a serial link.
□ E. WRED randomly drops packets, the effect is not related to the scene.
Answer: B
224. Which of the following is the access control method provided by NAC? (Multiple Choice)
□ A. 802.1X authentication (Right Answers)
□ B. AAA authentication
□ C. MAC address authentication (Right Answers)
□ D Web authentication (Right Answers)
Answer: ACD
225. Use the ip as-path-filter as-path-filter-number {deny | permit} regular-expression command to configure the as-path filter
In this command, multiple clauses can form an as-path-filter statement.
So what is the relationship between multiple statements?
□ A. Relationship with
□ B. Relationship or
□ C. The routes are matched in order. When a route matches a clause, it no longer matches downwards. (Right Answers)
□ D. The routes are matched in order and the route needs to match all the clauses.
Answer: C
226. Command ip ip-prefix ip-prefix-name [index index-number] { permit | deny} ipv4-address mask-length [greater-equal greater-equal-value ] less-equal less-equal-value]Hf-IP- Prefix-filter.
If the less-equal of a prefix list has been specified, but the greater-equal is not specified, what is the range of the prefix?
□ A. [0,less-equal-value
□ B. mask-length, less-equal-value (Right Answers)
□ C. [less-equal-value, 32
□ D. No restrictions
Answer: B
227 Which of the following is true about Smart-link? (Multiple Choice)
□ A Smart-link can be mixed with STP under the interface.
□ B. Smart-link supports load sharing (Right Answers)
□ C. Smart-link mainly includes two roles: primary port and slave port. (Right Answers)
□ D. Smart-link cannot detect the uplink and downlink status.
Answer: BC
228 In multicast network, what happens to multicast traffic that cannot be forwarded normally? (Multiple choice)
□ A The router does not have RPF routes. (Right Answers)
□ B PIM is not enabled on the RPF interface. (Right Answers)
□ C. The upstream router discards the received PIM Join message. (Right Answers)
□ D Multi-router exit network, this router is not DR
Answer: ABC
229. Which of the following is the correct description of the Register message in PMSM? (Multiple choice)
□ A. Register message is sent by the receiver router
□ B. Register message enables the RP to learn multicast source information. (Right Answers)
□ C. Register message is sent by the source DR (Right Answers)
□ D. Register message is sent to the RP by unicast instead of multicast. (Right Answers)
Answer: BCD
230. When a router constructs its own routing table based on routing entries learned by different routing protocols, which routing entries are added to the routing table?
□ A. The routing entry with the largest preference value
□ B. Have a routing entry with a low router ID
□ C. The route entry with the largest next hop address
□ D. Routing entries with the fastest routing process
□ E. Unique routing entries (Right Answers)
Answer: E
231. Which of the following is correct about the ISIS GR description?
□ A The GR feature of ISIS is enabled by default.
□ B ISIS GR has four timers
□ C. ISIS GR notifies the event and maintains the neighbor relationship through the CSNP message.
□ D ISIS GR defines a new TL structure to support this feature (Right Answers)
Answer: D
232 There is an existing router HW1 running OSPF. The interface SeraO of HW1 is released in area 0, and the interface Serai is released in area 1. Run the "nssa default-route-advertise" command in the OSPF process.
Based on the previous description, which of the following options are inferred to be correct? (Multiple choice)
□ A. HW1 will inject zone 3 default routes into zone 1
□ B HW1 will inject zone 7 default route into zone 1 (Right Answers)
□ C. HW1 will inject zone 7 default route into zone 0
□ D When HW1 injects the default route into Area 1, the local routing table of HW1 needs to have a default route (Right Answers)
□ E. When HW1 injects the default route into Area 1, the local routing table of HW1 may not contain a default route.
Answer: BD
233 You are doing a job to compress the length of an IPv6 address as much as possible The existing IPv6 address is 2013 X000 130F 0000 0000 O9CO 876A 130B In order to make the IPV6 address more concise, the IPv6 address can be
compressed into which of the folowing one?
□ A 2013 0 130F 0 0 09C0 876A 1308
□ 8 2013 130F 9C0 876A 1306
□ C 2013 0 130F 0 0 9C0 876A 1306
□ D 213 13F9C 876A13B
□ E 2013 0 130F 9C0 876A1306 (Right Answers)
Answer. E
234. In addition to stateless address autoconfiguration, IPv6 devices can also obtain information such as address, gateway and DNS through DHCPv6.
□ A. True
Answer: B
235 Which of the following is the correct description of the route priority for ISIS?
□ A. The Level-1 and Leve-2 routes in the ISIS database have different routing priorities.
□ B. The default route of ISIS priority is 15. (Right Answers)
□ C. The routing priority of ISIS cannot be modified
□ D. ISIS aggregated route has a priority of 10
Answer: B
236. Which of the following is correct about the ISIS LSP fragmentation extension?
□ A. Enable the ISIS router to generate more LSP fragments to carry more ISIS information. (Right Answers)
□ B. ISIS fragmentation extensions are equally valid for Hello packets
□ C. ISIS fragmentation extensions are achieved by adding virtual systems, which can be expanded to a maximum of 1000 virtual systems.
□ D. The maximum number of fragments that an ISIS router can generate is 1024.
Answer: A
237. Routers HW1 and HW2 are IP multicast routers. These routers use the (S, G) entry to forward multicast packets.
Which of the following is correct about the "S" in the forwarding entry?
□ A. SSM address
□ B. Manage a part of the multicast address
□ C. SDP/SAP address
□ D. Any A, B or C host address (Right Answers)
□ E. GLOP address
Answer: D
238. In the HW MPLS network, which parameters are used to define a forwarding equivalence class? (Multiple choice)
□ A. IP prefix (Right Answers)
□ B. Layer 2 link (Right Answers)
□ C. BGP MED value
□ D. RSVP requests resource reservation from CE
Answer: AB
239. What is the role of the command peer ignore?

□\A- Delete BGP neighbors
□ B. Keep the neighbor configuration and maintain the BGP neighbor relationship, but cannot accept the route sent by the neighbor.
□ C. Keep the neighbor configuration and maintain BGP neighbor relationships, but cannot advertise routes to neighbors
□ D. Keep the neighbor configuration, interrupt the BGP neighbor relationship, and clear all related routing information. (Right Answers)
Answer: D
240. Which of the following description of the 8021s deployment features is correct?
□ A. Multiple bridges share a spanning tree instance
□ B. All VLANs share a spanning tree instance
□ C. Each VLAN shares a spanning tree instance
□ D. Multiple VLANs share a spanning tree instance (Right Answers)
Answer: D
241. The default type of router in ISIS is Level-2.

□ A. True
Answer: B
242. The network administrator defines a traffic policing strategy such as

[Huawei] display traffic policy user-defined
Policy: p1
Classifier c1
Operator: OR
Behavior: b1
Committed Access Rate:
CIR 256(Kbps), PIR 0 (Kbps) CBS 48128 (byte), PBS 80128 (byte)
Color Mode: color blind
Conform Action: pass
Yellow Action: pass
statistic: enable
The router port that uses this policy has been idle for about 10 seconds At this time, there are huge bursts of c1 type traffic coming in an instant, so how many bytes will be colored in the green packet?
□ A. 2K bytes
□ B. 32K bytes
□ D 80128 bytes
Answer. C
243 If the topology of the entire network does not change only the IP network segment alocation in the router changes. ISIS only uses the PRC to calculate the changed routing information and does not recalculate the SPT
□ B False
Answer: A
244. In an HW multicast network, the device needs to send an SSM message. What is the range of multicast addresses reserved for SSM?
□ A. 232.0.0.0-232.0.0.255
□ B. 233.0.0.0-233.255.255.255
□ C.232.0.0.0-232.255.255.255 (Right Answers)
□ D. 239.0.0.0-239.255.255.255
Answer: C
245. Regular expressions can be used in Community-filter and AS-path-filter to define attribute types for route filtering.
□ B False
Answer: A
246 There are now two gateway routers that provide services tor hosts on a LAN network to connect to the extranet What techniques should be used on these two redundant routers to make them the defaul gateway tor hosts in the LAN
network?
□ A DHCP
□ B RIP C. OSPF D VRRP E BOOTP
Answer: D
247. What do we usually call the devices in the MPLS BGP VPN domain? (Multiple choice)
□ A. P (Right Answers)
□ B. CP
□ C. PE (Right Answers)
□ D. User router
Answer: AC
248. If the host HW1 in the HW device network wants to join a video conference, what does the host do?
□ A. Send IGMPv2 membership report unicast to the default router on the local network.
□ B. Sending an IGMPv2 membership report through multicast on the local network, and the multicast address carried in the IGMPv2 membership report is the joined multicast address. (Right Answers)
□ C. Send a unicast IGMPv2 membership report to the RP
□ D. Send the IGMPv2 membership report through multicast on the local network. The destination multicast address sent by the IGMPv2 membership report is "all PIM routers" 224.0.0.2 multicast address.
Answer: B
249. In an MPLS VPN network, some devices maintain VPN routing information and private network information to ensure that VPN packets can be forwarded These devices not only need to run routing protocols but also need to run MP-BGP
and MPLS protocols What types of these devices are?
□ A CE
□ B PE (Right Answers)
□ C. P
□ D Host
Answer: B
250. How do 802.1w and 802.1D handle BPDUs?
□ A. The 802.1w bridge only forwards BPDU packet received from the root bridge.
□ B. The 802.1D bridge does not forward BPDU packet.
□ C. The 802.1D bridge only forwards BPDU packet received from the root bridge. (Right Answers)
□ D. The 802.1 W bridge does not forward BPDU packet.
Answer: C
251. What are the differences between traffic policing and traffic shaping? (Multiple Choice)
□ A. For traffic shaping, the router will buffer excess packets until the bandwidth is available again. (Right Answers)
□ B. For traffic policing, you can adjust the usage of the cache for traffic exceeding CIR.
□ C. For traffic shaping, you can adjust the usage of the buffer for traffic exceeding CIR. (Right Answers)
□ D. Apply traffic shaping in the direction of the entrance and use traffic policing in the direction of the exit.
□ E. Traffic policing uses the token bucket algorithm, and traffic shaping uses the SPD algorithm.
Answer: AC
252 Which control bit in the TCP header information can cause the receiver to reset the TCP connection?
□ A. SND
□ B. ACK
□ C. CLR
□ D. RST (Right Answers)
□ E. PSH
□ F. SYN
Answer: D
253. The fields indicating priority in the VLAN (802.1Q) data encapsulation are a total of 6 bits.
□ A. True
Answer: B
254. What are the common methods of learning routes in BGP? (Multiple Choice)
□ A. Introducing direct route (Right Answers)
□ B. Introducing static route (Right Answers)
□ C. Introducing BGP routes of other AS
□ D Receive neighbor routing information (Right Answers)
Answer: ABD
255. Which AS_PATH can the command ip as-path-filter1 permitA12*74$ match?

A. AS PATH(321122374)
B AS PATH(1236217432374)
C AS PATH( 1253287423)
D. AS PATH(32127423)
Answer: B
256. Which descriptions are correct about the BGP reflector? (Multiple Choice)
□ A. IBGP neighbor relationships need to be fully interconnected without a route reflector. The introduction of route reflectors can reduce the requirements for full interconnection (Right Answers)
□ B. The route reflector can advertise the routes learned from the non-client to all clients. (Right Answers)
□ C. The route reflector can advertise other clients and non-clients from the routes learned from one client. (Right Answers)
□ D. The route reflector can advertise all clients and non-clients from routes learned from IBGP neighbors.
Answer: ABC
257. MPLS BGP VPN is a Layer 3 VPN technology used to provide VPN solutions (PPVPN).
What are the basic components of MPLS BGP VPN?
□ A. CE and P
□ B PE, P and CE (Right Answers)
□ C. P and PE
□ D. SP
Answer: B
258. In RSTP, which port can provide the backup path to reach the root node of the spanning tree? What status is the port in?
□ A. Root port and Listening status
□ B. Alternate port and Forwarding status
□ C. Alternate port and Learning status
□ D. Designated port and Listening status
□ E. Alternate port and Discarding status (Right Answers)
Answer: E
259. If a switch runs RSTP, which interface on the switch will send BPDU carrying the Proposa logo?
□ A. The specified port in the forwarding state
□ B. Designated port in non-forwarded state (Right Answers)
□ C Root port in the Blocking state
□ D. Alternate port
Answer: B
260 To enable the routers at both ends of the IPv6 over IPv4 manual tunnel to exchange routing information, you can enable OSPFv3 on the tunnel OSPFv3 can form a neighbor relationship and use the tunnel interface as a P2P tunnel
interface
□ A. True {Right Answers)
□ B. False
Answer: A
261. ISIS authentication types include interface authentication, area authentication, and routing domain authentication.
Q A. True (Right Answers)
□ B False
Answer: A
262. User wants to enable the router for packets forwarding and routing according to the policy defined by itself based on the traditional route forwarding.
To achieve this goal, policy routing can be employed.
Which of the following about the description of policy routing is wrong?
□ A. Policy routing cannot be used to set IP Precedence (Right Answers)
□ B. Policy routing cannot set DSCP in a statement
□ C. Policy routing can set the next hop IP address
□ D. Policy routing can be used to match the packet length
Answer: A
263. Which of the following is the correct description of OSPF adjacency and link state database synchronization?
□ A When the state of the OSPF router reaches the LOADING state, the FULL adjacency is formed
□ B. The adjacency relationship starts from the EXSTART state (Right Answers)
□ C. FULL adjacencies are formed between all routers in the broadcast network.
□ D. The INT status indicates that the router has received a Hello packet from the neighbor and the Hello packet already contains its own router ID.
Answer: B
264 Cross-device hnk aggregation enables data stream transmission and mutual backup of stack member switches However, because of the limited bandwidth of stack cables between stack devices, which of the following methods can improve
forwarding efficiency?
□ A Connect stack devices through stack cards
□ 8 Enable stack multi-master check function
□ C Configure stack system MAC address switching
□ D Enable traffic local priority forwarding (Right Answers)
Answer. D
265 Which of the following description about the CHAP authentication function in the PPP protocol is correct? (Multiple Choice)
□ A If the authenticator does not configure a username, the password cannot be configured on the authenticated interface
□ B Calculate a Hash value by the MD5 algorithm using the authentication sequence ID, random number and key (Right Answers)
□ C. Three-message interactive authentication is required, and the username is transmitted only on the network without transmitting the password (Right Answers)
□ D. The user name must be configured under the authenticated interface of CHAP authentication. (Right Answers)
Answer: BCD
266. An existing switch runs RSTP If the network topology changes, what happens to the Layer 2 forwarding entries learned automatically by the switch?
□ A. All entries are deleted
□ B Only entries related to the port that received the TC message will be deleted
□ C. Other entries are deleted except the entries related to the edge port.
□ D If the aging time is set to 15 seconds, the entries that exceed the aging time will be deleted.
□ E. Other entries are deleted except the entries related to the edge port and the entries related to the port that receives the TC message (Right Answers)
Answer: E
267 Which of the following description of the MUX VLAN in the Huawei switch is correct?
□ A. In the same VLAN, the MUX VLAN can be mixed with the Super VLAN to use.
□ B The MUX VLAN is divided into a Principal VLAN and a Subordinate VLAN. The Subordinate VLAN is further divided into a Separate VLAN and an Isolate VLAN
□ C. Each Separate VLAN can be bound to multiple Principal VLANs
□ D. Principal Port can communicate with all interfaces in the MUX VLAN (Right Answers)
Answer: D
268 When you troubleshoot a LAN that has Huawei devices deployed you find that there are many unicast frames with unknown source MAC addresses in the LAN What is the greatest harm that many unknown source MAC address unicast
frames wiH cause to the switch?
□ A Consume available bandwidth
□ B Increase the power consumption of the power supply
□ C Occupy the memory of cached frames
□ D Consume available MAC address entries in the system (Right Answers)
□ E. Occupy TCAM entries
Answer. D
269 Which of the following description about the process of sending and receiving data frames in the Access mode of the switch interface is correct?
□ A. Directly discard when receiving a tagged data frame in Access mode.
□ B Only receive unlabeled data frames in Access mode
□ C. When the data frame enters the switch interface, the switch learns the destination MAC address in the data frame
□ D. In the Access mode, the VLAN tag of the data frame will be stripped off when sent. (Right Answers)
Answer. D
270. In RSTP, which port can provide the backup path that has reached to the root node of the spanning tree? What state is the port?
□ A Alternate port and Learning state
□ B. Alternate port and Forwarding state
□ C. Root port and Listening state
□ D. Designate port and Listening state
□ E. Alternate port and Discarding state (Right Answers)
Answer: E
271 Which of the following options may affect the establishment of IBGP neighbors? (Multiple Choice)
□ A. Authentication is unsuccessful (Right Answers)
□ B. The BGP protocol version is inconsistent (Right Answers)
□ C. IBGP - Multi-hop not configured
□ D. IGP routing is unreachable (Right Answers)
Answer: ABD
272. Which of the following about the RD attribute filter of BGP is correct? (Multiple Choice)
□ A. If RD-filter is configured, but the RD of the route does not match any of the RDs defined in the rule, the default match result is Permit
□ B. The relationship between the rules configured by RD-filter is "or" (Right Answers)
□ C. If RD-filter is not configured, but this RD-filter is used for filtering, the matching result is deny.
□ D. Match multiple rules in the order of configuration (Right Answers)
Answer: BD
273. ISIS will elect DIS in the broadcast multi-access network Which of the following statement about DIS is correct? (Multiple Choice)
□A ISIS elects the DIS by comparing the priorities, and compares the MAC addresses if the priorities are the same (Right Answers)
□ B DIS guarantees database synchronization by periodically sending CSNP messages (Right Answers)
□ C. In a broadcast multi-access network, the DIS sends Hello PDUs three times as often (Right Answers)
□ D. DIS supports the preemption function. After the new DIS preemption is successful, it does not need to flood any LSPs.
Answer: ABC
274. What is the correct description about Filter-policy?

□ A. Filtering the generation of type 5 LSA and type 7 LSA on the ASBR in OSPF using Filter-Policy (Right Answers)
□ B. The prefix list can filter routes as well as filter packets.
□ C. Filter-Policy can filter the received or advertised link state information, and can modify the attributes of the route entry
□ D. When filtering routes using the prefix list, the entry ip ip-prefix 1 deny 0.0 0 0 0 less-equal 32 means that only the default route is matched
Answer t A
275. The OSPFv3 protocol is a separately developed protocol It differs from OSPFv2 in that OSPFv3 is based on links rather than network segments. Which of the following statement is incorrect?
□ A The two routers connected to the link can establish neighbor relationships even if their IPv6 address prefixes are different
□ B The two routers connected to the link can establish neighbor relationships even if no unicast IPv6 address is configured
□ C. The routing information obtained by the OSPFv3 router from the neighbor uses the link-local address of the neighbor as the next hop of the forwarded packet
□ D All OSPFv3 interfaces use the Link-local address as the destination address of the packet except the virtual link (Right Answers)
Answer: D
276. Regarding the sliding window of TCP, which of the following descriptions are wrong? (Multiple Choice)
□ A. After the retransmission timer expires, the sender has not received the acknowledgement and will retransmit the unconfirmed data
□ B. The sender does not need to transmit a complete window size message
□ C TCP sliding window allows multiple packets to be sent before receiving an acknowledgment
□ D. The sliding window size can only be increased or left unchanged (Right Answers)
□ E The sender announces the initial window size (Right Answers)
Answer: DE
277. As shown in the figure, in the IPv4 and IPv6 environment, the SEL field in the ISIS NET address always takes the value 00

□ B False
Answers A
278. As shown in the figure, a part of LSP of the LSDB of a router is shown in the first line of the figure. First received a new LSP, the second hop is shown in the following picture, which of the following statement is wrong?
Level-2 Link State Database
LSPID Seq Nua Checksua Holdtiac Length ATT/P/OL
0002. 0002. 0002. 00-00 0x00000019 0x4eeb 788 102 0/0/0
Level-2 link State Database
LSPID Seq Xua Checksua Holdliae Length ATT/P/OL
0002. 0002. 0002. 00-00 0x00000020 0x4eeb IQO 102 0/0/0

□ A. The router will put the newly received LSP into the LSDB.
□ B. The router will ignore the LSP received from the neighbor (Right Answers)
□ C. If it is a point-to-point network, the router will send PSNP
□ D. If it is a broadcast network, the DIS will be in the next CSNP packet, including the summary Information of the LSP.
Answer: B
279 To view the routing table of router R1, execute the command "display ip routing-table" on the route R1 Router R1 runs OSPF Which of the following is true about the OSPF information in the routing table?
□ A. In the routing table, the routing entry identified by the "O_ASE" identifier indicates that the entry was learned through a Type 1 LSA or a Type 2 LSA.
□ B In the routing table, the routing entry identified by the "O_ASE" identifier indicates that the entry can only be learned through routing (Right Answers)
□ C. In the routing table, the routing entry identified by the "OJA" identifier is the intraregional routing
□ D In the routing table, the routing entry identified by the "OSPF" identifier are learned through the Type 7 LSA imported from other processes to OSPF
□ E. In the routing table, all types of LSAs correspond to unique destination addresses.
Answer: B
280 Regarding the Stub area and the NSSA area of the OSPF protocol, which of the following statement is incorrect?
□ A Type 5 LSA is not allowed in the Stub area, and Type 5 LSA is allowed in the NSSA area. (Right Answers)
□ B. Both the Stub area and the NSSA area can inject Type 3 LSAs.
□ C. Both the Stub area and the NSSA area are not allowed to inject Type 4 LSA.
□ D. Type7 LSA is not allowed in the Stub area, and Type 7 LSA is allowed in the NSSA area.
Answer: A
281. Regarding BGP route filtering, what is wrong with the following description? (Multiple Choice)
□ A. For a locally advertised route, configure a routing policy. The policy takes effect before the route is added to the BGP routing table.(RightAnswers)
□ B. The filtering relationship between the nodes of the Route-Policy is "or", that is, if it is filtered by a node, it can pass route-policy.
□ C. When receiving a route of a BGP peer, perform a routing policy to filter unwanted BGP routes. These routes are not added to thelocalBGP routing table.
□ D. In the same node of Route-Policy, the relationship of multiple if-match clauses for different attributes is "OR". (Right Answers)
Answer! AD
282. If the value of the Option field in the OSPFv3 Hello packet sent by GigabitEthemet 0/0/0 interface of Router A is 0x000013, which of the following description is correct? (Multiple Choice)
□ A. GigabitEthernetO/O/O interface of Router A belongs to the NSSA area.
□ B. GigabitEthernetO/O/O interface of Router A will participate in IPv6 route calculation. (Right Answers)
□ C. Router A is an OSPFv3 device with forwarding capability. (Right Answers )
□ D. Router A supports AS-Extemal-LSA flooding. (Right Answers)
Answer: BCD
283. Which of the following statement about deploying ISIS protocol in IPv6 environment is correct?
□ A. In broadcast networks, the DIS priorities of IPv4 and IPv6 can be set separately.
□ B. By default, the DIS priority of the broadcast network interface on Level-1 and Level-2 is 1
□ C. In the same broadcast network, if each router supports both IPv4 and IPv6, the DIS of IPv4 and IPv6 must be the same device. (Right Answers)
□ D. Configure ISIS silent on the ISIS interface, then this interface will not send ISIS packets, but will receive ISIS packets.
Answer> C
284. After the BGP route is imported to other protocols, the next hop in the BGP routing table is the same as the next hop of the routing protocol imported
□ A. True
Answer: B
285. There is an AS-path-filter, ip as-path-filter 1 permit A100(_100)*(_400)*, which AS-PATH attribute cannot be matched by the As-path-filter?
□ A. 100 400
□ B . 100 400 400 400
□ C. 100 200 900 (Right Answers)
□ D. 100
Answer: C
286 Regarding the BGP confederation, which of the following description is incorrect?
□ A The confederation divides an AS into several sub-AS confederation. External As still considers the confederation to be an AS.
□ B. The sub-AS number of the confederation is advertised to BGP peers outside the confederation by default. (Right Answers)
□ C. The sub-autonomous system within the confederation can use a private AS number A Huawei NE/AR router can be configured with up to 32 sub-AS in a single confederation.
□ D. The confederation can easily detect the routing loop within the AS because EBGP is running between the sub-As.
Answer: B
287 What is the correct description of the BGP reflector? (Multiple Choice)
□ A The route reflector can advertise the routers learned from IBGP neighbors to all clients and non-clients
□ B IBGP neighbor relationships need to be fully interconnected without a route reflector The introduction of route reflectors can reduce the requirements for full interconnection. (Right Answers)
□ C. The route reflector can advertise the routes learned from the non-client to all clients (Right Answers)
□ D. The route reflector can advertise the routes learned from one client to other clients and non-clients. (Right Answers)
Answers BCD
288 VXLAN needs to be accessed under different VPN subnets. One subnet information is as follows EVPN RT 10:10 both, RT 1000:1000 export, VPN RT 100:100 What is the configuration of another subnet? (Multiple Choice)
□ A EVPN configuration 1000 1000 export
□ B VPN configuration 10:10 both
□ C EVPN configuration 1000 1000 both (Right Answers)
□ D VPN configuration 1000:1000 both evpn (Right Answers)
Answers CD
289 After the BGP connection is successful, then down, what are the reasons for the impossible?
□ A Open packet negotiation failed (Right Answers)
□ B The mandatory attribute in the routing update message is lost.
□ C. After the BGP connection is established, the keepalive packet is not received within the negotiated holdtime
□ D Received incorrect BGP packets
Answer: A
290 When ISIS area authentication is configured, which ISIS packet can carry the authentication information?
□ A. Level-1 SNP and LSP of ISIS (Right Answers)
□ B. Level-1 Hello message of ISIS
□ C. Level-2 SNP and LSP of ISIS
□ D. Level-2 Hello packet of ISIS
Answer: A
291 The Type 5 LSA in OSPF is used to pass external routes. Which of the following statement about the five Type 5 LSA is wrong?
□ A The router in the same area as the ASBR can calculate the external route through the intra-area LSA and the Type 5 LSA.
□ B Configure the corresponding policies on the ABR and ASBR to filter the Type 5 LSA.
□ C. The Type 5 LSA is advertised by the ASBR and flooded in the OSPF network in the non-Stub/NSSA area
□ D. The FA address is included in the Type 5 LSA, and the FA address is O.O.O.O, but has no practical effect as a reservation. (Right Answers)
Answer: D
292 About the domain-authentication-mode md5 hello command in the ISIS process, which of the following is the correct explanation?
□ A. The routing domain authentication is used to enable SNPs and LSPs of Level-1 and Level-2 to carry authentication information during the delivery process.
□ B The domain authentication mode of all routers in the same routing domain is MD5, the password is hello, and the ISIS SNP and LSP spread normally (Right Answers)
□ C. This command is mainly used to enable ISIS Hello packets to carry authentication information during the delivery process.
□ D. ISIS certification cannot be applied in IPv6 environment.
Answer: B
293. The Level-2 LSP is transmitted to the Level-1 area by Level-1-2 IS. If the location of ATT is in the Level-2 LSP is 1, it indicates that the Level-1 in the area can pass the LeveH-2 IS to the outside area
□ A. True
Answer> B
294. In the OSPF broadcast network, there are four routers in the same network segment, RTA. RTB, RTC and RTD, whose DR priorities are 2,1, 1, and 0, and the router IDs are respectively 192.168.1.1, 192.168.2.1,192.168.3.1 and
192.168 4 1 If OSPF is enabled on al Ihe four routers, the BDR selected by OSPF is ().
□ A RTB
□ B. RTC (Right Answers)
□ C. RTA
□ D.RTD
Answer. B
295. Which AS_PATH can be matched by command ip as-path-filter 1 permit A12.*74$?

□ A. AS_PATH (32 1274 23)
□ B AS_PATH (123 621 743 2374) (Right Answers)
□ C. AS_PATH (321 12 2374)
□ D. AS_PATH (125 328 74 23)
Answer: B
296 The OSPF protocol is running on a company network To understand the OSPF mechanism to perform packet capture operations on the network, which of the following description about the OSPF packet is correct? (Multiple Choice)
□ A LS Update message synchronizes the link state database by sending detailed LSA information (Right Answers)
□ B. After receiving the LS Update message, the router must send LS Ack to confirm
□ C Sending Hello packets immediately after the interface joins the OSPF area (Right Answers)
□ D The LS Update message is sent only when the adjacency is established
Answer: AC
297. In Ihe folowing topology. R1 can access the Internet through R2 and R3 The EBGP connections are established between R1 and R2. R1 and R3. R2 and R3 belong to the same AS The defaul route is advertised through BGP The traffic
that Rl IS required to access the Internet is preferably R2 Which of the folowing practices can be achieved? (Multiple Choice)
□ C. R2 specifies that the peer R1 sets the local priority to 150 in the export direction.
□ O R1 specifies that the peer R2 sets the local priority to 150 in the import direction (Right Answers)
Answer: BD
298. In addition to stateless address auto-configuration, IPv6 devices can also obtain information such as address, gateway, and DNS through DHCPv6.
□ A True
Answer: B
299 The network administrator prepares to use the 6to4 automatic tunnel to carry IPv6 data on the IPv4 network The IPv4 address of the router interface is 138.14 85.210, so the corresponding tunnel address is
2001:8a0e:55d2:1:230:65ff:fe2c.9a6
□ A. True
Answer: B
300 In an IPv6 network, two nodes A and B are neighbors each other If node A sends an NS message to node B, if node B receives a message and then replies the NA message, then checked on node A, what wil the neighbor status be
marked?
□ A Reachable (Right Answers)
□ B Stale
□ C Probe
□ D Incomplete
Answer. A
301 What is wrong about the description of MPLS below?

□ A The label space range of dynamic signaling protocols such as LDP and MP-BGP is 16-1023 (Right Answers)
□ B The length of the MPLS label is 20 bits and it is used for packet forwarding
□ C. In the TTL processing mode by using Pipe mode, IP packets are transmitted on the MPLS network The TTL value of the IP packets is reduced by 1 in the MPLS ingress node and the egress node respectively.
□ D MPLS supports multi-layer tag nesting, the S-bit value of the innermost tag is 1.
Answer. A
302 RD is used to distinguish the same IP address in different VPNs. How many bits does the RD contain?
□ A. 16
□ B. 64 (Right Answers)
□ C. 32
□ D. 128
Answer. B
303. In the packet forwarding of the cross-domain VPN-Option B mode, the two ASBRs will exchange the LSP labels of the public network once
□ A. True
Answer: B
304. Which of the following about the MPLS label related information is wrong?
□ A. The MPLS label is 4 bytes long and is encapsulated between the link layer and the network layer.
□ B. By default, the device supports the PHP feature, and the label value of the egress node supported PHP that is assigned to the penultimate hop node is 3,
□ C. If the bottom mark of the label is S=0, it indicates that the label is the bottom label of the stack and directly performs IP forwarding. (Right Answers)
□ D. When the tag value is 0, it indicates that the tag should be ejected, and the packet must be forwarded based on IPv4
Answer: C
305. View the details of all VPN instances on a network device, the results are as follows. Which of the following statements are incorrect? (Multiple Choice)
> display ip vpn-instance

Total VPN-lnstances configured ; 3
Total IPv4 VPN Instances configured : 1
Tntal TPvf VPN-Tntttaruen ronfigtired : ?
VPN Instance Naoe and ID : vj-na. 6

Description : vpna-1
Service ID : 12
Interfaces : CigabitEthemetl/OZO
Address family ipv4
Create date : 2018/6/3 15:36:20
Up time : 6 days, 04 hours, 41 minutes and 67 seconds
Route Distinguisher : 100:1
liport VPN Targets : 1:1 2:1
1sport VPN Targets : 1:1
Label Policy : label per instance
Per-Instance Label : 1024
IP FRR Route Policy : 20
VPN FRR Route Policy : 12
□ A. The total number of instances of the IPv6 address cluster enabled in the VPN configured on the local end is 1. (Right Answers)
□ B The device will assign a label to each route of the VPN-lnstance vpna (Right Answers)
□ C. VPN-lnstance vpna will not receive VPN routes with RT 2:1
□ D. GigabitEthernet 1/0/0 interface is bound to the VPN-lnstance vpna
Answer: AB
306. Which of the following description about LDP reliability is incorrect?

□ A. LDP FRR can also be used to generate an LSP for the label mapping from the non-optimal next hop And it can be a backup of the main LSP, to establish the forwarding entries
□ B. The association between the LDP and the IGP requires the IGP to suppress the advertisement of the route and ensure that the LDP path is consistent with the IGP path.
□ C The manually configured LDP FRR policy defaults to a 32-bit backup route that triggers LDP to establish a backup LSP (Right Answers)
□ D. LDP GR (Graceful Restart) uses the feature that MPLS forwarding plane is separated from the control plane to ensure that the device does not interrupt forwarding during protocol restart or active/standby switchover
Answer: C
307. What improvements have been made to the IGMPv2 protocol compared to IGMPvl? (Multiple Choice)
□ A Added specific group query message (Right Answers)
□ B. Added off-group messages (Right Answers)
□ C. Added maximum response time field (Right Answers)
□ D. Added specific source group query messages
Answer: ABC
308. If multiple candidate RPs are configured in a certain group of multicasts, which of the following parameters need to be compared for selecting the RPs from the multiple candidate RPs? (Multiple Choice)
□ A The priority of C-RP (Right Answers)
□ B The group scope mask length of the C-RP service matching the group address which the user joins (Right Answers)
□ C IP address of the C-RP interface (Right Answers)
□ D Number of the C-RP interface
Answer: ABC
309 When running PIM-SM between multicast routers need to elect a DR to be responsible for sending and receiving multicast data at the source or member end, what is the correct description of the DR election rule?
□ A Compare the DR priorities first, if the priorities are the same you need to compare the IP addresses of the PIM router interface to elect DRs (Right Answers)
□ B. The PIM router with a long interface mask is elected as the DR
□ C The PIM router with a low DR priority value is elected as the DR
□ D. The router with a small IP address is elected as a DR
Answer: A
10 If running PIM-SM on a multicast network, you need to construct a multicast forwarding tree between the multicast source and the receiver to enable the receiver to receive multicast data Which of the folowing description about the
onstructed multicast forwarding tree is correct? (Multiple Choice)
3 A The RTP tree is built between the RP and the receiver (Right Anawera)
3 B The RPT tree is built between the multicast source and the RP
3 C The SPT tree is built between the RP and the receiver
3 D The SPT tree is built between the multicast source and the RP (Right Anawera)
Answer i AD
311 As shown in the figure, the IPSEC VPN is established between the branch and the headquarters using redundant links At the same time, URPF is enabled for the traffic from the branch 1 on Router_B Which of the folowing options is
.( IPwk lunnel ()
□ A When using IPSEC main-link redundant backup, URPF loose mode is recommended when the URPF function is used on the physical interface (Right Anawera)
□ B When using IPSEC muli-lmk redundancy backup URPF strict mode can be used when enable URPF function on the tunnel interface (Right Anawera)
□ C When using IPSEC main-link redundant backup, URPF strict mode can be used when the URPF function is used on the physical interface
□ D When using IPSEC multi-link redundancy backup. RPF strict mode can be used when enable URPF function on the physical interface
Answer. AB
312 The HI IP protocol is based on TCP, so you can use the TCP Flood attack defense method to defend against HTTP Flood attacks.
□ A. True
Answer. B
313 As shown in the figure, there are two IPv6 networks that can access the IPv4 network At the same time, an IPSEC tunnel needs to be established between the two IPv6 networks for communication Which of the following encapsulation
modes can meet the above requirements?
□ A ESP+ tunnel mode (Right Answers)

□ B None of the above options
□ C AH+ transmission mode
□ D. AH+ tunnel mode
Answer. A
314 When there are multiple matching rules in the ACL of the VRP, which of the following statements is correct about the matching order?
□ A. In case of confirmation, follow the Rule-ID, match from small to large (Right Answers)
□ B. By default, match according to the principle of “depth first”
□ C In case of confirmation, match the order by matching the permit first and then matching the deny
□ D. There is only one matching order and cannot be modified.
Answer: A
315 The LAND attack is performed by the attacker sending a source address and a destination address to the destination host are the destination host, the same SYN packet on source port and the destination port When the receiver waits for
the final ACK packet from the sender, the connection is always in a semi-connected state resulting in waste of limited TCP resources at the receiving end
□ A True
□ B False (Right Answer*)
Answer. B
316. What is the relationship between CIR, BC and TC?
□ A TC=CIR/BC
□ B. CIR=TC/BC
□ C. CIR=BE/TC
□ D TC-BC/CIR (Right Answers)
Answer: D
317 A home user has opened a 10Mb/s broadband To improve the user experience the operator can stabilize at 12Mb/s when performing speed measurement It we use token bucket technology to achieve this demand which of the following
is the best?
□ A cir 10000 pir 12000 (Right Answers)
□ B. cir 10000 cbs 10000 pbs 12000
□ C cir 8000 pir 12000
□ D cir 10000 cbs 12000 pbs 12000
Answer: A
318. Which of the following options is correct for the description of the optimal routing elections for various protocols?
□ A. OSPF puts all routing information in the LSDP into the IP routing table
□ B. The route with the next hop unreachable in BGP is also put into the IP routing table.
□ C. Learn different routing entries to the same destination network segment from BGP and OSPF, and select the optimal route to join the IP routing table by comparing the preference value of the protocol. (Right Answers)
□ D. Select the best route to the same destination network segment by comparing the cost value of the route entry in BGP protocol.
Answer: C
319. The following topology diagram, all the interfaces of the router in the figure open the ISIS protocol, which of the following statement is correct? (Multiple Choice)
□ A.If the GE0/0/0 interface of R3 is downthen R2 will become the master device (Right Answers)
□ B.If the Ethernet 0/0/0 interface of R3 is down, then R2 will become the master device.
□ C. If the Ethernet 0/0/0 interface of R1 is down, then R2 will become the master device. (Right Answers)
□ D. If the Ethernet 0/0/1 interface of R1 is down, then R2 will become the master device. (Right Answers)
320. Which of the following statements about the BFD single-arm echo function are correct? (Multiple Choice)
□ A. The BFD single-arm echo function must be configured with a local identifier and a remote identifier
□ B. The default destination IP address of the BFD single-arm echo function protocol packet is 224.0.0.184
□ C BFD single-ami echo function is applicable to scenarios where one device supports BFD and the other device does not (Right Answers)
□ D After the BFD single-arm echo function is enabled, the destination IP and source IP of the BFD packets are the same (Right Answers)
Answer: CD
321. Which of the following does not belong to EVPN Type 2 routing functions?
□ A. Host MAC address notification
□ B Host ARP notification
□ C. BUM message forwarding (Right Answers)
□ D. Host IP route notification
Answer: C
322. Mainstream large-scale Layer 2 technologies include VXLAN, TRILL, NVGRE, and MPLS
□ B. False
Answer: A
323. One BD in VXLAN can correspond to multiple VNIs.

□ A. True
Answer: B
324. Which of the following is optimal for building a loop-free Layer 2 network?
□ A Stack + link aggregation (Right Answers)
□ B. TRILL+MSTP
□ C. Stack + MSTP
□ D. Link Aggregation + MSTP
Answer: A
325. Now, the switch MAC address table is empty by default configuration. The host A connected to the switch sends the first unicast data frame. What operation will the switch perform after receiving the data frame?
□ A. The switch will discard the data frame
□ B. The switch forwards the data frame out of an interface according to the destination MAC address of the data frame.
□ C. The switch records the source MAC address of the data frame and floods the data frame. (Right Answers)
□ D. The switch caches the data frame and waits for the destination host to send the data frame and then forward it.
Answer: C
326 As shown in the figure, three switches SW1, SW2 and SW3, where SW1 is the root bridge, the link between SW1 and SW2 is congested, and SW2 cannot receive the configuration BPDU sent by the root bridge. What kind of spanning
tree protection mechanism need to configure to prevent problems caused by link congestion?
LSW2 LSW3
□ A. Loop protection (Right Answers)
□ B Root protection
□ C TC-BPDU protection
□ D BPDU protection
Answer: A
327 Through the following displayed command, you can determine that switch loop fault is caused by ().
□ A.
□ D.„,
► li-vluOrr
fiawirf Vuffn '.03 oxi rvd'lrl
AllooH mi tutfe* : .WH
Vt’iM elr* •
nu«<-er ! > . Chstul r»ur :
Currant otoaMM •
he/ 21 801 )6:8< .U 6W 1 > A 1 « 1.8»1 S ?r. x? Vimd V/JTfl « I
luAMrws • Pen • MX0AOA. flwrtac Mifl > MWL
(Right Answers)
Answer: D
328. A total of 6 bits indicating the priority field in the VLAN (802.1Q) data encapsulation.
□ A. True
Answer: B
329. Four routers R1, R2, R3, and R4 run ISIS, the ISIS router type is marked, and the routing table is viewed on R1. The reason why the R1 does not reach the route of 10.34.34.4 is ()
Route Flags: R - relay, D - download to fib
Routing Tables: Public

Destinations : 6
Destlnation/lask Proto Pre Cost Flags NestHop Interface
10.12.12.0/24 Direct 0 0 D 10.12.12.1 GigabitBthernetO/O/O

10.12.12.1/32 Direct 0 0 D 12T.0.0.1 CigabitBthernetO/O/O
10.23.23.0/24 ISIS-LI IB 20 D 10.12.12.2 ClgabltEthemetO/O/O
□ A. Configure a routing policy on R2 to filter the default route.

□ B. The system-ID of R2 conflicts with R3.
□ C. Regional planning errors for R3 and R4. (Right Answers)
□ D. The system-ID of R2 conflicts with R1.
330. The OSPFv3 Option field appears in all LSAs.

□ A. True
Answer; B
331 Which of the following is true about Link-LSA of OSPFv3?

□ A The Option field exists in the LSA header, not in the data area of Link-Isa.
□ B. Contains both the link-local address of this interface and all IPv6 prefixes of this interface. (Right Answers)
□ C. If the Prefix Option field of a prefix of the Link-LSA is 0x00, the Prefix will not be included in the IPv6 unicast calculation.
□ D. Contains both the link-local address of the interface and all Ipv6 prefixes in the same area on the router.
Answer: B
332. The following topology is available, which of the following statement is correct based on analysis?
J ;- xz-.rr-TW------ nr„
SI »
Rl
llll 1 R2
isis 1
• network entity 49.0001.0001.0OOl.00Ol.ee
interface fthernetO/0/0
ls-level level-1
network-entity 49.0001.0007.0007.0007.00
ip address 10.0,17.1 299.799.299.0 sumary 10.0.0.0 299.299.0.0 level 1
isis enable 1 (
Interface tthernetO/O/O
r) ip address 10.0.17.7 799.799.799.0
Isis 1 isis enable 1
network entity 49.0001.0005.0001.0001.00 (
Interface ithernet0/0/l
interface fthernet0/0/0 ip address 10.0.7).7 799.799.799.0
ip address 10.0.7). 3 299.299.799.0 * isis enable 1
Isis enable 1 a
(Interface loopBackO interface loopbackO
ip address 10.0.3.) 299.299.299.299 ip address 1O.0.2.7 299.799.799.799
Isis enable 1 isis enable 1
□ A. Because R2 does route aggregation, only the routing entry of 10.0.0.0/16 exists in the IP routing table of R1.
□ B There are routing entries for 10.0.2.2/32 and 10.0.3.3/32 in the IP routing table of R1
□ C. The routing entries of 10.3.3.3/32 and 10.0.0.0/16 exist in the IP routing table of R1 at the same time. (Right Answers
□ D. There are routing entries of 10.0.2.2/32 and 10.0.0.0/16 in the IP routing table of R1
333. Which type of prefix will the router running BGP advertise to its own IBGP neighbor (assuming the router is not configured as a route reflector)?
□ A. The prefix is learned through the EBGP neighbor, or the prefix is learned from the RR.
□ B. The prefix is learned through other BGF neighbors, or the prefix is locally learned through network or route introduction.
□ C. The prefix is learned through other IBGP neighbors, or the prefix is learned from the EBGP neighbor, or the prefix is learned through the route introduction.
□ D. Prefix existing in routing shows
□ E. The prefix is learned through the EBGP neighbor, or the prefix is learned locally through the network or route introduction. (Right Answers)
Answer: E
334 As shown in the figure, the AS100 has two paths to access the AS400 By defaul, the best route is transmitted from the AS200 It is known that the path bandwidth to the AS400 through the AS300 is better Therefore, doing the
configuration on R2 as follows After the configuration is complete, the optimal route is not changed. Which of the folowing operations can make the configuration take effect?
[R2)ip as-path-filter 1 permit *400$ [R2|route-pokcy med permit node 10 Ir2-route-policy)if-match as-path-filter 1 [r2-route-policy|appty cost 20
i A Configure deterministic-med under the BGP process of Rl

J B Configure compare-different-as-med under the BGP process of R2
□ C. Configure determinishc-med under the BGP process of R2
□ D Configure compare-different-as-med in the BGP process of R1 (Right Answers)
Answer: D
335 Now there is a network consisting of router R1. router R2. router R3 and router R4 These four routers are interconnected via a LAN network Basic OSPF is deployed on al four routers When you execute the command "display ospf peer"
on the router R2. the status between router R2 and router R3 is "2way"
So, what conclusion can you draw from this output? (Multiple Choice)
□ A Router R4 is DR
□ B Router R2 is a DR or BDR
□ C Router R2 is not DR (Right Answers)
□ D Router R3 is neither a DR. nor a BDR (Right Answers)
□ £ There is no ful ad|acency relationship between router R2 and router R3 (Right Answers)
Answer: CDE
336. Which of the following statement about the NSSA area is correct?
□ A. In the hello message sent by OSPF neighbor in NSSA region, position N is 1 and position E is 0 in option field (Right Answers)
□ B. The NSSA region generates Type 7 LSA to inform external routing, and the FA address role in the Type 7 LSA is to prevent loops
□ C. The NSSA region will automatically generate a default LSA to access the external network.
□ D. In the hello message sent by OSPF neighbor in NSSA region, position N is 0 and position E is 1 in option field.
Answer: A
337 In the command aggregate ipv4-address (mask | mask-length) | as-set | attnbute-pokcy route-poticy-namet | detail-suppressed | origin-policy route-policy-name2 | suppress-policy route-pokcy-name3], multiple parameters can be used to
influence the summary route and its results What is the correct description about this convnand?
□ A If the Suppress policy is configured, the aggregated route is generated The if-match clause of the route-policy is used to select the detailed route to be suppressed The detailed route matching the route-policy is stil advertised to other
BGP neighbors
□ B If the Ongin-pokcy is configured, only the detailed routes matching the Route-policy can participate in the aggregation (Right Anawera)
□ C If Attribute-policy is configured you can change the attributes of the aggregated route (Right Anawera)
□ 0 If As-set is configured. AS ATM of the summary route contains AS path information of all specific routes to prevent routing loops (Right Answers)
Answer. BCD
339 There are two types of community-filter basic community attribute filers and advanced community attnbute filers Which of the folowing filering toots makes the advanced community attnbute filer more flexible than the basic community
attribute filer?
□ A. ACL
□ B Regular-expression (Right Answers)
□ C AS-path-filer
□ D. IP-prefix
Answer. B
341. The interface SerialO of an existing router is in OSPF area 1, and the interface SerialO is set to the Silent interface, so what effect does this setting have?
□ A OSPF does not establish any adjacencies through the interface (Right Answers)
□ B. OSPF does not add routes learned from the interface to the local routing table.
□ C. OSPF will receive routing updates from neighbors
□ D. OSPF establishes available adjacencies through this interface.
Answer; A
i_i oiyn
343. Both ISIS CSNP packets and OSPF DD packets are in the MA network, describing the role of the link state database profile. Which of the following statements is correct?
□ A Both routers need to confirm the two routers after sending them Otherwise, they need to be retransmitted.
□ B The master-slave relationship in the DD packet exchange of OSPFA is not bound to the DR/BDR. The CSNP packet is generated only by the DIS. (Right Answers)
□ C. Once the adjacency relationship is established, CSNP packets and DD packets will stop sending.
□ D The two routers do not need to confirm the peer router after sending.
Answer: B
342. Router HW is enabled with OSPF and the role of the router HW is ABR, and abr -surmnary is configured. Which classes of LSA will be aggregated? (Multiple Choice)
□ A. Type 4 LSA
□ B. Type 5 LSA
□ C. Type 2 LSA (Right Answers)
□ D.Typel LSA (RightAnswers)
□ E. Type 3 LSA
Answer: CD
344. If the default route is not used in the local IP routing table, the default route-import command is used to advertise the default route to the BGP peer (group).
□ A. True
Answer: B
345 Which scenario can use AS-path -filter? (Multiple Choice)

□ A apply clause in Route-pokey
□ B If-match clause in Route-policy (Right Answers)
□ C Filter the route sent to the BGP neighbor according to the ASPATH attribute carried in the route. For example the command peer x.x.x.x as-path-filter export (Right Answers)
□ D. Filter the route received to the BGP neighbor according to the AS_PATH attribute earned in the route. For example, the command peer x.x.x.x as-path-hlter import (Right Answers)
Answer: BCD
546. Which of the following is true about the route penetration of ISIS? (Multiple Choice)
□ A ISIS route penetration can be used in IPv6 environment. (Right Answers)
□ B. ISIS route penetration does not cause neighbors to oscillate (Right Answers)
□ C. In the route penetration of ISIS, the route before penetration cannot be an aggregate route
□ D ISIS route penetration can be deployed on Level-1 router.
□ E. ISIS route penetration is used to prevent routing loops.
Answer: AB
347 Two EBGP neighbors connected by two parallel cables. What method will you use to achieve bidirectional load sharing between two EBGP neighbors connected through these two paralel serial cables?
□ A Configure the EBGP neighbor relationship on the interface of Ihe loopback and configure EBGP Multi-hop Configure Ihe loopback interface as the update source and then use IGP to implement equal-cost path load sharing between
addresses (Right Answers)
□ B Without any method, BGP automaticaly implements load shanng between different autonomous systems on the available links
□ C. Use the command "ebgp-load-balance" at both ends
□ D Configure the EBGP neighbor relationship with the loopback interface as the update source The IGP in each AS must have two equal-cost paths to the EBGP neighbor loopback address You must use the command next-hop-local
□ E Configure the EBGP neighbor relationship with the loopback interface as the update source The IGP in each AS need to import two equal-cost paths to the EBGP neighbor loopback address You must use the commands ebgp-max-hop
and next- Hop-local
Answer. A
348 OSPFv3 and ISIS are running on the router at the same time You need to import OSPFv3 routes to ISIS Which of the following types of configurations is correct? (Multiple choice)
C A (Huawei) isis 1 (Huawei-isis-1) is-level level-1 (Huawei-isis-11 network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) ipv6 enable topology standard [Huawei-isis-1] ipv6 import-route ospfv3 1 level-1 |Huewe»-isis-1] quit (Huawei) ospfv3 1
[Huaweiospfv3-1] router-id 2 2 2 2 (Right Answer*)
□ B (Huawei) isis 1 (Huawei-isis-1 Jis-level level-1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 [Huawei-isis-1] ipv6 enable topology standard [Huawei-isis-1] ipv6 import-route ospfv3 1 [Huawet-isis-1] quit (Huawei) ospfv3 1
|Huawei-ospfv3-1| router-id 2 2 2 2
□ C (Huawei) isis 1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-lsis-1 ] ipv6 enable topology standard (Huawei-isis-1) ipv6 import-route ospfv3 1 level-1 [Huawer-isis-11 quit (Huawei) ospfv3 1 |Huaweiospfv3-1) router-id
2 2? ? (Right Answer*)
□ D (Huawei) isis 1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) import-route ospfv3 1 (Huawei-isis-1) quit (Huawei) ospfv3 1 [Huawei-ospfv3-1] router-id 2 2 2 2
□ E (Huawei) isis 1 |Huawei-isis-1)is-level level-1 (Huawei-isis-1) network-entity 47 0001 0000 0000 0002 00 (Huawei-isis-1) import-route ospfv3 1 level-1 (Huawer-isis-1)quit (Huaweil ospfv3 1 (Huawei ospfv3-1] router-id 2 2.2.2
Answer. AC
349 If the router only needs to forward IPv6 packets, then no IPv4 protocol and address need to be configured on the router
□ B False
Answer. A
350. In the intranet MPLS BGP VPNF network, when a packet enters the public network for forwarding, it will be encapsulated with two layers of MPLS labels. The following description of the two-layer label, which is wrong?
□ A. By default, the router assigns the same label value to all VPNv4 routes destined for the peer PE. (Right Answers)
□ B. The private network label is carried and distributed when the route is delivered by MP-BGP. The public network label is distributed by the LDP protocol.
□ C. The egress PE uses the inner label when determining which egress CE the message should be sent to.
□ D. MPLS BGP VPN uses two layers of labels: public network labels (also known as outer labels) and private network labels (also known as inner labels).
Answer. A
351. The following is about the LDP protocol session establishment process, which is the correct description? (Multiple Choice)
□ A. After the TCP connection is successfully established, the active party sends an initialization message to negotiate the parameters related to the LDP session (Right Answers)
□ B. The party with the larger transmission address acts as the active party and initiates the establishment of TCP connection. (Right Answers)
□ C. The Hello message discovered by the LDP neighbor uses TCP packets. The destination address is the multicast address 224.0.0.2.
□ D. After both parties receive the Keepalive message from the peer, the LDP session is established successfully. (Right Answers)
Answer. ABD
352. The router HW1 exists as an MPLS LSR router in the network of the operator HW. The router receives a packet carrying a label, but the label entry does not exist in its LFIB. So how does the router handle the packet?
□ A. Router HW1 uses LDP to create an LSP and creates a new path for the label carried in the packet in the LFIB.
□ B. Router HW1 will discard the packet. (Right Answers)
□ C. Router HW1 will forward the packet using the default label.
□ D. Router HW1 will strip the label and find the IP destination address of the FIB.
Answer= B
353. The following statement about cross-domain MPLS VPN, which is wrong? (Multiple Choice)
A. When the public network label only use LDP, for the cross-domain vp-Option-c scheme 2, three-layer labels are required for packet forwarding. (Right Answers)
S B. For the cross-domain vPN-Option B mode, an MP-eBGP neighbor relationship needs to be established between the two ASBR.
□ C. For the cross-domain vPn-OptionA mode, the route between the two ASBR is a common IPv4 route.
□ D. For the cross-domain vPN-OptionB mode, two ASBR are interconnected by multiple interfaces (including sub-interfaces). Each interface is associated with one VPN. Each ASBR-PE uses the peer as the CE. (Right Answers)
Answer: AD
354 It there are multiple receivers in a multicast group, the administrator enables IGMP-Snooping on the switch that connects the receivers Alter the receiver receives the general group query message from the querier, how do multiple
recipients respond?
□ A All recipients will respond to the Report message (Right Answers)
□ B Only when IGMPvl is running, all receivers respond to the Report message.
□ C The first responder with a response timeout sends Report message, and the other recipients do not send it.
□ D Only the IGMPV2 is running, and all receivers respond to the Report message.
Answer: A
355. Which of the following is the correct description of the process of registering the source DR with the RP in the PIM-SM?
□ A. The registration message encapsulates the multicast service data (Right Answers)
□ B. The RP sends a registration stop message as soon as it receives the registration message
□ C. The registration message is used to construct an RPT tree between the source DR and the RP
□ D The registration message is a multicast message.
Answer: A
356. In a shared network, what mechanism does PIM-SM use to prevent duplicate traffic?
□ A. Register mechanism
□ B. BSR/RP mechanism
□ C. Assert mechanism (Right Answers)
□ D. Join/Prune mechanism
Answer: C
357. Which are the correct statements about 802.1x authentication, RADIUS and HWTACACS authentication? (Multiple Choice)
□A RADIUSi authentication and HWTACACS authentication can perform dual authentication for the same user at the same time, which is more secure.
□ B. Users can access the network using 802.1x authentication and complete identity authentication through Radius. (Right Answers)
□ C. RADIUS authentication and HWTACACS authentication are mutually exclusive. You cannot perform dual authentication for the same user at the same time. (Right Answers)
□ D. RADIUS authentication and 802.1x authentication are mutually exclusive.
Answer: BC
358. Which of the following statements about RADIUS is correct?

□ A. MAC authentication does not require username and password, so RADIUS authentication user identity cannot be used.
□ B. RADIUS authentication and Portal authentication cannot be combined because the Portal server can be used to authenticate users when Portal authentication is deployed.
□ C. RADIUS protocol authentication, authorization and audit separation.
□ D. RADIUS supports both wired and wireless access methods. (Right Answers)
Answer: D
359 To configure AAA. you first need to define the XRADIUS RADIUS server as folows (Huawei (radius-server template EXAM (Huawei-radius-EXAM)radius-serve stiared-key cipher HUAwei123 |Huawei-radius-EXAMJradius-se authentication
10.7.66 66 1812 |Huawei-radius-EXAMJradius-se authorization 10 7.66 661812 [Huawei radius -EXAM|radius-server retransmit 27. 1813 [Huawei-radius-EXAM] radius-serv accounting 10
□ A. True
Answer: B
360. Which of the following is not included in the digital certificate?

□ A. Public key information
□ B Digital envelope (Right Answers)
□ D. Issuer
Answer: B
361. Network administrators can use CAR technology in traffic policing. Which of the following technologies can be applied in CAR? (Multiple Choice)
□ A. Double barrel double speed (Right Answers)
□ B. Single barrel single speed (Right Answers)
□ C. Three barrels single speed
□ D. Double barrel single speed (Right Answers)
Answer: ABD
362 Router A has a destination network segment of 10 0.0 1/32 IP routing, and the outgoing interface is GigabitethernetO/O/1 Now add the following configuration acl number 2000 rule 10 permit source 10. 0.1.1 0 traffic classifier test if-match
acl 2000 traffic behavior test remark dscp cs3 traffic pokey test classifier test behavior test Interface GigabitethernetO/O/1 ip addresslO 0 12 1255 255 255 0 traffic-policy test outbound assumes that Router A received a packet with a destination
IP of 10 0 01 The following statements which are correct? (Multiple Choice)
□ A If thesource IP address of the packet is 10 0 0 2, it can be forwarded while the DSCP field remains unchanged (Right Answers)
□ B If thesource IP addressof the packet is 10.0 0 2, It can be forwarded and theDSCP field is marked as CS3.
□ C. If thesource IP address of the packet is 10.0.0.2. It cannot be forwarded
□ D If thesource IP address of the packet is 10 0 0 1. it can be forwarded and the DSCP field Is marked as cS3(Right Answers)
Answer: AD
363. Which SNMP message type report event sent to the NMS is reliable?
□ A Response
□ B. Trap
□ C. Inform (Right Answers)
□ D. Get
□ E. Get Bulk
Answer: C
364. Non-Stopping-Forwarding (NSF) and Non-Stopping Routing (NSR) are two solutions for high reliability. The following statements which are correct? (Multiple Choice)
□ A. NSR routers need to negotiate support NSR through specific packet.
□ B. After the NSF is enabled, the router performs the master/slave switchover. The routing table and the forwarding table remain unchanged. Therefore, traffic is not lost during the GR time. (Right Answers)
□ C. After the NSR is enabled, if the main control board fails when the service batch backup is not completed, the NR switch cannot be completed. (Right Answers)
□ D. NSF routers do not need to negotiate support NSF through specific packet.
Answer: BC
365. As shown below, R1 and R2 establish an E-BGP neighbor and enable BFD detection. The following statement which is correct?
ISW RJ
IOOUJmci
toe 122 um i
10.0 12 2 b»d «
Interfere ithemetQ/u/D
.p e«M<v»» 10 0 12 2 J3S-2S»-J»» O
b9P .’00
peer 100 12 1 sinurntwr 100
pe»r 100 12 1 bftl 220 >20
lOOUl b«d enable
□ A. The detection time of BFD packets on R2 is 800ms.

□ B The detection time of BFD packets on R2 is 600ms.
□ C. The detection time of BFD packets on R1 is 660ms. (Right Answers)
□ D The detection time of BFD packets on R1 is 1280ms
Answer: C
366. Which is wrong about IPv6 Over VXLAN?
□ A. IPv6 over VXLAN means that Overlay network of Vxlan is IPv6 network.
□ B. IPv6 over VXLAN can solve the problem of insufficient IP address resources for terminal tenants.
□ C. The tunnel between the Layer 2 and Layer 3 gateways of the VXLAN is IPv4 network.
□ D. IPv6 Over VXLAN does not generate entries. (Right Answers)
Answer: D
367. Which is wrong about the EVPN Type 5 class routing?

□ A The IP Prefix field can carry either the host IP address or the network segment address
□ B. Type 5 is an IP prefix route.
□ C. Type 5 routing carries both Layer 2 VNI and Layer 3 VNI (Right Answers)
□ D. Type 5 routing carries Layer 3 VNI
Answer: C
368. VXLAN uses BGP EVPN to establish a tunnel. What kind of packets are used?
□ A Type3 (Right Answers)
□ B. Type5
□ C. Type4
□ D. Type2
□ E. Typel
Answer: A
369 Which of the following advanced features does BGP EVPN support? (Multiple Choice)
□ A ARP broadcast suppression (Right Answers)
□ B VRRP over VXLAN
□ C. Multi-live gateway (Right Answers)
□ D VXLAN Qos
Answer: AC
370. Which of the following statements about VXLAN messages is correct? (Multiple Choice)
□ A. The outer destination IP address is the IP address of the remote VTEP of the VXLAN tunnel. (Right Answers)
□ B. The source UDP port number is 4789
□ C. Destination UDP port number is 4789 (Right Answers)
□ D. VNI has 24 bits and used to distinguish VLAN segments. (Right Answers)
Answer: ACD
371. Which of the following types of packets is required to implement virtual machine migration in the BGP EVPN distributed gateway scenario?
□ A. Type3
□ B. Type5
□ C. Type4
□ D. Type2 (Right Answers)
□ E. Typel
Answer: D
372. The following statements about the VRRP protocol which are correct?
□ A. Both VRRPv2 and VRRPv3 support authentication.
□ B. VRRPv3 does not support authentication, while VRRPv2 supports authentication. (Right Answers)
□ C. VRRPv2 is only applicable to IPv4 networks, and VRRPv3 is only applicable to IPv6 networks.
□ D. The owner of the Mater IP address has VRRP priority of 255, so the priority range that can be configured is 0-254.
Answer: B
373 KW users are transmitting a lot of files through TFTP. What protocol does TFTP rely on for transmission?
□ A IcmP and UDP
□ B iP and TCP
□ D. NFS
□ E. FTP
Answer: C
374 When deploying LLQ, you need to configure bandwidth parameters What is the meaning of bandwidth parameters?
A Provide a buiK-in policer to limit the maximum available bandwidth of low latency queues during congestion (Right Answers)
f □□
B This parameter should be as smal as possible It means that the bandwidth is always reserved, even if LLQ is used, this parameter wil reduce the available bandwidth of the interface It indicates that the reference CR is used to calculate
burst size of the built-in policer token bucket D This parameter is an option because LLQ always takes precedence over other queues
Answer: A
375. Assuming that the port shaping rate is 100 Mbps, the input bandwidth and configured PIR of each service of the interface are as follows Then, after the first round of scheduling, what is the bandwidth allocated by the EF queue?
□ A 30M
□ B. 15M (RightAnswers)
□ C. 90M
□ D 25M
Answer: B
376 The following statement about the security confederation SA in IPsec, which is wrong?
□ A The SA is uniquely identified by a triplet that includes the Security Parameter Index (SP), the source IP address and the security protocol number used (AH or ESP) (Right Answers)
□ B. Use display IPsec to view information about encryption algorithms, traffic, and other information used between another IPsec peer
□ C. IPsec only supports the use of symmetric encryption algorithms to encrypt data.
□ D. There must be two-way SA between IPsec peers to establish an IPsec VPN connection.
Answer: A
377. Router HW1 and router HW2 are connected to network A and network B respectively As shown below, if you want to establish an IPsec VPN between router HW1 and router HW2.
Which ACL does the router HW1 need to configure to enable LAN-to-LAN traffic to pass through the encrypted VPN tunnel?
SenalQWJ SeoWOW)
1821681 1/30 ' '8216812/30
FastEthemel MX) FaMEmerrwl 00/0

10.1.1.104 ___ 10.12.1/24
□ A. rule permit ip source 192.168.1 10 destination 192.168 1 2 0
□ B rule permit ip source 10.1.1.0 0.0.0.255 destination 192.168 1.2 0
□ C rule permit ip source 10 1.1 0 0.0.0.255 destination 10.1.2 0 0 0.0.255 (Right Answers)
□ D. rule permit ip source 192.168 1 10 destination 10.1.2.0 0.0.0.255
□ E rule permit ip source 10.1.2.0 0.0.0.255 destination 10 1 1.0 0.0.0 255
Answer: C
378. Which of the following options is correct for the assertion mechanism?
□ A The size of the IP address will not be used as a condition for election during the election of the winner.
□ B. In the assertion mechanism, winner is responsible for forwarding multicast data to the broadcast network segment (Right Answers)
□ C. The assertion mechanism is used for the election of the DR.
□ D. In the assertion mechanism, loser shut down the interface connected to the broadcast network
Answer: B
379. The following description of the BSR mechanism, which is correct? (Multiple Choice)
□ A. There can be multiple C-BSR in a PIM-SM domain, but only one BSR can be elected (Right Answers)
□ B The BSR collects C-RP information through the received C-RP data packets (Right Answers)
□ C The BSR advertises BSR information and C-RP information to all routers in the PIM-SM domain by flooding Bootstrap packets (Right Answers)
□ D. One C-BSR can also collect C-RP information through received C-RP packets.
Answer: ABC
380 The association between LOP and IGP refers to the suppression of the issuance of reachable routes through IGP To ensure that the LDP and IGP linkages complete network convergence Make the IGP and LDP keep the path consistent
Minimize the loss of traffic and improve the reliability of the entire network
□ B False
Answer: A
381 Regarding the processing mode of MPLS for TTL, which description is correct?
□ A In Pipe mode, when an IP packet passes through the MPLS network, the IP TTL is decremented by 1 to the MPLS TTL field on the ingress node
□ B The TTL of the MPLS label has the same meaning as the TTL in the IP header, which can prevent the MPLS network from generating a routing loop (Right Answers)
□ C. Uniform simulation, when the IP packet passes through the MPLS network, the IP TTL of the ingress node is decremented by 1, and the MPLS TTL field is a fixed value.
□ D In MPLS VPN, if you want to hide the structure of the MPLS backbone network, you can use the uniform mode for Ingress packets for private network packets
Answer: B
382 In an MPLS VPN network, different CE devices can exchange routing information with the same PE device using different routing protocols The routing protocols used between different CE devices and the same device are independent of
each other
□ B False
Answer: A
383. Which of the following technologies use tunneling technology to communicate between IPv6 addresses? (Multiple Choice)
□ A Dual Stack
□ C ISATAP (Right Answers)
□ D NAT64
Answer: BC
384 The following is the correct procedure for NDP to resolve the link layer address
Host A
a Host B
a
ICMP Type 135
Src ■ IPvB-Addr of A _____
D»t ■ solicited-node multicast of H
Data > null
Query ■ What is your link address ?
ICMP Type - 136

“ - ------- -- Src ■ IPv6-Add. of H
Dst • IPv6 Add. of A
Data-link-layer address of B
□ A. True
Answer: B
J85. BGP 4+ runs between the two routers The neighbor relationship is normal However, the BGP routing table of the local router does not have neighbor's routing entry What is the possible reason? (Multiple Choice)
□ A The routing entries of the peer BGP routing table are non-optimal (Right Answers)
□ B. The next hop address of the BGP routing entry is unreachable (Right Answers)
□ C. Peer ignore configured on the peer
□ D. Active-route-advertise configured on the peer (Right Answers)
Answer: ABD
386 Which of the following information can be included in a basic network layer packet? (Multiple choice)
□ A Data link layer header
□ B Upper layer data (Right Answers)
□ C. Network layer header (Right Answers)
□ D. Path record
□ E. Network layer tail
Answer: BC
387. The description of configuring BGP4+, which is correct? (Multiple choice)

□ A. The BGP4+ router-ID is the same as the BGP4 router-ID (Right Answers)
□ B BGP4+ must use the Link-Local address when specifying the peer
□ C The next hop of the BGP4+ route does not use the Link-Local address. (Right Answers)
□ D. When BGP4+ configures a reflector, the roles of the reflector and the client must be consistent with the configuration of BGP4
□ E BGP4+ does not support route reflectors.
Answer: AC
388 Regarding the stub area in the OSPF protocol, the following statement which is correct? (Multiple Choice)
□ A ASBR cannot exist in the stub area (Right Answers)
□ B. The virtual link cannot traverse the stub area (Right Answers)
□ C. stub area is not allowed to inject type7 LSA (Right Answers)
□ D. The backbone area cannot be configured as a stub area (Right Answers)
Answer: ABCD
389. Which type of LSA cannot in the OSPF stub area? (Multiple Choice)
□ A. Type-7 (Right Answers)
□ B. Type-5 (Right Answers)
□ C. Type-4 (Right Answers)
□ D. Type-3
Answer: ABC
390. An existing router running OSPF is connected to Zone 0 and Zone 1. You configure zone 1 as a stub area. What types of LSA are only operating inside Zone 1?
□ A. Type 7 LSA
□ B Type 1 LSA and Type 2 LSA
□ C Type 1 LSA, Type 2 LSA and Type 5 LSA
□ D. Type 3 LSA and Type 4 LSA
□ E. Type 1 LSA, Type 2 LSA and Type 3 LSA (Right Answers)
Answer: E
391. An engineer performs an import operation on an OSPF router in a company network. The following statement about the introduction of a route LSA, which is correct? (Multiple Choice)
□ A The Advertising Route is set to the router-id of the ASBR. (Right Answers)
□ B. netmask is set to 0
□ C. link state id is set to the destination network segment address (Right Answers)
□ D. Use link state id and advertising router to uniquely identify an LSA
Answer: AC
392. Broadcast-type network, starting the election of DIS after the establishment of the neighbor relationship
□ B. False
Answer: A
393. The following statements about the ISS protocol route aggregation, which are correct?
□ A Route aggregation can be configured and validated on all types of routers. (Right Answers)
□ B Route aggregation can only be configured on the level-1 router to take effect.
□ C. Route aggregation can only be configured on the level-2 router to take effect.
□ D. Route aggregation can only be configured on the level-1-2 router to take effect.
Answer: A
394. ISIS does not send CSNP packets under the P2P network type during the neighbor establishment process
□ A. True
Answer: B
395 Router-LSA of OSPFv3 is generated by each router It describes the interface address and cost of each link of the router, and also contains the router ID of the neighboring router.
□ A True
Answer: B
396 Which of the following is true about the ISS GR description?

□ A. The GR feature of ISIS is enabled by default.
□ B The GR of ISIS has a total of four timers.
□ C. The GR of ISIS notifies the event and maintains the neighbor relationship through the CSNP message.
□ D. The GR of ISIS defines a new TLV structure to support this feature. (Right Answers)
Answer: D
397. Regarding route introduction, which of the following description is wrong?
□ A. bgp supports both import and network when generating routes. Network mode is more accurate
□ B. By default, the default metric of the external route redistributed by OSPF is 1, and the imported external route type is Type2.
□ C After the ISIS level-2 network route is imported to the level-1 route, the routing loop is formed if the import policy is not manually configured. (Right Answers)
□ D. Introducing IBGP routes in OSPF may cause routing loops
Answer: C
398. Which of the following is true about the ISIS LSP fragmentation extension?
□ A Enable the ISIS router to generate more LSP fragments to carry more ISIS information (Right Answers)
□ B. ISIS fragmentation extensions are equally valid for Hello packets.
□ C. ISIS fragmentation extensions are achieved by adding virtual systems, which can be expanded to a maximum of 1000 virtual systems
□ D The maximum number of fragments that ISIS router can generate is 1024.
Answer: A
399. The existing route-policy is as follows: ip community-filter Ipermit 100:1 ip as-path-filter 2 permitA100$ route-policytest permit node 10 if-match community-filter 1 if-match as-path-filter 2 apply as -path 200 the above configuration
description, which is correct?
□ A. Only when the community attribute value carried in the BGP route is 100:1 or AS_PATH is 100, the BGP route matches the route-policy above. The AS-PATH attribute of the matching route will be changed to 200.
□ B. Only when the community attribute value carried in the BGP route is 100:1 and AS_PATH is 100, the BGP route matches the route-policy above. The AS-PATH attribute of the matching route will be changed to 200. (Right Answers)
□ C. Only when the BGP route carries the AS-PATH as 100, the BGP route matches the route-policy above. The AS-PATH attribute of the matching route will be changed to 200.
□ D. As long as the BGP route carries the community attribute value of 100:1, the BGP route matches the route-policy above. The AS-PATH attribute of the matching route will be changed to 200.
Answer: B
400. In the ISIS broadcast network database synchronization process, the following statement which is correct?
Rl
□ A R2 acts as DIS and periodically sends CSNP. (Right Answers)

□ B. R2 acts as DIS, and the Hello time is three times than the ordinary router.
□ C. R2 acts as DIS will not receive PSNP requests for other routes.
□ D R1 and R3 maintain database consistency by periodically sending PSNP requests.
Answer: A
401. Which of the following tools cannot be directly referenced by the If-match clause in the Route-policy?
□ A Regular expression (Right Answers)
□ B. IP-prefix
□ C. AS-path-filter
□ D. Community-filt
Answer: A
402. Two routers are connected through the serial port, but the interconnect interface cannot be pinged. Now check the port status as follows:
tft-l Idiaplay Interface %r O/O/O -

Serlal0/0/0 current state ; Ijp
Line protocol current state : DOWN
Description:
Route Port. The laima Trensaalt Unit la 1500
Hold tlwer la 10(wee)
Internet Address la 12.12.12.1/24
Link layer protocol la nonatmdord ICjLC
Last physical ip tisr ; 201 fi 10:24:0 UTC 08:00
Laat physical down tine : 2018-08-01 l«;24:0<
UTC-O8:OC
(R2)display interface Serial 0/0/0
Serial 0/0/0 current at ate : tB*
Line protocol current at ate : DOWN
Description:
Route Port, The ImIbub Iranaalt Unit la 1500. Hold llieer la 10<e«c>
Internet Addreaa la 21. 21. 21.2/24
Link layer protocol la PPP
LCP ,'cro.d
From the above information can determine what is the reason?

□ A. Link bandwidth is not enough
□ B. The IP address is not on the same network segment.
□ C. Link layer protocol is inconsistent (Right Answers)
□ D. Subnet mask does not match
Answer: C
403 When DLDP detects that a unidirectional link exists in the optical fiber the defaull operations of the Huawei device include DLDP state machine migrates to the Disable state, outputs trap information, automaticaly sets the interface to the
blocked state
□ B False
Answer: A
404. What is the main reason why RSTP converges faster than STP?
□ A. RSTP increases the type of port status
□ B RSTP has less overhead
□ C. RSTP is not based on timer convergence (Right Answers)
□ D. RSTP has a smaller timer
Answer: C
405. The following is the description of the characteristics of the cross domain vpn-Option C, which is correct? (Multiple Choice)
□ A Up to two layers of labels need to be used in the packet forwarding process.
□ B VPNV4 routes are not saved on the ASBR, and VPNv4 routes are not advertised to each other (Right Answers)
□ C. The VPN route is directly exchanged between the ingress PE and the egress PE. and no intermediate device is required to save and advertise the VPN route (Right Answers)
□ D. Cross-domain VPN-Option-c mode is not suitable for use when spanning multiple AS.
Answer: BC
406. Which of the following operations can implement fast fault detection on multicast network? (Multiple choice)
□ A. Shorten the Holdtime of Join/Prune messages
□ B. Reduce the interval at which the interface sends Hello messages. (Right Answers)
□ C. Establishing PIM BFD session between neighbors (Right Answers)
□ D. Reduce the interval for sending Join/Prune messages.
Answer: BC
407 If the PM-SM protocol is run on the multicast network, you need to configure the RP. The configuration of the RP is classified into dynamic RP and static RP The following which is the correct description of the RP configuration?
□ A When configuring dynamic RP, you need to configure the BSR as the backup of the RP
□ B When configure static RP, you need to configure the BSR advertisement RP information
□ C. When configuring static BP, you need to specify the RP information on all PIM routers (Right Answers)
□ D. You do not need to configure BSR when configuring dynamic RP
Answer: C
408 In multicast network, what happens to multicast traffic that cannot be forwarded normally? (Multiple choice)
□ A The router does not have RPF routes (Right Answers)
□ B PIM is not enabled on the RPF interface (Right Answers)
□ C. The upstream router discards the received PIM Join message (Right Answers)
□ D Multi-router exit network, this router is not DR
Answer. ABC
409. IPSG can configure static binding table or use DHCP-snooping to form a binding table.
□ B. False
Answer: A
410 As shown in the figure, the router load balances the traffic between the branch network 1 and the branch network 2 In this case, configure the URPP defense source IP address spoofing attack on the physical interface of the router to use
loose mode.

□ B False
Answer: A
411. Which of the following is single package attack? (Multiple Choice)

□ A Special control packet attack (Right Answers)
□ B Scanning detection attack (Right Answers)
□ C DDoS attack
□ D. Malformed packet attack (Right Answers)
Answer: ABD
412. Which of the following statement about the digital certificate is wrong?
□ A Digital signatures guarantee the integrity of digital certificates
□ B. The digital certificate contains public key information
□ C. When the received peer certificate is valid, but the device itself is in the wrong time and is not within the validity period of the certificate, the authentication fails.
□ D. Even if the two PRI entities are not in the same CA system, the two parties can complete the authentication as long as they can identify each other. (Right Answers)
Answer: D
413. WRED is configured on the newly deployed router HW Which of the following description of the WRED feature is correct? (Multiple choice)
□ A WRED can set different discard thresholds and packet loss rates for packets of different priorities (Right Answers)
□ B. When the flow exceeds the minimum threshold, WRED begins to discard all ingress traffic (tail drop)
□ C. Avoid global synchronization by selectively dropping multiple TCP streams (Right Answers)
□ D. Low bandwidth traffic is easier to drop than high bandwidth traffic
Answer: AC
414. Which of the following descriptions about the FTP protocol is correct?
□ A In FTP Passive mode, the client completes the initialization of the TCP session for control and data (Right Answers)
□ B In FTP Active mode, the server uses the command "PORT to tell the client which port it expects to send data C. FTP always uses a TCP session to transmit control information and data information. D. FTP always uses TCP port 20 to
establish a data session and ICP port 21 to establish a control session. E. FTP always uses TCP port 21 to establish a data session and TCP port 20 to establish a control session.
Answer: A
415. If a Huawei switch runs the RSTP protocol, when will the BPDU on a port of the switch be aged?
□ A. On the interface, RSTP does not age BPDUs.
□ B. After more than 6 seconds
□ C. After MaxAge timed out
□ D After the Hold timed out (Right Answers)
□ E. After the Forward Delay timed out
Answer: D
416 In the process of using the LACP protocol, which of the following description is correct? (Multiple choice)
□ A You can prevent the Eth-Trunk interface from frequently oscilating due to physical link by using the folowing command interface eth-trunk 1 tacp preempt enable lacp preempt delay delay-time (Right Answers)
□ B You can configure the source IP address for load balancing in the enabled link aggregation group by using the folowing command interface eth-trunk 1 load-balance src-dst-ip
□ C You can remove a member interface in an enabled link aggregation group by using the folowing command interface GigabitethemnetQ'Q'O shutdown interface GigabitethernetO 0 1 undo eth-trunk 1 interface GigabitetheretO 0 undo
shutdown (RightAnswers)
□ D You can add member interfaces to the enabled link aggregation group by using the folowing command interface Gigabitethernet0/0/1 shutdown interface GigabitethernetO 0 1 trunkport GigabitethernetO 0 interface GigabitethernetO 0 1
undo shutdown
Answer: AC
17. In the lab network, the network is built as follows. SW1 is the default configuration and SW2 disables STP. which of the following description about the scenario is correct?
SW1
SW2
□ A. G0/0/2 of Sw1 enters Discarding state

□ B G0/0/1 of sw2 enters Discarding state
□ C. GO/O/2 of sw2 enters Discarding state
□ D. No interface is blocked (Right Answers)
□ E. G0/0/1 of SW1 enters Discarding state.
Answer: D
418. Which of the following are used in Ethernet? (Multiple choice)

□ A. Non-canonical format MAC address
□ B CSMA/CD in multiple access (Right Answers)
□ C MAC address in canonical format (Right Answers)
□ D. 802.5 encapsulated frames
□ E. 802.3 encapsulated frames (Right Answers)
Answer: BCE
419 When judging the old and new LSA, the serial number parameter and the age parameter will be used Which of the following statements about the two parameters is correct?
□ A When the router receives an LSA age is 360s, the LSA is unavailable
□ B Both the serial number and the age parameter can judge the LSA is old or new, and the router preferentially compares the sequence parameters, the larger the better (Right Answers)
□ C When the router receives two LSAs, the serial number is the same, the checksum is the same, and the smaller the age, the better
□ D. If the serial number of the LSA reaches the end value of 0x7FFF, the current router advertises the age is Isa of 3600s.
Answer: B
420 ISIS protocol is in broadcast network and P2P network, when the router receives the LSP, it needs to use PSNP to confirm and ensure the synchronization of the LSDB
□ A. True
Answer: B
421 Which of the following statements about the attributes of the ISIS protocol LSP message are correct? (Multiple choice)
□ A. The LSP fast flooding feature first spreads out LSPs smaller than the specified number to speed up the synchronization process of the LSDB. (Right Answers)
□ B Configure an intelligent timer generated by the LSP, which can automatically adjust the delay time according to the change frequency of the routing information. (Right Answers)
□ C. When the link state information increases, the packet length of the SP can be increased, so that each LSP can carry more information
□ D. Reduce the minimum interval for sending LSPs on an interface to speed up LSP diffusion.
Answer: AB
422 Router R1 and Router R2 run BGP Both routers are in the AS 65234. The route of router R2 exists in the BGP routing table of router R1, but is not in the IP routing table of router R1. So, what caused the problem?
□ A Synchronization is turned off
□ B. The BGP neighbor relationship is Down
□ C Router R1 does not enable BGP Multi-hop
□ D. Routing is not optimal (Right Answers)
Answer: D
423 As shown in the following figure, Rl and R2 establish the neighbor relationship of Levet2 The key configuration is as follows Which of the folowing statement about the R2 route entry is correct? (Multiple choice)
<8> <$>
Rl R2
interface LoopbackO acl ipv6 number 2000-
ipv6 enable rule 5 permit source 2019::/64-
ipv6 address 2019::l/64 rule 10 permit source 2020:764-
tt rule 15 deny source 2021::/64-
interface Loopback 1 rule 20 permit-
ipv6 enable 0.
ipv6 address 2020::l/64 isis 1-
H ipv6 filter-policy 2000 import-
interface Loopback2
ipv6 enable-
ipv6 address 2021::l/64-
tt-
interface Loopback3-
ipv6 enable-
ipv6 address 2022:: 1/&4
tt-
isis 1*
ipv6 import-route direct-
□ A 2020 64 router win appear in the IP routing table (Right Anawera)

□ B 2022764 router will appear in the IP routing table (Right Anawera)
ri C 9ft1Q rruitor uni ennoar >n the IP mutinn lahlo lOlnM intw.r, )
424 Regarding the OSPFv3 protocol, which of the following description is wrong?
□ A. When sharing a router, each OSPFv3 process runs independently
□ B. Multiple instances can be run in the same OSPFv3 process on the same interface. (Right Answers)
□ C. Support multiple instances running on a single link
□ D. The Instance ID field is included in the OSPFv3 packet header
Answer: B
425. Which of the following statement about the LSA of OSPFv3 3 is correct? (Multiple choice)
□ A. The Link State id of the Inter-Area Prefix-LSA contains the prefix information
□ B. Router-LSA and Network-LSA do not contain routing information. (Right Answers)
□ C. When the Intra-Area Prefix LSA has the Referenced Link State Type-2, the Referenced Link State id contains the interface id of the DR (Right Answers)
□ D. Inter-Area-Prefix LSA also contains Link-Local information
Answer: BC
426 A company has buiR an OSPF network as shown in the foRowing figure The links form an OSPF neighbor relationship All devices have announced their own loopback address On one day. the S1-R2 and S2-R1 links are fauRy Which of
the folowing description is correct? (Area 0 is split) (Multiple choice)
E9 ■
9
—fig
■
□ A R5 can learn the loopback route of R2 normally (Right Answers)
□ B R3 cannot learn the loopback route of R2 (Right Answers)
□ C R1 can learn the loopback route ol R2 normaly
□ D R3 can learn the loopback route of R2 normaly
Answer i AB
427 In Huawei devices, when ISIS imports external routes and sets external route tags for routing information, the metric type of ISIS does not need to be modified, just keep the default.
□ A True
Answer: B
428. Which of the following description about the related information of BGP4+ is correct? (Multiple choice)
□ A Bgp4+ can use the dampening command to suppress IBGP routes. (Right Answers)
□ B. Modifying the Router ID of the BCP will cause the BGP connection between the routers to be re-established (Right Answers)
□ C The Next Hop attribute in BCP4+ is represented by the Pv6 address, which can be the link-local address of the next hop.
□ D BGP4+ does not support automatic route aggregation (Right Answers)
Answer: ABD
429. As shown in the following figure, the corresponding peer relationship is established The AS400 receives the 1.1.1.1/32 network route from the AS100 What is the AS-Path attribute?
<^® >r^® <<^® <^®
□ A 100 200 300

□ B. 400 300 200 100
□ C 100 200 300 400
□ D 300 200 100 (Right Answers)
Answer: D
430. Which of the following description about the OSPF virtual link is true?
□ A A virtual connection can be established in any area, and itself belongs to the area after it is established.
□ B The virtual link uses the outbound interface P as the link address.
□ C. The virtual link can be used to solve the problem that area 0 is divided. (Right Answers)
□ D. The cost of the virtual link is the optimal link.
Answer: C
431. In the case of not dividing the area, which of the following description of the link state routing protocol is correct? (Multiple choice)
□A Each router establishes a topology of the entire flood domain (Right Answers)
□ B Each router learns the route directly from the routing update and adds it to the routing table.
□ C. Routers in the flooding domain may repeatedly receive the same link state information (Right Answers)
□ D. Routers in the entire flooding domain have the same link state database (Right Answers)
□ E. The router will send all link state information from one neighbor to all other neighbors to ensure the synchronization of the database
Answer: ACD
432. If OSPF is running on the network, the non-backbone area in the OSPP area is configured as the LSA with the Is-id of O.O.O.O in the Totally Stub Totally Stub area What type of LSA is the LSA?
□ A. LSA5
□ B LSA2
□ C. LSA1
□ D. LSA3 (Right Answers)
Answer: D
433. The administrator wants to manage some routes on the router during operation and maintenance Which of the following tools can mark these routes so that the administrator can configure the policy? (Multiple choice)
□ A If the BGP protocol is running, use the community attribute to mark the route (Right Answers)
□ B. Use ACLs to mark routes on the router
□ C. Mark the route on the router using the Tag value (Right Answers)
□ D. Use ip-prefix to mark the route on the router.
Answer: AC
434. In the MPLS-BGP-VPN environment, if the label is only distributed through BGP or LDP, the MPLS label of the packet has at most two layers of labels
□ A. True
Answer: B
435 Regarding the inter-domain VPN Option-B solution, which of the following description is wrong?
□ A During the packet forwarding process, the private network LSPs of the VPN are exchanged on the two ASBRs
□ B An MP-EBGP neighbor relationship needs to be established between the two ASBRs.
□ C. The inter-domain VPN-option-B scheme is not limited by the number of interconnection links between ASBRs.
□ D Exchange the outer label of the VPNv4 route between the two ASBRs. (Right Answers)
Answer: D
436 Huawei's two switches SWA and SWB are connected through 7 Ethernet ports and configured with static link aggregation The corresponding ports on the switch SW are Ethernet1/0/2, Ethernet1/0/3. Ethemet1/0/4 Ethernet 1/0/5, Ethernet
1/0/6, and Ethernet 1/0/7 are configured in the order of the ports If the switch SWA and SWB supports only 6 ports per aggregation group,
□ A In the case of each interface configuration consistent. Ethernetl/0/7 Unselected port (Right Answers)
□ B In the case of each interface configuration consistent, Ethernet1/0/6 Unselected port
□ C In the case of each interface configuration consistent. SWA randomly select a port in 7 ports as aggregation Unselected port
□ D In the case of each interface configuration consistent, Ethemet1/0/1 Unselected port
Answer: A
437 You need to configure policy routing on the router to specify that specific traffic is forwarded through an interface When using policy-based routing, which two types of most typical information can be used to forward traffic along a
particular path?
□ A TTL and source IP address of the data packet
□ B Source IP address and Layer 2 source address
□ C Source IP address and specific protocols (such as FTP, HTTP, etc ) (Right Answers)
□ D Service type header and packet length
Answer: C
438. As shown, ISIS neighbor relationship between R1 and R2 has just been established, database synchronization process between R1 and R2, which of the following statements is correct?
Rl.00-00
□ A. The packet sent by R1 to R2 is a PSNP packet.

□ B The packet sent by R1 to R2 is a CSNP packet (Right Answers)
□ C. The packet sent by R1 to R2 is a LSP packet.
□ D. The packet sent by R1 to R2 is a Hello packet.
Answer: B
439 If the PPP link between R1 and R2 is shown, and the direct connection port is not on the same network segment, but the R1 and R2 direct connection ports can communicate, and the Ethernet link cannot communicate under the same IP
planning, what is the reason? (Multiple choice)
©-------- ©
AR1 AR2
192.168.10.1/30 192.168.10.5/30
□ A R1 and R2 are connected to the POS port, and the 24-bit subnet route of the direct connection port of the other party is learned through IPCP.
□ B R1 and R2 are connected to the POS port, and the 32-bit host route of the direct connection port of the other party is learned through IPCP. (Right Answers)
□ C. The interconnected POS port of R1 and R2 learns the MAC address of the peer interface through LCP, and does not require the ARP request MAC address
□ D The data packets of the interconnected POS interface of R1 and R2 do not need to encapsulate the Ethernet header, and do not need to use ARP to request the MAC address (Right Answers)
Answer: BD
440. What command can be used to prevent users from accessing multiple devices through the HUB on the access port of the switch?
□ A [Huaweijinterface GigabitEthernet 0/0/1 [Huawei-GigabitEthernetO/0/1[port link type trunk [Huawei-GigabitEtherneto/0/1]port trunk allow pass vlan 10
□ B. [Huaweiinterface GigabitEthernet 0/0/1 [Huawei-GigabitEthernetO/0/1]port link type access [Huawei GigabitEtherneto/O/jipsg enable
□ G. [Huaweijinterface GigabitEthernet 0/0/1 [Huawei-GigabitEthernetO/O [port link-type access [Huawei-GigabitEthernetO/O ]port-security enable (Right Answers)
□ D. [Huaweijinterface GigabitEthernet 0/0/1 [Huawei-GigabitEthernetO/O [port link-type access [Huawei-GigabitEthernetO/O [port-isolate enable
Answer: C
441. Combined with the output of the following figure, which of the following judgment is correct? (Multiple choice)
Database Infonutlea for isisd)
Level 1 Link Itato Database
L8R1D 5e q Wua Checksus Moldtlse Length ATT/P/OL
0001,0000,0000.00-90 Ox 00000015 0xdd?2 401 100 0/0/0

0002.0000.0000.0000 Ox 00000011 oxreM, 473 ee izozo
0002.0000.0000.01-00 Ox OxbdO4 454 35 o/ozo
0001.0000.0000.00 00* Ox 00000027 Oxffe7 474 V* izozo
Total L3ROH 4
•(In TLV) Leaking houte, • (Hy LURID) naif L3R. ♦ flair L8P(Kxtended)
ATT-Attachod, P-Rartitloe, ©L-Oveiload
L.v.1-2 Link State Database
UR ID Io q Kus ra.ckxu» Moldtlse Length ATT/P/OL
0002.0000.0000.00-00 OXoooooooo oxiiff 471 102 ozozo

0002.0000.0000.01-00 Ox 00000002 0xc5ff 454 55 0/0/0
■ 00.0000.00-00’ Ox >00l)002d OxhM 474 no
000).0000.0000.0J-00* Ox 0xac40 34
0004.0000.0000.00-00 Ox >0000010 441 BI
Total LSPiaii 5
•(In TLV)-boating Rout., • (By MHO)-S.K UP, • •If LSP(Extended),
ATT Attached, !>• Partition, OL overload
□ A. R3 must be a DIS of a level-1 link

□ B. R3 router is a level-2 router
□ C. R3 must be a DIS of a level-2 link (Right Answers)
□ D. The system ID of the R3 router is 0003.0000.0000 (Right Answers)
Answer: CD
442 Regarding the BGP anti-ring mechanism, which of the following description is correct? (Multiple choice)
□ A Use the AS-PATH attribute between the autonomous systems to prevent loops. (Right Answers)
□ B The Cluster List attribute is used for the anti-ring in the reflector cluster If the router discovers that the cluster list of the route entry contains its own cluster ID, it will reject the route.
□ C. Routes learned from IBGP are not advertised to IBGP neighbors They are used to prevent routing loops within the AS (Right Answers)
□ D The AS-CONFED-SET attribute can be used to prevent loops within the confederation. (Right Answers)
Answer: ACD
443. Regarding the Route Policy, which of the following description is correct? (Multiple choice)
□ A. The advanced ACL can be applied to the route-policy to filter routes.
□ B. The entry permit.O less-equal 128 indicates that all IPv6 routes are allowed to pass (Right Answers)
□ C. If more than one node is defined in the Route-policy, at least one of the nodes should have a matching mode of permit. (Right Answers)
□ D. Route-Policy can only filter the default route (Right Answers)
Answer: BCD
444. Which of the following routing tools is unique to B6P?

□ A Route-policy
□ B ACL
□ C. IP-prefix
□ D AS-path-filter (Right Answers)
Answer: D
445. As shown in the following picture, which of the following description is correct?
Ethernet 0/0/0 Ethernet 00/0
R1 R2 ,
isisl isis K
network-entity 49.0001.0001.0001.0001.00 network-entity 49.0001.0002.0002.0002.00-
# #.
interface Ethernet0/0/0 interface EthernetO/O/O-
ip address 10.0.12.1255.255.255.0 ip address 10.0.13.2 255.255.255.O-
isis enable 1 isis enable 1-
isis circuit-type p2p isis circuit-type p2p-
isis peer-ip-ignore isis peer-ip-ignore-
# #.
interface LoopbackO-
ip address 10.0.2.2 255.255.255.255-
isis enable 1*
#-
□ A. R1 exist LSDB of Level-1 and Level-2 at the same time
□ B R1 may Ping through R21 loopbapkO interface address
□ C. R1 has a route to R2 loopbackO 10.0.2.2/32 (Right Answers)
□ D. No neighbor relationship can be established between R1 and R2.
446. The configuration of two routers in a company is as follows, which of the following statement about the R1 routing table is correct?
Ethernet O/O/O Ethernet O/O/O
R1 R2
isisl isis 1*
network-entity 49.0001.0001.0001.0001.00 | network-entity 49.0001.0002.0002.0002.00
# #*
interface EthernetO/O/O interface EthernetO/O/O-
ip address 10.0.12.1255.255.255.0 ip address 10.0.12.2 255.255.255.0*
isis enable 1 isis enable 1*
# #*
ospf 1 router-id 10.0.1.1 interface LoopbackO.
area 0.0.0.0 ip address 10.0.2.2 255.255.255.255-
network 10.0.12.0 0.0.0.255 isis enable 1*
#*
ospf 1 router-id 10.0.2.2.
area O.O.O.O*
network 10.0.12.0 O.O.O.255*
network 10.0.2.2 0.0.0.0*
□ A. Only if the priority of the R2ISIS protocol is adjusted to 5, the P route entry with the destination network segment of 10.1.2.2/32 on R1 will be generated by OSPF.
□ B. If the priority of the ISIS protocol of R1 is adjusted to 5, the P route entry with the destination network segment of R1 on 10.6.2.2/32 is generated by OSPF.
□ C. If the priority of the R1 ISISprotocol is adjusted to 5, the P route entry with the destination network segment of 10.0.2.2/32 on R1 is generated by ISIS. (Right Answers)
□ D. If the priority of the R2 ISIS protocol is adjusted to 5, the P route entry with the destination network segment of 10.1.2.2/32 on R1 is generated by ISIS.
447. Which of the following description about the aggregation of BGP is correct?
□ A After the Aggregate ipv4-address mask is configured, only the aggregated routes are advertised and the detailed routes are not advertised
□ B. For IPv6 routes, BGP supports manual aggregation and automatic aggregation.
□ C. By default, BGP enables automatic aggregation.
□ D. Routing in BGP local routing table can be processed manually polymerization (Right Answers)
Answer: D
448. Which of the following description about BGP routing selection is wrong?
□ A Non-aggregated routes take precedence over aggregated routes. (Right Answers)
□ B. In the case of Pref-Val and local_preference equal, if the locally generated route, an IBGP route, the EBGP routes BGP preference consistent, efficient routing priority locally generated is first.
□ C. See the following entry in the BGP routing table: ’ 172.16 1.11/32 0.0.0.010 0 ? Indicates that the route is available non-optimal.
□ D. The route that is unreachable for nexthop is an invalid route and does not participate in the preference.
Answer: A
449 A number of transition techniques have emerged in the process of replacing a P4 address used in a network with a Pv6 address These technologies are divided into two categories, one is PV4/IPv6 coexistence technology and the other is
v4/P6 interworking technology Which of the folowing options belong to Pv4/IP6 coexistence technology? (Multiple choice)
□ A NAT64
□ B IPv6 over IPv4 (Right Answer*)
□ C Dual-Stack (Right Answers)
□ D ISATAP (Right Answers)
Answer: BCD
450. Which of the following description of the establishment process of LDP LSP is correct? (Multiple choice)
□ A. By default, the LSR is for the same FEC. The received label mapping can only come from the optimal next hop. It cannot be from the non-optimal next hop
□ B. When the network topology change causes the next hop neighbor to change, use free label retention way, the LSR can directly reestablish the LSP by using the label sent by the original non-optimal next hop neighbor (Right Answers)
□ C. Label distribution in the DoD mode, for a specific FEC, the LSR does not need to obtain the label request message from the upstream to perform label distribution (Right Answers)
□ D. The process of establishing an LSP is actually the process of binding the FEC to the label and advertising the binding to the upstream LSR of the LSP (Right Answers)
Answer: BCD
451 As shown in the figure, in the hub&spoke multicast mode of MPLS bgp VPN, in order to realize that the branch can only communicate with the headquarters, the branches cannot communicate with each other Which of the following
schemes can the RT be set to?
172H12/J2
□ A. Headquarters Import Target: 12:3 Export Target: 12:3 branch 1 Import Target: 12:3 Export Target 12:3 branch 2: Import Target: 12:3 Export Target 12:3
□ B. Headquarters: Import Target ■ 1:1 Export Target: 3:3 branch 1: Import Target: 3:3 Export Target: 1:1 branch 2: Import Target: 3:3 Export Target: 2:2
□ C. Headquarters: Import Target : 2:2 Export Target: 3:3 branch 1: Import Target: 3:3 Export Target: 1:1 ft branch 2: Import Target: 3:3 Export Target: 2:2
□ D Headquarters Import Target: 12:3 Export Target 3:12 branch 1 Import Target: 3:12 Export Target: 12:3 branch 2: Import Target: 3:12 Export Target: 12:3 (Right Answers)
Answer- D
452. Which of the following are DoS (Denial of Service) attacks? (Multiple choice)
□ A. Single packet attack (Right Answers)
□ C. Middleman attack
Answer: ABD
453 Which of the following statement about IPSec VPN is true? (Multiple choice)
□ A Savage mode can support NAT traversal, while main mode does not support NAT traversal
□ B. Two routers establish an IPSec VPN through the master mode Starting from the fifth packet (inclusive), the payload data is often encrypted (Right Answers)
□ C. two routers establish IPSec VPN through aggressive mode, then a minimum of interaction 4 packets between the two devices build tunnel (Right Answers)
□ D. Between two routers, an OSPF neighbor relationship can be established through an IPSec VPN tunnel, and intranet routes can be exchanged
Answers BC
454 Configure queue-based traffic shaping If the queue length exceeds the cache size, the tail drop is performed by default.
□ A. True
Answer: B
455. As shown in the figure, which of the following statement is correct? (Multiple choice)
lsw R2
Rl: R2:-»
bfd bfd-
ip address 10.0.12.1 255.255.255.0 ip address 10.0.12.2 255.255.255.0-
# #-
interface EthernetO/O/1 interface EthernetO/O/1-*
# #-
interface loopbackO interface loopbackO-
tt #-
ospf 1 router-id 10.0.1.1 ospf 1 router-id 10.0.2.2-
bfd all-interfaces enable bfd all-interface enable-
area 0.0.0.0 area 0.0.0.0-
network 10.0.1.10.0.0.0 network 10.0.2.2 0.0.0.0-

network 10.0.21.0 0.0.0.255 network 10.0.21.0 0.0.0.255-
# #-
□ A If the R2 EthernetO/O/1 interfaces down, then R1 BFD session can quickly detect the failure and notify the R1 to make the
□ B. OSPF state changes to FULL, will trigger BFD sessions UP
□ C. If the R2 EthernetO/O/O interface is down, the next hop of the route that R1 reaches 10.0.0.2 is changed to 10 0.21.2.
□ D If R2 close BFD function, BFD session of R1 goes down, it will lead ospf neighbor relationship down (Right Answers)
456. For the Layer 2 VPN technology, which of the following statement is correct? (Multiple choice)
□ A VPLS is a widely used technology on the live network. It can provide Layer 3 packet transparent transmission and achieve multi point access.
□ B The VPLS configuration is highly complex. The Layer 2 network transparently transmits BUM packets. (Right Answers)
□ C. BGP EVPN supports tenant isolation, multi-homing and broadcast suppression (Right Answers)
□ D. BGP EVPN solves the problem of MAC address drift and multi-tenancy that VPLS cannot support (Right Answers)
Answer: BCD
457. If there is a LAN running the 802.1 D Spanning Tree Protocol, which of the following parameters will the non-root switch not receive from the root switch?
□ A. MaxAge
□ B. Root cost
□ C. Forward delay
□ D Hold time (Right Answers)
□ E. Hello time
Answer: D
458. Which of the following description of the 802.1s deployment features is correct?
□ A. Multiple bridges share a spanning tree instance
□ B. All VLANs share a spanning tree instance
□ C. Each VLAN shares a spanning tree instance
□ D. Multiple VLANs share a spanning tree instance (Right Answers)
Answer: D
459 Between the two directly connected devices that have established IBGP neighbors, run the shutdown command to shut down the interface of one of the devices. The BGP connection will not be disconnected immediately
□ B. False
Answer: A
460. In order to reduce the number of OSPF routes in some stub areas, OSPF has developed a special area function Which of the following description about the OSPF special area is correct?
□ A Special area routers cannot establish OSPF neighbor relationships with regular area routers. (Right Answers)
□ B Any OSPF area can be configured as a special area
□ C As -Extemal-lsa is released to the Stub area
□ D ASBR-Summary-LSA is allowed to be advertised to the NSSA area.
Answer: A
461 An engineer builds a network topology to study the working mechanism of the OSPFv3 protocol The configuration of R1 and R2 is as follows What are the types of LSAs exchanged between R1 and R2? (Multiple choice)
□ A. Router-lsa (Right Answers)

□ B Link-LSA (Right Answers)
□ C Network-LSA (Right Answers)
□ D. Inter-area-prefix-lsa
Answer: ABC
462 The topology diagram and configuration are as follows Now I hope that there is no detailed routing entry of 10.6.3.3/32 in the R1 routing table Which of the following statement can achieve this requirement? (Multiple choice)
□ A Configure route summarization on R3 and summarize the routes to 10.0.0 0/16 (Right Answers)
□ B. Configure route summarization on R2 and summarize the routes to 10.0.0.0/16.
□ C Configure filter-policy on R2, match 10.0.3.3/32 by ACL, and apply it in the export direction.
□ D. Configure filter-policy on R1, match 10.0 0.3.3/32 by ACL, and apply it in the import direction (Right Answers)
Answer: AD
463 As shown in the configuration, if the administrator configures OSPF on R1 but R1 cannot learn the routes of other routers, the possible reason is (). (Multiple choice)
[R1]ospf [Rl-ospf-1}area 2 [R1 -ospf-1 -area-0 0 0.2]network 10.0 13.1 0 0.0.0
□ A. Area ID configured by the router and area ID of its neighboring router is different (Right Answers)
□ B. This router is not configured with an OSPF process ID.
□ C The router's announcement network address does not match the interface mask
□ D. This router is not configured with authentication, but the neighbor router is configured with authentication. (Right Answers)
Answer: AD
464. Configure AS-path-Filter ip as-path-filtr 10 permit_100$ means to match the route received from AS100.
□ A True
Answer: B
466. As shown in the figure below, which routes will R2 learn?
Rl R2
Rl R2
1 itit 2
rwlwoik-entity 10 OOOO OOOO 0001 00 netwvrk-enbty 10 0000 0000
filter policy act name *tx export i$n 2
import-ioote direct ■nleiface (iigebitltheinetO/O/O
• ip addrett 10O 1.1 2 255255 255 O
mteiface loopbackO itit enable 2
ip addrect 10 11 1 255 255 255 0
*p eddieit 10 1 J 1 255255 255 0 tub
ip addrett 10 12 1 255 255 255 O tub
A
interface CioabiUtbernetO/O/D
ip addrett 10© 11 1 255255.255 0
tot enable I
ac I name abc
rule 10 permit ip tource 10 1 10 0 0 0 255
□ A. R2 can learn all the routes of R1. (Right Answers)

□ B R2 can learn the 10.1.1.0/24 route.
□ C. R2 can learn the two routes 10 1.2.0/24 and 10.1.3.0/24
□ D. R2 can receive the LSP of R1 but cannot join the routing table.
Answer: A
467 In the MPLS VPN, what is the role of RT? (Multiple choice)
□ A Allow the peer PE to decide which VPNv4 routes to import into the specific VRF. (Right Answers)
□ B Allow the peer PE to decide which VPNv4 routes are not to be imported into a specific VRF. (Right Answers)
□ C Allow the peer CE to decide which VPNv4 routes to import into the specific VRF
□ D. Allow the peer CE to decide which VPNv4 routes are not to be imported into a specific VRF
Answer: AB
468. Regarding the way the device handles packets in the MPLS network model, which of the following description is wrong? (Multiple Choice)
□ A The label forwarding path LSP is determined and established through various protocols during the forwarding of the packet (Right Answers)
□ B. Both LER and LSR will carry out label distribution.
□ C. LSR must not strip labels
□ D. The device discards the IP packets entering the MPLS domain. (Right Answers)
Answer: AD
469 Which of the following description about the MPLS BGP VPN is wrong?
□ A. IBGP enables a stable BGP neighbor relationship on the ARPback interface address.
□ B Route switching between PE and CE can be static route, OSPF multi-instance, IS-iS multi-instance, EBGP
□ C. The TTL field in the tag has the effect of preventing loops.
□ D. BGP Soo is used to prevent routes routed from a VPN site from going back to the site through the MPLS backbone Soo is an extended community attribute automatically generated by MP-BGP (Right Answers)
Answer: D
471 Which of the following statement about the VPNv4 address is wrong?
□ A. When BGP advertises reachable and unreachable VPNv4 routes, it carries the RD attribute
□ B By default, the PE does not perform vpn-target filtering on the received VPNv4 routes (Right Answers)
□ C. The VPNv4 address has a total of 12 bytes, including an 8-byte route identifier RD (Route Distinguisher) and a 4- byte IPv4 address prefix.
□ D Before the local PE advertises the VPNv4 route learned from the site directly connected to itself to other PEs, it sets the Target attribute for these routes and advertises it as a BGP extended community attribute along with the route.
Answer: B
472. Regarding the basic forwarding process of MPLS, which of the following description is wrong?
□ A When the IP packets into the MPLS domain, checks the destination IP address of the corresponding Tunnel ID if TunnellD is 0x0, and proceeds to MPLS forwarding process (Right Answers)
□ B By default, the value of the label assigned to the penultimate hop node by the Egressl node that supports PHP is 3.
□ C. When the packet is forwarded in the MPLS domain, the top label of the MPLS packet is replaced by the label allocated by the next hop according to the label forwarding table
□ D. When an IP packet enters the MPLS domain, the MPLS border device inserts a new label between the packet layer 2 header and the IP header
Answer. A
473. The multicast IP address is 229.130.130 1, and the corresponding MAC address is:
□ A 00-00-5E-02-82-01
□ B. 00-00-5E-82-82-01
□ C 01-00-5E-82-82-01
□ D 01-00-5E-02-82-01 (Right Answers)
Answer. D
474 Which of the following statement about IPSG technology is correct?

□ A. The IPSG can perform binding table matching check on P packets that enter the interface and leave the interface
□ B On the Huawei router, you can configure the IPSG function on the Vlanif.
□ C. If an interface is configured as a DHCP snooping Trust HCP ACK, DHCP NAKHCP, and Offerf packets, other untrusted ports cannot receive these packets. (Right Answers)
□ D ip source check user-bind check-item command to configure based VLAN or interface IP packet checking items, the command have effect on the dynamic and static entries
Answer. C
475. Which of the following statement about HTTPS is wrong?

□ A. HTTPS protocol uses TCP port 443 by default.
□ B HTTPS secures access to data by using SSL VPN (Right Answers)
□ C. When using HTTPS to access a website, if the user's browser does not recognize the digital certificate of the website, the website cannot be accessed.
□ D. If the HTTPS traffic contains a virus, the router cannot directly detect the virus using IPS technology
Answer. B
476 Application of the two-speed double-barrel in traffic policing, the number of tokens in the C bucket is TC, a number of tokens in P bucket is TP When a packet of length B enters, which of the following statements is correct? (Multiple
choice)
□ A If TP-B>0 and TC-B>0, the packet is marked as green (Right Answers)
□ B If TP-B>0 and TC-B<0, the packet is marked as yelow (Right Answers)
□ C If TP-B<0 and TC-B<0. the packet is marked as red (Right Answers)
□ D If TP-B>0 and TC-B<0, the packet is marked as green
Answer. ABC
477. The network administrator defines a traffic policing strategy as follows:
[Huawc-1 J display traffic policy uaer-deflned

Policy: pi
Clauulfler: cl
Operator: OK
Behavior: H
Coosnt 11 ed Accenu Rate:
CIR 2M. (Kbpn). PIK 0 (Kbps). CBS 48128 (byte). PBS 80128 (byte)
Color Rode: color Blind
Conform Action:
Yellow Action: Yn»o»
statistic: enable
The router port that uses this policy has been idle for about 10 seconds. At this time, there are huge bursts of c1 type traffic coming in an instant, so how many bytes will be colored in the green packet?
□ A. 256K bytes
□ B. 32K bytes
□ D. 80128 bytes
Answer. C
478. BGP EVPN advertises external routes, which of the following types of routes are used?
□ A. Type4
□ B. Typel
□ C. Type2
□ D. Type3
□ E Type5 (Right Answers)
Answer. E
479. Which of the following statements about the VXLAN gateway are wrong?
□ A. The third layer gateway of VXLAN can be divided into centralized gateway and distributed gateway
□ B. The third layer gateway of VXLAN allows inter-subnet VXLAN communications and external network access.
□ C. VXLAN Layer 2 gateway is bound to the VPN instance (Right Answers)
□ D. The second layer gateway of VXLAN allows tenant access XLAN, and used to communicate between the subnets in the same VLAN
Answer: C
480 VRRP priority cannot be set to 0. so the device which send VRRP packets of priority 0 will stop adding VRRP backup group, and inform the backup device immediately become a Master device, without waiting for Master_Down_lnterval
timer expires
□ B. False
Answer. A
481. Which of the following statements about BGP attributes are correct?
□ A. A path can only have one Community attribute value.
□ B. The number of the neighboring AS is displayed on the right side of the As Path list of the BGP routing entry
□ C. The Local_Pref attribute is exchanged only between EBGP peers and is not advertised to the other ASs.
□ D. When a route learned from an EBGP peer is advertised to an IBGP peer, the BGP speaker does not change the Next_Hop attribute of the route (Right Answers)
Answer: D
482. You need to access the subnets of different VPNs in the VXLAN network. The information about a subnet is as follows: RT=10:10 RT=1000:1000 Export 1000 in the EVPN instance and RT-100:100 in the VPN instance Which of the
following configurations can I make for another subnet? (Multiple choice)
□ A. The EVPN instance is 1000:1000.
□ B. 1000:1000 appears in the VPN instance (Right Answers)
□ C. 10:10 in the VPN instance
□ D. EVPN implement 1000: 1000expor (Right Answers)
Answer. BD
483 A number of transition techniques have emerged in the process of replacing an IPV4 address used in a network with an IPv6 address These technologies are divided into two categories one is IPV4/IPv6 coexistence technology, and the
other is IPV4/IPV6 interworking technology Which of the following options belong to IPV4/IPV6 coexistence technology? (Multiple choice)
A NAT64
B IPv6 over IPv4
C Dual-stack
D SATAP
484. To which NMS's SNMP message type event reports sent are reliable?
□ A. Response
□ B. Trap
□ C Inform (Right Answers)
□ D. Get
□ E. Get bulk
Answer. C
485. The bookstore provides a wired network for customers to learn online However, some users suddenly cannot access the network After troubleshooting, all IP addresses in the DHCP address pool are exhausted. Which of the following is
the best way to solve the problem?
□ A. Configure a static ARP binding entry
□ B. Configure IPSG
□ C. Configure DAI
□ D. Limit the maximum number of DHCP snooping binding entries that can be learned on the interface (Right Answers)
486 Assume that the BGP/MPLS IPv4 VPN of Static routing and OSPF, LDP are configured on the PE to enable the NSF function Which of the following protocols are required to configure to enable the GR function on the PE? ( Multiple
Choice)
□ A OSPF (Right Answers)
□ B MPLS LDP (Right Answers)
□ C BGP (Right Answers)
□ D Static routing
Answer. ABC
487. Which of the following belong to single package attack? (Multiple Choice)
□ A. Special control package attack (Right Answers)
□ B. Scanning detection attack (Right Answers)
□ C. DDoS attack
□ D. Malformed package attack (Right Answers)
Answer: ABD
488 The LAND attack is performed by the attacker sending a source address and a destination address to the destination host as the destination host. The source port and the destination port are the same SYN packet When the receive
for the final ACK packet from the sender, the connection is always in a semi-connected state, resulting in waste of limited TCP resources at the receiving end
□ A True
Answer: B
489. The network administrator defines a traffic policing strategy as follows:

[Huawei] display traffic policy user-defined
User Defined Traffic Policy Information
Policy: p1
Classifier: c1
Operator: OR
Behavior: b1
CIR 256(kbps) . PIR 0(kbps) . CBS 48128(byte) . PBS 80128(byte)

Color Mode: color blind
Conform Action: pass
Yellow Action: pass
statistic: enable
The router port to which this policy is applied has been idle for about 10 seconds. At this time, there is a huge amount of burst traffic of the c1 type, then how many bytes will the packet be colored in green?
b A. 256K bytes
□ B 32K bytes
□ D. 80128 bytes
Answer. C
490. Which of the following does the digital certificate not contain?
□ A Public key information
□ B. Digital envelope (Right Answers)
□ D. Issuer
Answer. B
491. Which of the following belong to DoS (Denial of Service) attacks? (Multiple Choice)
□ A Single packet attack
□ C. MITM attack
Answer. BD
492. What improvements have been made to the IGMPV2 protocol compared to IGMPV1? (Multiple Choice)
□ A. Added specific group query message (Right Answers)
□ B. Added off-group message (Right Answers)
□ C Added maximum response time field (Right Answers)
□ D. Added specific source group query message
Answer: ABC
493 Run the display mpls Isp command on the router to view the LSP information. The command output is as follows
[Huawei]display mpls Isp

LSP InformatiorrLDP LSP
FEC In/Out Label In/Out IF VRF Name
1.1.1.1/32 NULL/1024 -/GE0/0/2
1.1.1.1/32 1027/1024 -/GE0/0/2
2.2.2.2/32 NULL/3 -/GE0/0/2
2.2.2.2/32 1028/3 -/GE0/0/2
3.3.3.3/32 NULL/3 -/GE0/0/0
3.3.3.3/32 1026/3 -/GE0/0/0
4.4.4.4/32 3/NULL
Which of the following is correct?
□ A. When sending a packet with the destination IP address of 4.4.44, the router sends it directly without adding any labels
□ B. After the router receives the data packet with the label 1024, it changes to the label 1027 and then sends the data packet
□ C When sending a packet with the destination P address of 2.2.2.2, the router sends it directly without adding any label (Right Answers)
□ D. When sending a packet with a destination address of 3.3.3 3, the router will add the label 1026 to the packet before sending it.
Answer: C
494 Which of the following statements are wrong about cross-domain MPLS VPN? (Multiple Choice)
□ A When the public network label is LDP-based, the Layer 3 label is required for the cross-domain VPN-OptionC scheme 2 packet forwarding process (Right Answers)
□ B For cross-domain VPN-Option B mode, an MP-EBGP neighbor relationship needs to be established between the two ASBRs
□ C For the cross-domain VPN Option A mode, the route between the two ASBRs is a normal PV4 route
□ D For the cross-domain VPN-OptionB mode the two ASBRs are connected to each other through muHiple interfaces (including sub-interfaces) Each interface is associated with a VPN Each ASBR-PE treats the peer as a CE (Right
Answers)
Answer: AD
495. Regarding the way the device handles packets in the MPLS network model, which of the following descriptions are wrong? (Multiple Choice)
□ A. The label forwarding path LSP is determined and established through various protocols during the forwarding of the packet. (Right Answers)
□ B. Both LER and LSR will carry out label distribution
□ C. LSR must not strip labels. (Right Answers)
□ D. The device discards the IP packets that enter the MPLS domain (Right Answers)
Answer: ACD
496 Enable SSM on the entire IP multicast network.

Which of the following statements about SSM are correct? (Multiple Choice)
□ A. No RP is required. (Right Answers)
□ B Only RPT is used for SSM
□ C. SSM is recommended when there are multiple sources on the network and multicast routing is simple.
□ D. SSM is suitable for one-to-many application (Right Answers)
□ E. Only SPT is used for SSM (Right Answers)
Answer: ADE
497. When a packet is forwarded to the public network in the MPLS BGP VPN network in the domain, it will be encapsulated with two layers of MPLS labels Which of the following description about the two-layer label is wrong?
□ A By default, the router assigns the same label value to all VPNv4 routes destined for the peer PE (Right Answers)
□ B. The private network label is carried and distributed when the route is delivered by MP-BGP. The public network label is distributed by the LDP protocol.
□ C The export PE uses the inner label when determining which export CE the message should be sent to.
□ D MPLS BGP VPN uses two-layer label public network label (also known as outer label) and private network label (also known as inner label)
Answer: A
498 You are assigned the task of compressing the IPV6 address as much as possible If the original IPV6 address is 2013 0000 130F 0000 0000 09c0 876A 130B, which of the following is the compressed format IPV6 address?
□ A. 213.13F 9C 876A13B
□ B 2013 130F9C0876A 130B
□ C 20130 130F 0 0 9C0 876A 130B
□ D 20130 130F 0 0 090 876A130B
□ E 20130 130F 9C0 876A130B (Right An»wer»)
Answers E
499. Which of the following statements about the IS-IS route summary is correct?
□ A. You can configure route aggregation and take effect on all types of routers. (Right Answers)
□ B. Route summarization only takes effect on the Leve-2 router
□ C. Route aggregation only takes effect on Level-1 router
□ D. Route aggregation only takes effect on the Level-1-2 router
Answer: A
500. In an existing OSPF network, which type of LSA will cause SPF calculation? (Multiple Choice)
□ A Type 1 LSA (Right Answers)
□ B Type 3 LSA
□ C. Type 4 LSA
□ D Type 2 LSA (Right Answers)
□ E. Type 5 LSA
Answer: AD
501. Which of the following statements about IS-IS route leakage are correct? (Multiple Choice)
□ A. IS-IS route leakage can be configured in the IPV6 environment. (Right Answers)
□ B. In the IS-IS route leakage, the route to be leaked cannot be a summary route.
□ C. IS-IS route leakage does not cause neighbors to oscillate (Right Answers)
□ D. IS-IS route leakage is used to prevent routing loops
□ E. You can configure IS-IS route leakage on the Level-1 router.
Answer: AC
502. Which of the following description is correct about the ISIS LSP fragmentation extension?
□ A Enable the ISIS router to generate more LSP fragments to carry more ISIS information. (Right Answers)
□ B The fragmentation extension of ISIS is equally valid for the Helio package.
□ C. ISIS fragmentation extension is achieved by adding virtual systems, which can be expanded to up to 1000 virtual systems.
□ D The maximum number of fragments that an ISIS router can generate is 1024.
Answer: A
503 Regarding the BGP confederation, which of the following description is wrong?
□ A. The confederation divides an AS into several sub-ASs, and the external AS still considers the confederation to be an AS
□ B The sub-AS number of the confederation is advertised to BGP peers outside the confederation by default (Right Answers)
□ C. The sub-AS number in the confederation can use a private AS number A Huawei NE/AR router can be configured with up to 32 sub-AS numbers.
□ D. The confederation can easily detect the routing loop in the AS because EBGP is running between sub-ASs.
Answer. B
504. Which layers are shared in the OSI reference model and the TCP/IP model? (Multiple Choice)
□ A. Expression layer
□ B. Application layer (Right Answers)
□ C. Transport layer (Right Answers)
□ D. Session layer
□ E. Data link layer
Answer: BC
505 Which of the following As_Path attribute values of path-filterl permit’ (100|400)$ command can the AS-Path filter configured with IP match? (Multiple Choice)
□ A. 100 (Right Answers)
□ B . 3100 (Right Answers)
□ C. 300 4200
□ D. 1234 1400 (Right Answers)
Answer: ABD
506. Regarding the Stub area and the NSSA area of the OSPF protocol, which of the following statement is wrong?
□ A. Type 5 LSA is not allowed to be injected in the Stub area, and Type 5 LSA is allowed to inject in the NSSA area (Right Answers)
□ B. Both the Stub area and the NSSA area are allowed to inject Type 3 LSA.
□ C Stub area and NSSA area are not allowed to inject Type 4 LSA.
□ D. The Type 7 LSA is not allowed to be injected in the Stub area, and the NSSA area is allowed to inject the Type 7 LSA.
Answer: A
507 Between the two directly connected devices that have established IBGP neighbor, run the shutdown command to shut down the interface of one of the devices The BGP connection wil not be disconnected immediately
□ B False
Answer: A
508 Which of the following description is correct about Filter-policy?

□ A Filtering the generation of type 5 LSAs and type 7 LSAs on the ASBR in OSPF using Filter-Policy (Right Answers)
□ B. The prefix list can filter routes as well as filter data packets
□ C. Filter-Policy can filter the received or advertised link state information, and can modify the attributes of the route entry
□ D When filtering routes using the prefix list, the entry ip ip-prefix 1 deny 0 0.0.0 0 less-equal 32 means that only the default route is matched
Answer: A
509 After the IS-IS area authentication is configured, which of the following IS-IS packet carries the authentication information?
□ A IS-IS Level-1 SNP and LSP (Right Answers)
□ B IS-IS Leve -1 Hello PDU
□ C. IS-IS Level-2 Hello PDU
□ D. IS-IS Leve-2 SNP and LSP
Answer: A
510. If the Option field 0X000013 in the OSPFv3 Hello packet sent by GigabitEthernet 0/0/0 port of Router A, which of the following descriptions are correct? (Multiple Choice)
□ A GigabitEthernetO/O/O of Router A belongs to the NSSA area
□ B. GigabitEthemetO/O/O of Router A will participate in IPv6 route calculation. (Right Answers)
□ C. Router A is an OSPFv3 device with forwarding capability (Right Answers)
□ D. Router A supports AS-Extemal-LSA flooding (Right Answers)
Answer: BCD
511. The path selection tool can define multiple entries, which of the following tools will automatically generate and reject any entries at the end of the configuration? (Multiple Choice)
□ A. Route policy (Right Answers)
□ B IP-prefix (Right Answers)
□ C. Community -filter (Right Answers)
□ D AS-Path-filter (Right Answers)
Answer. ABCD
512. If there is no zoning, which of the following statements are correct about the link state routing protocol? (Multiple Choice)
□ A. Routers in the same routing domain may repeatedly receive the same link state information (Right Answers)
□ B Routers in the entire routing domain have the same LSDB (Right Answers)
□ C. Each router establishes a routing domain topology (Right Answers)
□ D Each router learns routing entries from the updated routing information and adds them to the routing table
□ E. The router sends all link state information from the neighbor to all other neighbors to ensure that the data in the database is synchronized
Answer: ABC
513. Which of the following configurations of OSPFV3 route aggregation are correct? (Multiple Choice)
□ A. [Huawei] ospfv3 1 [Huawei-ospfv3-1] asbr-summary 48 cost 20 tag 100 (Right Answers)
□ B [Huaweij ospfv3 1 [Huawei-ospfv3-1 j abr-summary 48 cost 400
□ C. [Huawei] ospf3 1 [Huawei-ospfv3-1] area 1 [Huawei-ospfv3-1-area-0.0.0.1] abr-summary fcOO:O:O:: 48 cost 400 (Right Answers)
□ D [Huaweij ospfv3 1 [Huawei-ospfv3-1] area 1
□ E [Huawei-ospfv3-1-area-0 0 0 1] asbr-summary fc00:0:0::48 cost 20 tag 100 [Huawei]interface gigabitether 1/0/0 [Huawei-GigabitEthernetl /0/0) asbr-summary fc00:0:0::48 cost 20
Answer: AC
514 Configuring AS-path-filter ip as-path-fltr10 permit_100$ means match the route received from AS100
□ A. True
Answer. B
515 In the Broadcast network, the election of OIS is started after the neighbor relationship is established
□ B False
Answer: A
516 Which of the following attributes cannot be directly referenced by the if-match of a routing policy?
□ A. Community-filter
□ B. IP-prefix
□ C. As-Path-filter
□ D Regular expressions (Right Answers)
Answer: D
517 As shown in the figure, Between R1 and R2 are PPP links and the direct connection ports are not on the same network segment, but the R1 and R2 direct connection ports can communicate, and the Ethernet link cannot communicate
under the same IP planning, what are the reasons? (Multiple Choice)
□ A. R1 and R2 are connected to the POS port, and the 24-bit subnet route of the direct connection port of the other party is learned through IPCP
□ B R1 and R2 are connected to the POS port, and the 32-bit host route of the direct connection port of the other party is learned through IPCP (Right Answers)
□ C. R1 and R2 are connected to the POS port and learns the MAC address of the peer interface through LCP, and does not require the ARP request MAC address
□ D The data packets of the interconnected POS interface of R1 and R2 do not need to encapsulate the Ethernet header, and do not need to use ARP to request the MAC address (Right Answers)
Answer: BD
518 Which of the following statements are correct about PPPoE data frames? (Multiple Choice)
□ A. The fixed value of the Ethernet Type field is 0x8863.
□ B The SessionJD segment of the ppp session must be the value specified in the Discovery phase and cannot be changed (Right Answers)
□ C. When PPPoE is used to transfer session data, Code must be set to 0x0. (Right Answers)
□ D. After the PPPoE session is established, all Ethernet packets are unicast. (Right Answers)
Answer: BCD
519 Which of the following description is correct about the process of sending and receiving data frames in the Access mode of the switch interface?
□ A When receiving a tagged data frame directly discards in Access mode
□ B Only receive unlabeled data frames in Access mode
□ C When the data frame enters the switch interface, the switch learns the destination MAC address in the data frame
□ D. In the Access mode, the VLAN tag of the data frame will be stripped off when sending (Right Answers)
Answer: D
520. The SWA and SWB are connected by two physical Ethernet links.
The SWA has the following interface configurations:
[SWA]interface GigabitEthemet 1/0/1
[SWA-GigabitEthernet 1/0/1] port link-type trunk
[SWA-GigabitEthernet 1/0/1 j port trunk allow-pass vlan 1 0 100
[SWA]interface GigabitEthemet 1/0/2
[SWA-GigabitEthernet 1/0/2] port link-type trunk
[SWA-GigabitEthernet 1/0/2] port trunk allow-pass vlan 1 10
These two links are aggregated
Assume that the configuration on the SMB is correct.
Which of the following statements are correct in view of this information? (Multiple Choice)
□ A. GigabitEthemet 1/0/1 and Gigabitethernet 1/0/2 can be added to the same LAG without changing the current configuration.
□ B. After the link aggregation is configured on the SWA and the SWB, if enabled MSTP, GigabitEthemet 1/0/1 and GigabitEthemet 1/0/2 will enter the Forwarding state in MSTP
□ C GigabitEthemet 1/0/1 and GigabitEthemet 1/0/2 can be added to the same LAG only after GigabitEthemet 1/0/2 is configured. Change to the same as GigabitEthernet1/0/1 (Right Answers)
□ D. GigabitEthemet 1/0/1 and GigabitEthemet 1/0/2 cannot be added to the same LAG because the allowed VLANs are different. (Right Answers)
Answer: CD
521. The following topology is available, and based on this analysis, which of the following statement is correct?
Ethernet 0/0/0
Ethernet 0AV0
“Ethernet 0AV0 Ethernet 0/0/1
R1 R2 R3
R1
Isis 1
network-entity 49. 0001.0001.0001.0001.00 R2
Isis 1
Interface EO 0 0 is-level level-1
ip address 10.0.12.1 255.255.255.0 network-entity 49.0001.0002.0002.00
xsis enable 1
Interface E0 0 0
R3 ip address 10.0.12.2 255.255.255.0
Isis 1 i&is enable 1
network-entity 49.0001.0003. OOOS. 0003.00
Interface E0 0 1
Interface EO 0 0 xp add 10.0.23.2 255.255.255.0
ip address 10.0.23.3 255.255. 255.0 isis enable 1
is is enable 1
Interface loopbackO
Interface locpbackO ip address 10.0.2.2 255.255.255.255
xp address 10.0.3.3 255.255.255.255 isis enable 1
iiis enable 1
□ A. Because R2 does route aggregation, only the routing entry of 10.0.0.0/16 exists in the IP routing table of R1
□ B There are routing entries for 10.0.2.2/32 and 10.0.3.3/32 in the IP routing table of R1.
□ C. The routing entries of 10.3.3.3/32 and 10.0.0.0/16 exist in the IP routing table of R1 (Right Answers)
□ D. There are routing entries of 10.0.2.2/32 and 10.0.0.0/16 in the IP routing table of R1.
Answer: C
522. Assume that the port shaping rate is 100 Mbps The input bandwidth and configured PIR of each service on the interface are as follows.
Then, after the first round of scheduling, what is the bandwidth allocated by the EF queue?
Queue Type Scheduling type Input bandwidths(bps) Pir(bps)

CS7 PQ 15M 25M
CS6 PQ 30M 10M
EF WFQ weight=5 90M 10M
AF4 WFQ weight=4 10M 10M
AF3 WFQ weight=3 10M 15
AF2 WFQ weight=2 20M 10M
AF1 WFQ weight=l 20M 10M
BE LPQ 1OOM 50M
□ A. 30M
□ B. 15M
□ C. 90M
□ D. 25M
HQ /
Branch AS 65420
Branch office VPN traffic must be forwarded through the headquarters for traffic monitoring.
Which of the following statement about this solution is wrong?
□ A When Hub-CE and Hub-PE use EBGP to transmit routing information, the Hub-PE must be able to accept routes that are repeated by the AS number to receive routes
□ B. OSPF can be used to exchange routing information between the Hub-CE and the Hub-PE and between the Spoke-PE and the Spoke-CE.
□ C. BGP can be used to exchange VPN routing information between the CE and the PE.
□ D. You can establish an MP-IBGP peer relationship between the Spoke-PEs and exchange VPN routing information (Right Answers)
524. As shown in the figure, R1, R2, and R3 run OSPF at the same time and announce their respective loopbacks Which of the following description is wrong?
□ A. You can use the filter-policy export command to filter the loopback route of R3 on the R2 (Right Answers)
□ B You can use the filter export command to filter the loopback route of R3 in Areal on the R2
□ C. You can use the filter import command in AreaO to filter the loopback route of R3 on the R2
□ D. You can filter the loopback route of R3 by using filter-policy import on the R1
Answer: A
525. The topology diagram and configuration are as follows. Now hope that there are no detailed routing entries of 10.6.3.3/32 in the R1 routing table. Which of the following statements can achieve this requirement? (Multiple Choice)
Ethernet 0/0/0 Ethernet 0/0/0
Ethernet WIW "Ethernet 0/0/1 ----------

R1 R2 R3
Rl
Isis 1
network-entity 19.0001.0001.0001.0001.00 R2
Isis 1
Interface E0/0/0 is-level level-1
network-entity 49.0001.0002.0002.00
ip address 10.0.12.1 255.255.255.0
isis enable 1 Interface E0/0/0
is address 10.0.12.2 255. 265. 256.0
RS isis enable 1
Isis 1
network-entity 49.0001.0003.0003,0003.00 Interface E0/0/1
is add 10.0.23.2 255.255.255.0
Interface E0/0/0 isis enable 1
is address 10.0.23.3 265.255.255.0
isis enable 1 Interface loopbackO
ip address 10.0.2.2 255.255.265.255
Interface loopbackO isis enable 1
is address 10.0.3.3 255.265.265.265
isis enable 1
□ A. Configure route summarization on R3 and summarize the routes to 10.0.0.0/16. (Right Answers)
□ B. Configure route summarization on R2 and summarize the routes to 10.0.0.0/16.
□ C. Configure filter-policy on R2 and apply it to the export direction through ACL matching 10.0.0.3/32.
□ D. Configure filter-policy on R1 and match the ACL to 10.0.0.3.3/32 and apply it in the import direction (Right Answers)
Answer: AD
526 As shown in the following topology figure, the corresponding peer relationship is established The AS400 receives the 1 1 1.1/32 network route from the AS100 What is the AS-Path attribute?
□ B 400 300 200 100

□ C 100 200 300 400
□ D. 300 200 100 (Right Answers)
Answer: D
527. The figure shows the router data. Which of the following statement is wrong?
□ A. The system ID of R3 is 0003.0000.0000
□ B. R3 is a Leve-1-2 router
□ C R3 is the DIS of the Leve-1 link (Right Answers)
□ D. R3 is the DIS of the Leve-2 link
Answer: C
528 As shown in the figure, the A department of branch 1 can access the Internet, but the B department can only use the encrypted VPN to access the headquarters resources You can configure the NAT policy on the export device so that
department A can access the Internet and configure IPsec VPN (ESP protocol) for department B + tunnel mode method to allow it to access the headquarters

□ B False
Answer: A
529 Regarding the characteristics of CE dual-homing, which description is wrong?

□ A. The CE is connected to the backbone network through two links The two links can be used as both load balancing and active/standby links.
□ B. In the CE dual-homing network, loops may occur, and route-tags can be used to solve loop problems (Right Answers)
□ C. CE and PE form a CE dual-homed network to ensure high network availability
□ D The VRFs of two PEs connected to the same CE can belong to different VPNs.
Answer: B
530. If multiple candidate RPs are configured in a multicast group, which of the following parameters should be compared the candidate RPs? (Multiple Choice)
□ A. Group-wide mask length of the C-RP service matching the multicast address to which the user joins (Right Answers)
□ B. Number of the C-RP interface
□ C. IP address of the C-RP interface (Right Answers)
□ D. C-RP priority (Right Answers)
Answer: ACD
531 A bookstore provides a wired network for customers to learn online However, some users are found unable to access the network one day After checking, the IP resource of the DHCP address pool has been exhausted Which of the
following is the best way to solve the current problem?
□ A Configure IPSG
□ B Configure a static ARP binding table
□ C Limit the maximum number of DHCP snooping binding entries that an interface can learn (Right Answers)
□ D Configure DAI
Answer. C
532. Regarding the BGP anti-ring mechanism, which of the following descriptions are correct? (Multiple Choice)
□ A. Use the AS-PATH attribute between the autonomous systems to prevent loops (Right Answers)
□ B. The Cluster List attribute is used for the anti-ring in the reflector cluster. If the router discovers that the cluster list of the route entry contains its own cluster ID, it will reject the route.
□ C. Routes learned from IBGP are not advertised to IBGP neighbors to prevent routing loops within the AS (Right Answers)
□ D. You can use the AS-CONFED-SET attribute to prevent loops within the federation. (Right Answers)
Answer. ACD
533. Which of the following types of packets is required to implement virtual machine migration in a BGP EVPN distributed gateway scenario?
□ A Type5
□ B. Type4
□ C. Typel
□ D Type2 (Right Answers)
□ E. Type3
Answer. D
534. Which of the following technologies use tunnels to communicate between IPv6 addresses? (Multiple Choice)
□ A Dual Stack
□ C. ISATAP (Right Answers)
□ D NAT64
Answer. BC
535. The results of the existing router data are as follows, which of the analysis conclusion is wrong?
<R3xtisplay Iola lsetti
batitMM. Inforwitlon for ISIS(l)
1X3 VO 1 l Link stato Database

LOPID !lo<l Mum Checksum Holdt lw> lx»nqt.h ATTZP/OI.
OOOl.oooo.OOOO.00-00 0x00000015 Oxdd22 491 104 0/0/0
0002.oooo.oooo.oo-oo 0X0(100001 1 Oxfo'lt 675 00 1/0/0
0002.0000.0000.01-00 0X00000006 0x1x104 656 55 0/0/0
OOO3.oooo.oooo.oo oo* 0X00000027 oxrrev 676 1/0/0
Total LSP(s)s 4
• (in TI.VI txvaklnq Route, •<ny i.£pio> -seif LSP, . Self LOP (Kxt ended! .
ATT-Attached, P-Paxtltlon, OL-Overload
Zj*v«1-2 Link State Database
LSP ID 8eq Mum Checksum NOldtlXM Lenqth ATT/P/OL

0002.OOOO.OOOO.OOOO OXOOOOOOOb oxiirr 670 102 0/0/0
0002.0000.0000.01-00 0X00000002 Oxcsrr 656 0/0/0
OxOOOOOO?d Oxt>69«. 674 130 0/0/0
0003.OOOO.OOOO.03-00* oxoooooooe Oxac4O 673
0004.0000.0000.00-00 0*00000010 0x9Oci> 061 00 0/0/0
Total LSPO) : 5
•(In TLV)-Leaking Route, • (By LSPIP)-8«lf I.SP, «-Self LSP (F.xtonded) ,
ATT Attached, I» Partition, Ob overload
□ A R3 router is a Level-1-2 router A R3 must be a DIS of a Level-1 link

□ B R3 must be a DIS of a Level-2 link D. The system ID of the R3 router is 0003 0000 0000 0000 (Right Answers)
Answer. B
536 In the process of using the LACP protocol, which of the following descriptions are correct? (Multiple Choice)
A You can prevent the Eth-Trunk interface from frequently flapping due to physical link reasons Interface eth-trunk 1 Lacp preempt enable Lacp preempt delay delay-time (Right Answers)
SB You can configure the source IP address for load balancing in the enabled link aggregation group by using the following command Interface eth-trunk 1 Load-balance src-dst-ip
□ C You can remove a member interface in an enabled link aggregation group by using the folowing command Interface GigabitEthemetO/O/1 Debug Interface GigabitEthemetO/O/1 Undo eth-trunk 1 interface GigabitEthemetO/O/1 Undo
shutdown (Right Answers)
□ D You can add member interfaces to the link aggregation group enabled by the following command Interface GigabitEthemetO/O/1 Debug Interface GigabitEthemetO/O/1 Trunkport GigabitEthemetO/Q/1 Interface GigabitEthemetO/O/1 Undo
shutdown
Answer. AC
537. As shown in the figure, an OSPF network is set up by the company The links in the figure form OSPF adjacencies All OSPF devices announce their own loopback addresses. One day S1-R2 and S2-R1 two links suddenly failed. In order
to check whether the network is running normally, the engineer performed a device status check. Which of the following descriptions are correct? (Multiple Choice)
□ A R5 can learn the loopback route of R2 normally (Right Answers)

□ B. R3 cannot learn the loopback route of R2 (Right Answers)
□ C. R1 can learn the loopback route of R2 normally
□ D R3 can learn the loopback route of R2 normally
Answer. AB
538. The Option field in OSPF3 appears in all LSAs.

□ A. True
Answer. B
539 As shown in the following topology EBGP is run between AS100 AS200 AS300 and AS400 The neighbor relationship is established When AS400 receives the BGP route from the network segment 1 1 1 1/32, what is the correct path
order recorded in the AS path attribute?
Answer. D
540. An existing BGP router HW1 is configured with both an IBGP neighbor and an EBGP neighbor Which of the following descriptions are correct about IBGP neighbors and EBGP neighbors? (Multiple Choice)
□ A. The router will send BGP updates learned from its IBGP neighbors to its own other IBGP neighbors and EBGP neighbors
□ B. The router will send BGP updates teamed from its EBGP neighbors to its own other IBGP neighbors and EBGP neighbors (Right Answers)
□ C. IBGP neighbors must be directly connected. Otherwise, IBGP-Multi-hop must be configured
□ D. EBGP neighbors must be directly connected. Otherwise, EBGP-Multi-hop must be configured (Right Answers)
□ E. IBGP neighbors can establish neighbor relationships through loopback interfaces (Right Answers)
□ F. EBGP neighbors must establish neighbor relationships through directly connected physical interface addresses
Answer. BDE
541. In an MPLS IBGP VPN environment, if LDP distributes labels only through BGP, the MPLS labels of the packets are at most two layers
□ B. False
Answer: A
542. Regarding the cross-domain VPN-OptionB scheme, which of the following description is wrong?
□ A. During the packet forwarding process, exchange the private network LSPs of the VPN on the two ASBRs
□ B. An IP-EBGP neighbor relationship needs to be established between the two ASBRs.
□ C. The cross-domain VPN-Option B scheme is not limited by the number of interconnected links between ASBRs
□ D Exchange the outer label of the VPNv4 route between the two ASBRs (Right Answers)
Answer: D
543 Router R1 runs the OSPF protocol Use the display ip routing-table command to view the routing table of the Router R1. Which of the following description is correct about the OSPF information in the routing table?
□ A In the routingtable, the routing entriesidentified by the "OSPF" identifier can only be learned through the Type 3 ISA.
□ B. In the routingtable, the routing entry identified by the "OSPF" identifier can only pass the LSA of class 1
□ C. In the routingtable, the routing entries identified by the OSPF identifier can be learned through 1/2/3/5 LSAs.
□ D In the routingtable, the routing entries identified by the “0_ASE" identifier can only be learned through routing. (Right Answers)
Answer: D
544 Regarding the certification of the ISIS protocol, which statements are correct? (Multiple Choice)
□ A. Interface authentication can authenticate hello packets of Level-1 and Level-2 (Right Answers)
□ B. After the interface authentication is configured, the IIH that the router sends must carry the authentication TLV. (Right Answers)
□ C After the area authentication is configured, the IIH, SNP, and LSP sent by the router must be connected to the authentication TLV
□ D. Two routers are configured for regional authentication and interface authentication. The passwords are the same, so the two can establish neighbor relationship
Answer: AB
545 If the value of the Option field in the 0SPFv3 Hello packet sent by the GigabitEthermet 0/0/0 interface on the router is 0x000013, which of the following descriptions are correct? (Multiple Choice)
□A Gigabit/themetO/O/O port of Router A will participate in IPv6 route calculation (Right Answers)
□ B. GigabitEthemctO/O/O port of Router A belongs to the NSSA area
□ C. Router A supports AS-Extemal-LSA flooding (Right Answers)
□ D. The router is an OSPFv3 device with forwarding capability (Right Answers)
Answer: ACD
546 Regarding the BGP anti-ring mechanism, which of the following description is correct? (Multiple Choice)
□ A Use the AS_PATH attribute between autonomous systems to prevent loops (Right Answers)
□ B The Cluster List attribute is used for the anti-ring in the reflector cluster. If the router discovers that the cluster list of the route entry contains its own cluster ID, it will reject the route.
□ C. Routes learned from IBGP are not advertised to IBGP neighbors to prevent routing loops within the AS (Right Answers)
□ D You can use the AS_CONFED_SET attribute to prevent loops within the federation. (Right Answers)
Answer: ACD
547 Which of the folowing description is wrong about BGP routing selection?
□ A Non-aggregated routes take precedence over aggregated routes A If the PrefVal and Local_Preference are equal if the localy generated route the IBGP route and the BGP preference of the EBGP route are used, the valid indication
generated by this priority takes precedence C See the folowing entry in the BGP routing table ’ 172 16 1 11/32 0 0 0 0 100? Indicates that the route is available non-optimal D The route that is unreachable for next hop is invalid and does
not participate in the preference (Right Answers)
Answer: A
548. Which of the following statements are correct about IPsec VPN? (Multiple Choice)
□ A. Aggressive mode can support NAT traversal, while main mode does not support NAT traversal
□ B. Two routers establish IPsec VPN through the main mode Starting from the fifth message (inclusive), the payload data is often encrypted. (Right Answers)
□ C. Two routers establish IPsec VPN through the aggressive mode, then only two packets are exchanged between the two devices to establish a tunnel. (Right Answers)
□ D. An OSPF neighbor relationship can be established between two routers through an IPsec VPN tunnel, and the intranet is exchanged.
Answer: BC
R1 LSW R2
Rl: R2>
bfd bfd.
#
interface Ethernet0/0/l interface EthernetO/O/1-
It tt-
interface loopbackO interface loopbackO.
# #.
ospf 1 router-id 10.0.1.1 ospf 1 router-id 10.0.2.2-
bfd all-interfaces enable bfd all-interface enable,
area 0.0.0.0 area O.O.O.O-
network 10.0.1.1 0.0.0.0 network 10.0.2.2 O.O.O.O-

network 10.0.21.0 0.0.0.255 network 10.0.21.0 0.0.0.255.
#.
If the R2 Ethernet 0/0/1 interface is down, the R1 BFD session can quickly detect the fault and notify R1 to make the OSPF neighbor relationship down
B The OSPF status changes to FULL, which triggers the BFD session.
C. Ifthe R2 EthernetO/O/Ointerface isdown, thenext hop.of theroutethatRl reaches 10002 is changed to 10.0.21.2.........................................................
550. An MSTP switch treats an RSTP switch as an MSTP domain consisting of a single switch. The MSTP switch resolves the RSTP BPDU to an MST BPDU, where the IRPC is 0.
□ B. False
Answers A
551 Which of the following descriptions are correct about the PPPoE data frame? (Multiple Choice)
□ A When PPPoE passes session data, Code must be set to 0x0 (Right Answers)
□ B Once the PPPoE session is established, all Ethernet packets are unicast (Right Answers)
□ C The SessionlD of the PPP session is not allowed to change, it must be specified in the Discovery phase (Right Answers)
□ D. The Ethernet_Type field is fixed to 0x8863.
Answer. ABC
552. When the ABR is a Type 5/7 LSA switch router in the NSSA area, the ABR can aggregate the Type 5 LSAs converted from the Type 7 LSA.
□ B False
Answer: A
553. Which of the following descriptions are wrong about BGP load sharing? (Multiple Choice)
□ A IBGP routes and EBGP routes arriving at the same destination on the public network can form load balancing. (Right Answers)
□ B If BGP load balancing is implemented, the local device needs to be configured with the peer next-hop-local command to change the next hop address to its own address when advertise router to the IBGP peer group
□ C. The destination network segment is the same, and BGP routes with different sources can form load sharing (Right Answers)
□ D The AS_Path attribute of the equal-cost route that forms load sharing must be different (Right Answers)
Answer: ACD
554. BGP can only automatically aggregate routes originating from Incomplete.
□ B. False
Answer: A
555. In the OSPF broadcast network, there are four routers RTA, RTB, RTC, and RTD in the same network segment The DR priorities are 2, 1, 1, and 0 respectively. The router ID are 192.168.1.1, 192.168.2.1, and 192.168.3.1 and
192.168.4.1. If OSPF protocol is enabled on the four routers at the same time, what is the BDR selected by OSPF?
□ A. RTC (Right Answers)
□ B. RTA
□ C. RTB
□ D RTD
Answer: A
556 Deploying the ISIS protocol in an IPv6 environment, which of the following statement is correct?
□ A In the same broadcast network if each router supports both IPv4 and IPv6, the DIS of IPv4 and IPv6 must be the same device (Right Answers)
□ B In a broadcast network, the DIS priorities of IPv4 and IPv6 can be set separately.
□ C. By default, the DIS priority of the broadcast network interface on Level-1 and Level-2 is 1.
□ D. If ISIS silent is configured on the IS-IS interface, the interface will not send ISIS packets but will receive ISIS packets.
Answer: A
557 The data result of a certain router is as shown in the figure below According to this analysis, which conclusion is correct?
|SI0<l>
riiwlt 14 •«••• M.KT1M Ty»— r*l
•MI.WM.MM.Ol Uv. >>• k> <4
ooo*..oi Vo Ul <4
OQU 1 . MOO . oooo. o » U <4
□ A The GEO/O/O port of R3 and the neighbor are in different areas

□ B R3 is a Level-1 and Level-2 DIS on the link where EthO/O/O is located
□ C The circuit-level of EthO/O/1 of the R3 router is Level-1-2 (Right Answers)
□ D. EthO/O/1 of the R3 router is enabled with both IPv4 and IPv6 ISIS.
Answer: C
558. Which of the following statement is correct about Router-LSA of 0SPFv3?

□ A Similar to 0SPFv2, the Option field exists in the head of the LSA instead of the data area of the Router-LSA.
□ B. The data area of the Router-LSA contains the link-local address
□ C. When the LSA header LS type=OxOOO1, the data area representing the LSA is Router-LSA.
□ D. The data area of the Router-LSA contains the interface ID of the local end and the neighbor (Right Answers)
Answer: D
470 Which of the following are the techniques for improving MPLS BGP VPN reliability? (Multiple choice)
□ A VPN GR (Right Answers)
□ B VPN FRR (Right Answers)
□ C. Configure CE dual-homing networking on the access layer (Right Answers)
□ D. Private network IP routing FRR between the PE and CE (Right Answers)
Answer; ABCD
373. HW users are transmitting a lot of files through TFTP. What protocol does TFTP rely on for transmission?
□ A. IcmP and UDP
□ B iP and TCP
□ D NFS
□ E . FTP
Answer: C
Exam : H12-891_V1.0-ENU MOCK EXAM:
Q1. The label range for MPLS LDP is 16 to 1023
False
Q2. In any case, an IS-IS level-1-2 router generates an LSP with ATT bit set?
False
Q3. The policy enforcement point must be the authentication point and is usually deployed on the user
gateway?
False
Q4. An SRv6 policy tunnel can contain multiple candidate paths, which can forward user traffic at the
same time.
False
Q5. Both NETCONF and RESTCONF can be used to configure network devices. However, only one of the
method can be used for a network device.
False
Q6. Only directly connected routers can be establish MPLS LDP session.
False
Q7. BGP EVPN type2 routes can be used to transmit ARP information.
True
Q8. Virtual system of the FW are isolated by default, hosts in different virtual systems are not able to
communicate with each other? Or By default, Virtual system of the FW are isolated and hosts in
different virtual systems are not able to communicate with each other.
True
Q9. By default, IS-IS calculates the shortest path tree for IPv4 and IPv6 topologies seperately.
False
Q10. An SR policy tunnel is identified by a triplet: Headend, Color and endpoint.

True
Q11. Segment Routing (SR) is a technical architecture desgined based on the source routing concept
for forwarding data packets on a network.
True
Q12. EVPN can function as the control plane of L2VPN or L3VPN.
True
Q13. XML is the encoding format of NETCONF. XML predefined multiple tags, such as <note>, <to>, and
<from>.
False.
Q14. In the inter-AS MPLS L3VPN Option A solution, MPLS does not need to be enabled on the
interfaces connecting ASBR-Pes.
True
Q15. When the networktopologyy is unstable, network engineers can set the interval for updating
OSPF LSAs to 0. In this way, topology or route changes can be immediately advertised to the network
through LSAs, speeding up OSPF convergence.
False
Q16. In an MPLS L2VPN network, if the domain ID carried in the VPN route received by a PE is different
from that carried on the local device, the PE can only generate Type 5 and Type 7 LSAs when importing
the route to OSPF.
True
Q17. When OSPFv3 is configured the router ID must be manually specified and the total length of the
router ID is 128 bits.
False
Q18. The NETCONF client sends YANG file to the NETCONF server to configure the NETCONF server, for
example, configure an IP address.
False
Q19. Paramiko has multiple built-in classes. The SSHclient class integrates the transport, channel and
SFTPclient classes.
True
Q20. By default. An IS-IS level-1 router automatically generates a default route after receiving an LSP
with the ATT bit set.
True
Q21. When a BGP device that supports 4-byte AS number transmits the AS_path attribute to a BGP
device that does not support 4-byte AS numbers, which of the following is the 4-byte AS number
replaced with?
A. 65535
B. 100
C. 12345
D. 23456
Ans: D
Q22. Which of the following is the default cost value of a gigabitethernet interface running OSPF?
A. 1
B. 10
C. 100
D. 1000
Ans: A
Q23. An SRv6 SID contains multiple fields. Which field can be used to generate IPv6 routes?
A. Locator
B. Function
C. Arguments
D. Flow Label
Ans: A
Q24. When a BGP router receives a community carrying which of the following types, it does not send
routes to any BGP peers?
A. 0
B. No_Export
C. No_Advertise
D. No_Export_Subconfed
Ans: C
Q25. Which of the following technologies can provide deterministic experience in Huawei CloudWAN
solution?
A. SRv6 Policy
B. FlexE
C. iFIT
D. Telemetry
Ans: B
Q26. Which of the following is the default interval for sending BGP keepalive packets?
A. 10s
B. 60s
C. 100s
D. 180s
Ans: B
Q27. Which of the following is the total length of an MPLS label? Or Which of the following is the total
length of an MPLS header?
A. 10 byte
B. 2 byte
C. 4 byte
d. 20 byte
Ans: C
Q28. VXLAN uses UDP to encapsulate user data. Which of the following is the default destination port
number?
A. 80
B. 4789
C. 8080
D. 179
Ans: B
Q29. In an inter AS MPLS L3VPN scenario, if only LDP and BGP are used to distribute labels, which of
the following layer 3 labels may be used during packet forwarding? Or In an inter AS MPLS L3VPN
scenario, if only LDP and BGP are used to distribute labels, which of the following scenarios may use
three layers MPLS labels during packet forwarding?
A. OptionA
B. OptionB
C. OptionC
D. HoVPN
Ans: C
Q30. Which of the following can be matched by the regular expression *^(100 | 200)$*?
A. 100 200
B. 102
C. 100
D. 201
Ans: C
Q31. Which of the following route types is used by EVPN to implement L2VPN fast convergence?
A. Type1
B. Type2
C. Type3
D. Type4
Ans: A
Q32. MP_REACH_NLRI is added to MP-BGP. Which of the following AFI values indicates that IPv6
routes can be transmitted? Or MP_REACH_NLRI is added to MP-BGP. Which of the following AFI values
indicates that IPv6 routes can be advertised?
A. 1
B. 2
C. 16
D. 70
Ans: B
Q33. When both a PC and a printers are connected to an access device interface, which of the
following authentication modes can be used to ensure network security and the printer can access the
network?
A. MAC address authentication

B. 802.1 X authentication
C. Portal authentication
D. MAC bypass authentication
Ans: D
Q34. Which of the following queue scheduling algorithms can avoid starvation of low-priority queues
during QoS service deployment?
A. FIFO
B. SP
C. WFQ
D. WRED
Ans: C
Q35. Which of the following is the destination IP address of an MPLS LDP link hello packet?
A. 224.0.0.1
B. 224.0.0.2
C. 224.0.0.5
D. 224.0.0.18
Ans: B
Q36. IS-IS supports virtual systems. Which of the following is the maximum number of LSP fragments
that a virtual system can carry?
A. 1
B. 64
C. 128
D. 256
Ans: D
Q37. In MPLS L3VPN scenario, the ingress PE cariies two labels when forwarding user data. Which of
the following protocols allocates the outer label?
A. MPLS LDP
B. MP-BGP
C. OSPF
D. IS-IS
Ans: A
Q38. In MPLS L3VPN scenario, which of the following protocols is used by PEs to transmit VPN routes?
A. MPLS LDP
B. MP-BGP
C. OSPF
D. IS-IS
Ans: B
Q39. In an MPLS L3VPN scenario, a sham link creates an intra-area link between two Pes. Which of the
following is the default route cost of the sham link?
A. 1
B. 10
C. 100
D. 1000
Ans: A
Q40. In which of the following inter-AS MPLS L3VPN solution, the ASBR is unaware of VPN routing
information?
A. OptionA
B. OptionB
C. OptionC
D. HoVPN
Ans: C
Q41. The information center is the information hub of the device. Which of the following information
types are classified into?
A. Log information
B. Trap information
C. Debug information
D. Banner information
Ans: ABC
Q42. Which of the following service modes does gRPC support?

A. Unary RPCs
B. Server streaming RPCs
C. Client streaming RPCs
D. Bidirectional streaming RPCs
Ans: ABCD
Q43. Which of the following information is carried in MP_REACH_NLRI of MP-BGP VPNv4 routes?
A. Export RT
B. Import RT
C. RD
D. Next Hop
Ans: CD
Q44. Which of the following technologies can improve campus network reliability?
A. VRRP
B. Eth-Trunk
C. iStack
D. CSS
Ans: ABCD
Q45. Which of the following types of queues are categorized by HQoS?
A. flow queue
B. user queue
C. Interface queue
D. control queue
Ans: ABC
Q46. Which lof the following statements about the default label distribution mode, label distribution
control mode, and label retention mode of huawei devices are correct?
A. the label advertisement mode is DU.

B. the label advertisement mode is DoD
C. The label distribution control mode is independent. OR The label distribution control mode is
ordered.
D. The label retention mode is conservative.
Ans: AC
Q47. Which of the following overlay network topologies are supported by huawei SD-WAN solution?
A. Hub-Spoke
B. Full-mesh
C. Partial-mesh
D. Hierarchical
Ans: ABCD
Q48. Which of the following types of tunnels do not require manual tunnel interface creation? Or
When a tunnel is configured using commands, which of the following types of tunnels do not require
manual tunnel interface creation?
A. MPLS LDP
B. SR-MPLS BE
C. SR-MPLS TE
D. SR-MPLS Policy
Ans: ABD
Q49. Which of the following algorithms need to be negotiated for SSH transport layer protocol?
A. Secret key exchange algorithm

B. Public key algorithm
C. Symmetric encryption algorithm
D. Message authentication algorithm
Ans: ABCD
Q50. Which of the following technologies can carry IPv6 service traffic over an Ipv4 network?
A. 6PE
B. NAT46
C. NAT64 or GRE TUNNELING
D. 6VPE
Ans: ACD
Q51. Which of the following LSAs can a router running OSPF generate a default route based on?
A. type2
B. type3
C. type4
D. type5
Ans: BD
Q52. On MPLS VPN network, when a PE imports VPN routes learned from other Pes to OSPF, which of
the following LSAs may be generated?
A. type1
B. type3
C. type5
D. type7
Ans: BCD
Q53. Which of the following protocols can be used by the controller to configure network devices? Or
Which of the following protocols can be used by HUAWEI SDN controller to configure network devices?
A. NETCONF
B. SNMP
C. Telemetry
D. iFIT
Ans: AB
Q54. Which of the following statements about NETCONF and RESTCONF are correct?
A. NETCONF supports rollback

B. RESTCONF uses the HTTP operation method and does not support rollback
C. both NETCONF and RESTCONF implement device configuration
D. the NETCONF content layer supports the XML and JSON encoding modes
Ans: ABC
Q55. Which of the following are the advantages of the EVPN? Which of the following are the
advantages of EVPN?
A. Automatic discovery of PE members

B. Multi-active CE access
C. ECMP
D. fast convergence
Ans: ABCD
Q56. Which of the following attributes are carried by the routes reflected by a BGP RR by default?
A. Cluster_list
B. Originator_id
C. AS_Path
D. Next hop
Ans: ABCD
Q57. Which of the following protocols can be extended to support SRv6?
A. OSPF
B. IS-IS
C. BGP
D. MPLS LDP
Ans: BC
Q58. Which of the following causes may cause the failure to establish an OSPF neighbor relationship?
A. Router ID conflict
B. Inconsistent area ID
C. Inconsistent interface mask
D. Inconsistent process ID
Ans: ABC
Q59. OSPF supports route summarization. Which of the following LSAs can carry summarized routes?
A. Type1
B. Type3
C. Type4
D. Type5
Ans: BD
Q60. Which of the following methods can be used to push telemetry data on Huawei devices?
A. UDP
B. gRPC
C. HTTP
D. NETCONF
Ans: AB
1. BGP Link State (BGP-LS) introduces a new NLRI into BGP. The NLRI carries link, node, topology,
prefix and other information and is also referred to as the link state NLRI
- True
- False
2. iMaster NCE-IP supports two high availability (HA) modes active/standby protection and cluster
protection
- True
- False
3. In 6PE and 6VPE networking no VPN instance needs to be created on PEs.

- True
- False
4. SSH must be configured before you can enable NETCONF on Huawei network devices.
- True
- False
5. In a scenario where a VXLAN tunnel is dynamically established through BGP EVPN the RT carried
in a BGP EVPN Type 2 route is the export RT of the corresponding IP VPN instance.
- True
- False
6. In DU label advertisement mode, if the liberal label retention mode is used the device reserves
labels received from all the LDP peers regardless of whether LDP peer is the optimal next hop
for reaching the destination network
- True
- False
7. If the K bit in the GRE header is set to 1 a 4 byte key field is inserted into the GRE header. The
sender and receiver then authenticate each other based on the key
- True
- False
8. An HTTP pocket consists of three parts; start line, header fields and body.
- True
- False
9. The OSPFv3 router ID must be set to a 128 bit dotted decimal number
- True
- False
10. The major routing policy tools available to BGP include the filter policy and route policy. The
filter policy can only be used to filter routers and the route policy can only be used to modify
routes.
- True
- False
11. iMaster NCE Campus provides the terminal identification function to display the terminal type
operating system and manufacturer information
- True
- False
12. When you configure a virtualized campus network on iMaster NCE Campus. Fit APs can
immediately go online after you add them to the iMaster NCE Campus
- True
- False
13. Collecting information before a cutover helps you determine whether services are normal
before and after the cutover
- True
- False
14. During the establishment of an SSH connection the two communication parties negotiate the
version to be used. Which of the following data is not contained in version negotiation packets
sent by the SSH server and client?
Secondary Protocol Version Number

Compatible Protocol Version Number
Software Version Number
Major Protocol Version Number
15. In the late stages of the IPv4 to IPv6 transition, IPv6 networks will be widely deployed and IPv4
networks are siloed sites scattered among IPv6 networks. Which of the following technologies
can be used to enable communication between IPv4 networks over in IPv6 public network
- ISATAP tunneling
- IPv4 over IPv6 tunneling
- 6PE
- NAT64
16. Telemetry data subscription defines the data receive end and transmit end as well as their
interactions. Which of the following is not involved in telemetry static subscription?
- The analyzer needs the sampled data stored on the collector
- A network device reports sampled data to the collector based on configuration delivered by the
controller. The collector receives and stores the data
- After the gRPC service is configured for telemetry enable devices the collector delivery
configuration to the devices to collect data
- The analyzer analyzes the sampled data and sends the results to the controller
17. If the ISIS timer hello 5 level-2 command is run on an interface which of the following statement
is true
- The interval for sending level 2 LAN IHs on the interface is 5
- The interval for sending level 1 and level 2 LAN IPH on the interface are both 5
- The interval for sending level 2 CSNP s on the interface is 5
- The interval for sending level 1. LAN IPH on the interface is 5
18. What is the default aging time of entries in seconds in MAC address table on a Huawei switch
- 500
- 400
- 300
- 5
19. Which of the following is the type of northbound API used by iMaster NCE WAN?
- NETCONF
- CLI
- SNMP
- RESTful
20. Assume that the SRH of an SRv6 packet has five segment IDs When the packet is sent from the
third endpoint which segment ID will the node use as the IPv6 destination address?
- 2
- 3
- 1
- 5
21. If an IPv6 packet has only one extension header – the Segment Routing Header (SRH) what is the
value of the Next Header field in the IPv6 basic header?
- 43
- 50
- 51
- 41
22. Which of the following status codes will not be returned by the server when a resource is
successfully created?
- 200
- 202
- 301
- 201
23. OSPF based SR MPLS is enabled on all routers. The SRGB of each router is shown in the figure. By
default, when R3 forwards a data packet whose destination address is 10.0.4.4 which of the
following MPLS lables is carried in the packet?
- 100
- 40100
- 1
- 50100
24. IPsec SAs can be established in either manual mode or IKE auto negotiation mode. Which of the
following statements about the two modes is incorrect?
- SAs established in both manual and IKE auto negotiation modes can be dynamically updated.
- The lifetime of an SA established in IKE auto negotiation mode is controlled by the lifetime
parameters configured in both ends of the tunnel.
- In IKE auto negotiation mode the encryption and authentication keys required for establishing
an SA are generated using the DH algorithm
- In manual mode all parameters including encryption and authentication keys required for
establishing an IPSec SA need to be manually configured.
25. Which of the following is not a function of OSPFv3 link LSAs?

- Advertises the option field in the network LSA originated on the local link to other routers
attached to the link
- Advertises a list of IPv6 prefixes of the local interface to other routers attached to the link
- Advertises the interface ID of the local router to other routers attached to the link
- Advertises the link local addresses of the local interface to other routers attached to the link
26. NETCONF provides a set of mechanisms for managing network devices. What layers can
NETCONF be conceptually partitioned into?
- Secure transport layer, messages layer, configuration layer, and content layer
- Encrypted transport layer, messages layer, operations layer, and content layer
- Secure transport layer, Messages layer, Operations layer and Content layer
- Encrypted transport later messages layer configuration layer content layer
27. In a bearer WAN optimization scenario, you can choose whether to apply the computation
result to the network after the controller completes path computation. Which of the following
technologies cannot be used by the controller to deliver the path computation result?
- NETCONF/YANG
- PCEP
- BGP SR Policy
- BGP LS
28. Which of the following statements is incorrect about a BGP MPLS IP VPN?
- Inter site communication can be implemented through VPN. A Site can only belong to only one
VPN
- In most cases, CEs are unaware of VPNs and do not need to support MPLs or MP BGP
- Ps only need to provide basic MPLS forwarding capabilities and do not need to maintain VPN
related information
- BGP/MPLs IP VPN consists of customer edges (CEs) provider edges (PEs) and providers (Ps). PEs
and Ps are carrier devices whereas CEs are BGP/MPLS IP VPN customer devices.
29. On a broadcast network. If the DR priorities of two interfaces connecting two routers are set to
0 in which of the following states will the OSPF neighbor relationship stay?
- 2 way
- Full
- Exchange
- Down
30. Which of the following statements is correct about static LSP configuration on an MPLS
network?
- When an LSR functions as a transit mode both outgoing and incoming labels need to be
configured and their label spaces are both 16 to 1023
- When an LSR functions as a transit mode both outgoing and incoming labels need to be
configured. The space for incoming labels is 16 to 1023 and that for outgoing label is 16 to
1048575
- When an LSR functions as an egress only incoming labels need to be configured and the label
space is 16 to 1023
- When an LSR functions as an ingress only outgoing labels need to be configured and the label
space is 16 to 1048575
31. Refer to the following command output on the router R1, which of the following statements is
incorrect?
- Key authentication is disabled for the tunnel
- The tunnel is a GRE tunnel
- The destination IP address of the tunnel is 10.2.3
- Keepalive detection is enabled on the tunnel
32. Which of the following operations is unnecessary to resolve a failure for hosts in the same VLAN
to communicate with each other?
- Run the display mac-address command on the switch to check MAC address entries including
the MAC address port number and VLAN ID
- Run the display vlan vlan-id command in any view to check whether the VLAN for
communication interfaces has been created
- Run the display current configuration command to check the PCB version and the software
version of the card
- Run the display interface interface type interface number command in any view to check the
status of communication interfaces
33. As shown in the figure the arp distribute-gateway enable command is run on VBDIF20 of VTEP1
Which of the following ARP entries exists on VTEP1?
- Entry of 10.0.2.2
- Entry of 10.0.2.4
- Entry of 10.0.2.3
- Entry of 10.0.2.1
34. On a virtualized network deployed using iMaster NCE Campus after an administrator performs
an operation iMaster NCE Campus delivers the configuration shown in the following figure to
devices. Which of the following operations did the administrator perform?
- Create a fabric named MKT
- Create a VN named MKT
- Create a network service resource named MKT
- Create an external network named MKT
35. Which of the following statements is incorrect about security groups and resource groups in
Huawei’s free mobility solution?
- The any group can function as both a source group and a detention group
- A UCL group is a security group on iMaster NCE Campus
- A security group can be statistically bound to an IP address or an IP address segment
- A resource group can be statistically bound to an IP address or an IP address segment
36. When an NVE encapsulates a data frame into a VXLAN packet information of which of the
following protocols is encapsulated between the outer and the VXLAN header?
- IP
- UDP
- TCP
- Ethernet
37. Which of the following statements does not cause the flapping of a VRRP group?
- Packet loss on an interface of the backup device
- Too small interval between advertisement packet transmissions
- Flapping on the link transmitting VRRP advertisements packets
- Inconsistent preemption delay settings
38. Which of the following statements is correct about security groups and resource groups in
Huawei’s free mobility solution?
- When resource groups are used, the policy enforcement device generates a policy for each
resource group
- Service resources with overlapping IP addresses can be differentiated using static security
groups
- When administrators configure a policy control matrix the source and destination groups of
policies can be resource groups
- The IP addresses of users in dynamic security groups are not fixed, they are dynamically bound
to security groups after user authentication
39. Which of the following is not one of the three roles defined in policy association?
- Terminal
- Policy enforcement point
- Authentication execution point
- Authentication control point
40. On a campus network which of the following address allocation modes is recommended to
facilitate management of devices such as servers, video surveillance devices?
- Dynamic IP address allocation through DHCP
- Address binding during PPPoE authentication
- Dynamic IP address allocation through the BOOT protocol
- Static address allocation through DHCP based on MAC addresses
41. NETCONF operations can take place on the three types of configuration datastores. That is the
configuration datastores can be flexibly read and edited to NETCONF operations to deliver, verify
and roll back configuration. Which of the following configuration datastores are supported by
NETCONF?
- Backup configuration datastore
- Startup configuration datastore
- Running configuration datastore
- Candidate Configuration datastore
42. Which of the following are typical application scenarios for iMaster NCE service openness and
programmability?
- Allow users to define network services and quickly deliver these services through the web UI
- Interconnect with southbound devices using NETCONF or sTelnet
- Automatically generate northbound RESTful APIs
- Manage other vendor devices and interconnect with 3rd party devices quickly
43. Which of the following statements about SR MPLS policy path planning are correct?
- When planning paths based on delay TWAMP or ZIT is advance to measure real time network
delay
- If you use the controller to plan SR MPLS policy paths only primary and backup paths can be
deployed and local balancing cannot be implemented for the primary path
- When statistically planning SR MPLS Policy paths you can plan load balancing for the primary
path
- When planning paths based on bandwidth you need to set the available bandwidth of each
interface in advance
44. Which of the following commands are mandatory for configuring an OSPF based SR MPLS TE
tunnel?
- Enable the opaque capability of OSPF
- Enable MPLS TE in the OSPF process view
- Configure the LSR ID for routers
- Enable segment routing in the OSPF process views
45. Network traffic optimization eliminates network congestion through a series of actions. Which
of the following phases do network traffic optimization include?
- Optimization result delivery
- Path computation for network traffic optimization
- Network information collection
- Network bandwidth reservation
46. Which of the following statements regarding forwarding equivalence class (FEC) in MPLS are
incorrect?
- MPLS classifies packets with the same forwarding processing mode into one FEC
- One FEC has only one unique label marker
- Packets with the same FEC are processed differently on a MPLS network
- FECs can be divided flexibly by source IP address destination IP address service port destination
port protocol type VPN or any combination of them
47. As shown in the figure PE1 establishes an EVPN peer relationship with each of PE2 and PE3
when the network is initiated CE1 sends an ARP request packet Which of the following
statements are correct about how PE processes the packet?
- When forwarding the packet to PE1. PE1 needs to add the BUM traffic label allocated by PE3 to
the packet.
- PE3 forwards the packet to CE3
- PE1 sends a MAC/IP advertisement route carrying the MAC address of CE1
- PE2 forwards the packet to CE1
48. What can be determined from the following figure?

- R1s GE0/0/1 has level 2 capabilities
- There must be a level 2 LSDB on R1
- R1’s GE0/0/0 has level 2 capabilities
- R1 has two IS-IS neighbors
49. There are three households in a residential building Households A B and C?
Household A leases 30 Mbits/s network bandwidth and purchases the IP voice. IPTV and broadband
internet access services.
Household B leases 20 Mbits/s network bandwidth and purchases the IPTV and broadband internet
access services
Household C leases 10 Mbits/s broadband network and purchases only the broadband internet
access services
The carrier configuration HQoS on the access device as shown in the following figure. Which of the
following statements are correct?
- A maximum of 10 Mbits/s bandwidth can be obtained for the broadband internet access service
of both households A and C
- A maximum of 30 Mbits/s bandwidth can be obtained for the IP voice service for he household A
and maximum of 10 Mbits /s bandwidth can be obtained for the IPTV service of household B
- A maximum of 30 M bits/s bandwidth can be obtained for the IPTV service of household A and
maximum of 10Mbits/s bandwidth can be obtained fo the broadband internet access service of
household C
- A maximum of 30 Mbits/s bandwidth can be observed for the broadband internet access service
of household A and a maximum of 20 Mbits/s bandwidth can be obtained for the IPTV service of
household B
51. Ethernet supports broadcast. Once a network loop occurs this simple broadcast mechanism will
cause catastrophic consequences. Which of the following symptoms may be caused by a loop?
- The display interface command output shows a large number of broadcast packets
received on an interface
- The CPU usage exceeds 70%
- A list of ICMP packets are lost in ping ???
- Users cannot log into the device remotely
52. As shown in the figure PE1 PE2 establish MP-BGP peer relationship through the loopback0
interfaces. After the configuration is complete, CE1 CE2 can no longer learn routes from each
other. What are the possible causes of the problem?
- PE1 and PE2 is not configured as a BGP peer in the BGP-VPNv4 unicast Address family view
- VPN instance parameters are incorrectly configured on PE1 and PE2
- The routing protocol for communication between a CE and PE1 or PE2 is incorrectly configured
- No LSP is established between PE1 and PE2
53. Which of the following topologies does the overlay network support in the Huawei SD-WAN
solution?
- Partial mesh
- Hierarchical
- Full Mesh
- Hub-Spoke
54. Which of the following statements are correct about the security protocols used by iPsec?
- All performs integrity check for an entire IP packets
- Both AH and ESP support tunnel encapsulation
- ESP encrypts the entire IP packet
- ESP is an IP-based transport layer protocol with the protocol number 50
55. Which of the following statements regarding the ingress mode in MPLS forwarding process are
correct?
- After receiving a data packet the ingress mode searches for tunnel IO in the ILM table to
associate LHB and NHLFE entries
- The ingress mode checks the NHLFE entry to obtain the outbound interface, next hop, outgoing
label, and label operation type. The Label operation type is push
- The ingress mode adds the obtained label to the IP Packet, Process EXP by QoS policy , processes
the TTL and forwards the encapsulated MPLS packet to the next loop.
56. When you configure the underlay automation resource pool for a fabric on iMaster NCE Campus
which of the following parameters need to be set?
- Router ID
- Device interconnection VLAN
- Device interconnection IP address
- Loopback interface address

HCIE-Datacom V1.0 Mock Exam No Pass Score：
All Just look at th Single-answer Question Question7/60 U

Question5 （15 Points）
Question6 （15 Points） 7、In an inter-AS MPLS L3VPN scenario, if only LDP and BGP are used to distribute labels, which of t
three layers of MPLS label during packet forwarding?
A. OptionA
B. OptionB

C. OptionC
Question11 （15 Points） D. HoVPN
Previous Next
Wrong answer My Score：0 Point(s) Correct answer：C

Multi-answer Question 20

Wrong 59 Unanswered 56

8、Which of the following is the default interval for sending BGP Keepalive packets?
Question8 （15 Points） A. 10s
Question9 （15 Points） B. 60s
Question10 （15 Points） C. 100s
Question11 （15 Points） D. 180s
Question13 （15 Points） Previous Next
Question15 （15 Points） Wrong answer My Score：0 Point(s) Correct answer：B
i （ i ）

9、Which of the following queue scheduling algorithms can avoid starvation of low-priority queues
Question9 （15 Points） A. FIFO
Question10 （15 Points） B. SP
Question11 （15 Points） C. WFQ
Question12 （15 Points） D. WRED
Previous Next
Question16 （15 Points） Wrong answer My Score：0 Point(s) Correct answer：C
10、In an MPLS L3VPN scenario, which of the following protocols is used by PEs to transmit VPN rou

A. MPLS LDP
Question11 （15 Points） B. MP-BGP
Question12 （15 Points） C. OSPF
Question13 （15 Points） D. IS-IS
Previous Next
Wrong answer My Score：0 Point(s) Correct answer：B


11、Which of the following is the destination IP address of an MPLS LDP Hello packet?
A. 224.0.0.1
Question12 （15 Points） B. 224.0.0.2
Question13 （15 Points） C. 224.0.0.5
Question14 （15 Points） D. 224.0.0.18
Previous Next


12、VXLAN uses UDP to encapsulate user data. Which of the following is the default destination por
A. 80
B. 4789

C. 8080
Question15 （15 Points） D. 179
Previous Next


13、In which of the following inter-AS MPLS L3VPN solution, the ASBR is unaware of VPN routing in
A. OptionA
B. OptionB
C. OptionC
D. HoVPN

Previous Next


14、Which of the following route types is used by EVPN to implement L2VPN fast convergence?
A. Type1
B. Type2
C. Type3
D. Type4

Previous Next

Wrong answer My Score：0 Point(s) Correct answer：A

15、IS-IS supports LSP fragment extension, Which of the following is the maximum number of LSP f
Question14 （15 Points） carry?

A. 1

B. 64

C. 128
D. 256
Question21 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：D

16、Which of the following can be matched by the regular expression “^(100 | 200)$”?
A. 100 200
B. 102
C. 100
D. 201

Previous Next


17、When a BGP device that supports 4-byte AS numbers transmits the AS_Path attribute to a BGP d
Question16 （15 Points） byte AS numbers, which of the following is the 4-byte AS number replaced with?
Question17 （15 Points） A. 65535
Question18 （15 Points） B. 100

C. 12345

D. 23456
Previous Next

18、In an MPLS L3VPN scenario, the ingress PE carries two labels when forwarding user data. Which

allocates the outer label?
Question18 （15 Points） A. MPLS LDP
Question19 （15 Points） B. MP-BGP
Question20 （15 Points） C. OSPF
Multi-answer Question 20 D. IS-IS
Previous Next

Wrong answer My Score：0 Point(s) Correct answer：A

（）
Question17 （15 Points） 19、Which of the following is the total length of an MPLS header?

A. 10 byte
B. 2 byte
C. 4 byte
D. 20 byte
Question24 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：C

Quest o （ 5 o ts）
Question18 （15 Points） 20、Which of the following is the default cost value of a GigabitEthernet interface running OSPF?

A. 1

B. 10
C. 100

D. 1000
Question25 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：A
All Just look at th Multi-answer Question Question21/60 U

Question19 （15 Points） 21、Which of the following statements about the default label distribution mode, label distribution
mode of Huawei devices are correct?
A. The label advertisement mode is DU.

B. The label advertisement mode is DoD.

C. The label distribution control mode is ordered.


D. The label retention mode is conservative.

Previous Next
Wrong answer My Score：0 Point(s) Correct answer：AC


Question20 （15 Points） 22、Which of the following are the advantages of EVPN?
Multi-answer Question 20 A. Automatic discovery of PE members
Question21 （25 Points） B. Multi-active CE access
Question22 （25 Points） C. ECMP
Question23 （25 Points） D. Fast convergence
Question27 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：ABCD

23、OSPF supports route summarization. Which of the following LSAs can carry summarized routes?
Question21 （25 Points） A. Type1
Question22 （25 Points） B. Type3
Question23 （25 Points） C. Type4
Question24 （25 Points） D. Type5
Previous Next
Question28 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：BD

24、Which of the following technologies can improve campus network reliability?

Question22 （25 Points） A. VRRP
Question23 （25 Points） B. Eth-Trunk
Question24 （25 Points） C. iStack
Question25 （25 Points） D. CSS
Previous Next

Wrong answer My Score：0 Point(s) Correct answer：ABCD
i （ i ）

25、Which of the following LSAs can a router running OSPF generate a default route based on?
A. Type2
B. Type3
Question25 （25 Points） C. Type4
Question26 （25 Points） D. Type5
Previous Next
Wrong answer My Score：0 Point(s) Correct answer：BD


26、Which of the following methods can be used to push Telemetry data on Huawei devices?
A. UDP
B. gRPC

C. HTTP
Question27 （25 Points） D. NETCONF
Previous Next
Wrong answer My Score：0 Point(s) Correct answer：AB


27、Which of the following information is carried in MP_REACH_NLRI of MP-BGP VPNv4 routes?
A. Export RT
B. Import RT
C. RD
D. Next Hop

Previous Next
Wrong answer My Score：0 Point(s) Correct answer：CD


28、Which of the following causes may cause the failure to establish an OSPF neighbor relationship?
A. Router ID conflict
B. Inconsistent area ID
C. Inconsistent interface mask

D. Inconsistent process ID

Previous Next

Wrong answer My Score：0 Point(s) Correct answer：ABC
True of False Question 20

29、When a tunnel is configured using commands, which of the following types of tunnels do not re
Question26 （25 Points） creation?

A. MPLS LDP

B. SR-MPLS BE

C. SR-MPLS TE

D. SR-MPLS Policy
Question34 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：ABD

30、On an MPLS VPN network, when a PE imports VPN routes learned from other PEs to OSPF, whic
Question27 （25 Points） generated?
Question28 （25 Points） A. Type1

B. Type3

C. Type5

D. Type7
Question35 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：BCD

31、Which of the following technologies can carry IPv6 service traffic over an IPv4 network?
A. 6PE
B. NAT46
C. GRE tunneling
D. 6VPE

Previous Next

Wrong answer My Score：0 Point(s) Correct answer：ACD
Question28 （25 Points） 32、Which of the following overlay network topologies are supported by Huawei SD-WAN solution?

A. Hub-Spoke
B. Full-mesh
C. Partial-mesh
D. Hierarchical

Previous Next


Q （）
Question29 （25 Points） 33、Which of the following attributes are carried by the routes reflected by a BGP RR by default?

A. Cluster_List

B. Originator_ID
C. AS_Path
D. Next Hop

Previous Next


Question30 （25 Points） 34、Which of the following service modes does gRPC support?

A. Unary RPCs

B. Server streaming RPCs

C. Client streaming RPCs
D. Bidirectional streaming RPCs


Question31 （25 Points） 35、Which of the following algorithms need to be negotiated for the SSH transport layer protocol?
Question32 （25 Points） A. Secret key exchange algorithm

B. Public key algorithm

C. Symmetric encryption algorithm

D. Message authentication algorithm
Question39 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：ABCD

Question32 （25 Points） 36、The information center is the information hub of the device. Which of the following information
Question33 （25 Points） A. Log information
Question34 （25 Points） B. Trap information

C. Debug information

D. Banner information
Question40 （25 Points） Wrong answer My Score：0 Point(s) Correct answer：ABC



37、Which of the following protocols can be used by HUAWEI SDN controller to configure network d
Question34 （25 Points） A. NETCONF
Question35 （25 Points） B. SNMP
Question36 （25 Points） C. Telemetry

D. iFIT

Wrong answer My Score：0 Point(s) Correct answer：AB
Q ti 49 （10 P i t ）

38、Which of the following protocols can be extended to support SRv6?

Question35 （25 Points） A. OSPFv2
Question36 （25 Points） B. IS-IS
Question37 （25 Points） C. BGP
Question38 （25 Points） D. MPLS LDP
Wrong answer My Score：0 Point(s) Correct answer：BC

i （1 i ）

39、Which of the following types of queues are categorized by HQoS?

Question36 （25 Points） A. Flow queue
Question37 （25 Points） B. User queue
Question38 （25 Points） C. Interface queue
Question39 （25 Points） D. Control queue
Previous Next

40、Which of the following statements about NETCONF and RESTCONF are correct?
Question37 （25 Points） A. NETCONF supports rollback.
Question38 （25 Points） B. RESTCONF uses the HTTP operation method and does not support rollback.
Question39 （25 Points） C. Both NETCONF and RESTCONF implement device configuration based on YANG files.
Question40 （25 Points） D. The NETCONF content layer supports the XML and JSON encoding modes.

Previous Next

All Just look at th True of False Question Question41/60 U

41、In the inter-AS MPLS L3VPN Option A solution, MPLS does not need to be enabled on the interf
True
Question39 （25 Points） False
Previous Next

Wrong answer My Score：0 Point(s) Correct answer：True

42、XML is the encoding format of NETCONF. XML predefined multiple tags, such as <note>, <to>,
True
False

Previous Next

Wrong answer My Score：0 Point(s) Correct answer：False

43、When the network topology is unstable, network engineers can set the interval for updating OS
Question39 （25 Points） or route changes can be immediately advertised to the network through LSAs, speeding up OSP

True

False
Question44 （10 Points） Wrong answer My Score：0 Point(s) Correct answer：False

44、By default, an IS-IS Level-1 router automatically generates a default route after receiving an LSP
True
False

Previous Next


45、An SR Policy tunnel is identified by a triplet: Headend, Color, and Endpoint.

True
False

Previous Next

True of False Question 20 46、The NETCONF client sends YANG files to the NETCONF server to configure the NETCONF server,
address.
Question42 （10 Points） True
Previous Next


Question41 （10 Points） 47、The policy enforcement point must be the authentication point and is usually deployed on the u

True

False

Question42 （10 Points） 48、In any case, an IS-IS Level-1-2 router generates an LSP with ATT bit set.

True

False

Question43 （10 Points） 49、Paramiko has multiple built-in classes. The SSHClient class integrates the Transport, Channel, an

False
Question49 （10 Points） Wrong answer My Score：0 Point(s) Correct answer：True

50、Only directly connected routers can establish MPLS LDP sessions.
True
False

Previous Next


51、BGP EVPN Type2 routes can be used to transmit ARP information.
True
False

Previous Next


52、The label range for MPLS LDP is 16 to 1023.
True
False

Previous Next


53、An SRv6 Policy tunnel can contain multiple candidate paths, which can forward user traffic at th
True
False

Previous Next


54、By default, Virtual systems of the FW are isolated and hosts in different virtual systems are not a
Question44 （10 Points） other.

55、EVPN can function as the control plane of L2VPN or L3VPN.
True
False

Previous Next


56、In an MPLS L3VPN network, if the domain ID received by a PE is different from local, the PE can
Question44 （10 Points） LSAs when importing the route to OSPF.

57、When OSPFv3 is configured, the router ID must be manually specified and the total length of th
True
False

Previous Next


58、By default, IS-IS calculates the shortest path tree for IPv4 and IPv6 topologies separately.
True
False

Previous Next


59、Both NETCONF and RESTCONF can be used to configure network devices. However, only one of
Question44 （10 Points） network device.

60、Segment Routing (SR) is a technical architecture designed based on the source routing concept
Question44 （10 Points） network.
Question48 （10 Points） Previous
Single-answer Question 20
1、When both a PC and a printer are connected to an access device interface, which of the following
Question1 （15 Points） used to ensure network security and the printer can access the network?
Question2 （15 Points） A. MAC address authentication

B. 802.1X authentication

C. Portal authentication

D. MAC bypass authentication
Question7 （15 Points） Next

2、When a BGP router receives a route carrying which of the following types of community, it does n
A. 0
B. No_Advertise
C. No_Export
D. No_Export_Subconfed

Previous Next


3、In an MPLS L3VPN scenario, a Sham Link creates an intra-area link between two PEs. Which of the

of the Sham Link?
Question4 （15 Points） A. 1
Question5 （15 Points） B. 10
Question6 （15 Points） C. 100
Question7 （15 Points） D. 1000
Question11 （15 Points） Wrong answer My Score：0 Point(s) Correct answer：A

（）
Question3 （15 Points） 4、MP_REACH_NLRI is added to MP-BGP. Which of the following AFI values indicates that IPv6 route

A. 1
B. 2
C. 16
D. 70

Previous Next


Question4 （15 Points） 5、An SRv6 SID contains multiple fields. Which field can be used to generate IPv6 routes?

A. Locator

B. Function

C. Arguments
D. Flow Label

Congratulations, you got it! My Score：15 Point(s) Correct answer：A

Question5 （15 Points） 6、Which of the following technologies can provide deterministic experience in the Huawei CloudW
Question6 （15 Points） A. SRv6 Policy

B. FlexE

C. iFIT

D. Telemetry
Question13 （15 Points） Wrong answer My Score：0 Point(s) Correct answer：B
KillTest
*KIJGT 3 WCNKV [ $ GV V GT 5 GT X KE G
Q&A
NZZV ]]]QORRZKYZIUS
=KULLKXLXKK[VJGZKYKX\OIKLUXUTK_KGX
The safer , easier way to help you pass any IT exams.
Exam : H12-891_V1.0-ENU
Title : HCIE-Datacom V1.0
Version : V9.02
1 / 149
1.According to different network conditions, Layer 2 Portal authentication or Layer 3 Portal1

authentication can be deployed in the network. Which of the following descriptions is wrong?
A. When there is a Layer 2 network between the client and the access device, that is, the client and the
access device are directly connected (or only Layer 2 devices exist between them), then Layer 2 Portal
authentication can be configured.
B. When using Layer 2 authentication, the access device can learn the MAC address of the client, and the
access device can only use the MAC address to identify the user
C. When there is a Layer 3 network between the client and the access device, that is, there is a Layer 3
forwarding device between the client and the access device, you need to configure Layer 3 Portal
authentication.
D. When using Layer 3 authentication, the access device can learn the IP address of the client and use
the IP address to identify the user
Answer: B
2.In the campus VXLAN network, which of the following equipment is used to connect the Fabric and the
external network of the Fabric?
A. Extended
B. Brder
C. Transparent
D. Edge
Answer: B
3.In the scenario of establishing a VXLAN tunnel in the BGP EVPN state, which of the following
descriptions about the role of BGP EVPN Type 3 routes is wrong?
A. If the VTEP IP address carried by the received Type3 route is reachable by the Layer 3 route, a VXLAN
tunnel to the peer will be established.
B. Type3 routing will carry L3 VNI
C. Type3 routing transmits Layer 2 and VTEP IP address information
D. In the case where the VTEP IP address of the Type3 route is reachable at Layer 3, if the peer end is
the same as the local end, a headend replication table is created for subsequent BUM packet forwarding
Answer: B
4.The GRE tunnel supports the MPLS LDP function.

A. TRUE
B. FALSE
Answer: A
5.BIER, as a new forwarding technology, adopts the basic IGP routing protocol and unicast routing
forwarding mechanism, so that there is no need to run IGMP between the multicast receiver and the
multicast router.
A. TRUE
B. FALSE
Answer: B
2 / 149
6.In the process of client SSH login to a server configured with username and password authentication
only, it will not go through the key exchange stage (no key will be generated).
A. TRUE
B. FALSE
Answer: B
7.As shown in the figure, which of the following descriptions is wrong?

The packet information of VLAN configuration delivered by NETCONF protocol is as follows:
A. The purpose of this NETCONF message is to create VLAN 10 on the device.

B. The <target> tag indicates the configuration library used by the NETCONF message. In this example, it
is the startup configuration library.
C. <edit-config> indicates that the function of the message is to modify, create or delete configuration
data
D. <protocol Vlan xc: operation="merge"> means modify the existing or non-existing target data in the
configuration database, create if the target data does not exist, and modify if the target data exists
Answer: B
8.Which of the following descriptions about BGP/MPLS IP VPN routing interaction is wrong?
A. After receiving the VPNv4 route advertised by the ingress PE, the egress PE filters the VPNv4 routes
according to the RT attribute carried by the route.
B. The egress PE can send IPv4 routes to the remote CE through BGP, IGP or static routes
C. The exchange between PE and CE is IPv4 routing information
D. The ingress PE converts the IPv4 routes received from the CE into VNPv4 routes, and saves them
according to different VPP instances
Answer: A
9.Network slicing technology can divide exclusive network resources in the network to carry high-value
service traffic. Which of the following descriptions about network slicing is wrong?
A. The channelized sub-interface technology adopts single-layer scheduling to realize flexible and refined
management of interface resources and provide bandwidth guarantee
3 / 149
B. Generally, network slicing can be realized based on the channelized sub-interface FlexE technology
C. The layer used by the network slicing technology is different from that of the SR tunnel, and can be
used at the same time as the SR tunnel
D. FlexE technology divides resources according to TDM time slots, satisfies the requirements of
exclusive resource sharing and isolation, and realizes flexible and refined management of interface
resources
Answer: A
10.Based on the information given in the figure, which of the following statements is correct?
A. Unable to determine the device type of R3

B. The device type of R3 must be Level-1-2
C. The device type of R3 must be Level-2
D. The device type of R3 must be Level-1
Answer: B
11.Which of the following regular expressions can match only the BGP route entries that pass through
AS300 and then AS200?
A. ^200|^300
B. 200$|300$
C. _200 (200 300) _
D. _200[200 300]_
4 / 149
Answer: C
12.As shown in the figure, the host implementing the 10.0.1.0/24 network segment accesses 10.0.4.0/25
unidirectionally through virtual system a (vsysa) and virtual system b (vsysb). Which of the following
commands need to be used to configure the route?
A. Configure the following command on virtual execution system b: ip router-static vpn-instance vsysb 10.
0.1.0 255.255. 255.0 vpn-instance vsysa
B. Configure the following command on virtual system a: ip route-static 10.0.1.0 255. 255.255.0 10.1.2.1
C. Configure the following command on virtual system a: ip route-static vpn-instance vsysa 10.0.4.0
255.255.255.0 vpn-instance vsysb
D. Configure the following command on virtual execution system b: ip route-static 10.0.4.0 255. 255.
255.0 10. 0.34.4
Answer: C
13.Which of the following descriptions about the difference between SPFv2 and SPFv3 are correct?
A. Both SPFv2 and SPFv3 support interface authentication, and OSPFv3 authentication is still
implemented based on the fields in the SPF packet header
B. SPFv3 is similar to SPFv2 and uses the multicast address as the destination address of SPF packets
C. SPEv2 and OSPFv3 have the same type of packets: Hello, ODD, LSR, LSU, LSAack, and their packet
formats are the same
D. The protocol number of SPFv2 in the IPv4 header is 89, and the next header number of OSPFv3 in the
IPv6 header is 89
Answer: B
14.When troubleshooting the BGP neighbor relationship, the network administrator finds that two directly
connected devices use the Loopack port to establish a connection, so run display current-configuration
configuration bgp to check the configuration of peer ebgp-mat-h p h p-c tnt.
Which of the following descriptions about the command is correct?
A. h p-c unt must be greater than 15
B. h p-c unt must be greater than 255
C. h p-c unt must be greater than 12
D. h p-c unt must be greater than 1
Answer: D
15.When there are multiple redundant links in the IS-IS network, there may be multiple equal-cost routes.
Which of the following descriptions about equal-cost routing in an IS-IS network is wrong?
A. When the number of equal-cost routes in the network is greater than the number configured by the
command, and these routes have the same priority, the route with the larger system ID of the next hop
device is preferred for load balancing
5 / 149
B. If load balancing is configured, the traffic will be evenly distributed to each link
C. After the equal-cost route priority is configured, when the IS-IS device forwards the traffic reaching the
destination network segment, it will not adopt the load balancing method, but forward the traffic to the next
hop with the highest priority
D. For each route in the equal-cost route, a priority can be specified, the route with the highest priority will
be preferred, and the rest will be used as backup routes
Answer: C
16.Which of the following descriptions about traffic policing is correct?

A. Traffic policing can only be used in the inbound direction
B. Traffic policing will cache traffic that exceeds the limit
C. Traffic policing can only be done in the outbound direction
D. Traffic policing will drop traffic that exceeds the limit
Answer: D
17.IS-IS is a link-state routing protocol that uses the SPF algorithm for route calculation.
As shown in the figure, a campus deploys both IPv4 and IPv6 and runs IS-IS to achieve network
interconnection. R2 only supports IPv4.
Which of the following statements about the topology calculation of this network is correct?
A. If you want IPv4 and IPv6 network computation to form the same shortest path tree, you need to run
the ipv6 enable topology ipv6 command to enable the IPv6 capability in the IS-IS process
B. By default, since R2 does not support IPv6, in the shortest path tree formed by IPv6 network
calculation, the path from R1 to R4 is: R1-R3-R4
C. By default, IPv4 and IFv6 networks will be calculated separately to form different shortest path trees
D. By default, in the shortest path tree formed by IFv6 network calculation, the path from R1 to R4 is
R1-R2-R4. Since R2 does not support IFv6, R2 will directly discard IPv6 packets after receiving them,
causing traffic lost
Answer: D
18.When the switch is deployed with DHCP option 148, which of the following information will not be
provided by the DHCP server to the switch to be deployed?
A. The IP address of the cloud management platform
6 / 149
B. The port number of the cloud management platform

C. The port number of the device to be deployed
D. The IP address of the device to be deployed
Answer: D
19.When the user encounters different events during the authentication process, the user is in an
unsuccessful authentication state. At this time, you can configure the authentication event authorization to
meet the needs of these users to access specific network resources.
Which of the following descriptions about authentication event authorization is wrong?
A. If the user's network access rights are not configured when the authentication fails or the authentication
server is Down, after the user authentication fails, the user remains in the pre-connected state and has
the network access rights of the pre-connected user
B. Authentication event authorization can support authorization parameters including VLAN, user group
and business scheme
C. Events that can trigger authentication event authorization include authentication server Down,
authentication server unresponsive, and pre-connection, etc. Authentication failure cannot trigger
authentication event authorization
D. Authorization of a non-authentication success state, also known as escape. For different authentication
methods, there are different escape schemes. Some escape schemes are shared, and some escape
schemes are only supported by specific authentication methods.
Answer: C
20.In the virtualized campus network deployed through ilMaster NCE-Campus, some key parameters
need to be configured in the authorization rules for access authentication. Which of the following is not
included?
A. Binding authentication rules
B. Access method
C. Bind the authorization result
D. Authorization Rule Name
Answer: B
21.Which of the following extended community attributes is used by BGP EVPN to advertise the migration
of connected VMs?
A. RT
B. EVPN Router’s MAC Extend Community
C. MAC Mobility
D. RD
Answer: B
22.In the Huawei SD-WAN solution, which of the following routing protocols are used to transmit VPN
routes between CPEs?
A. BGP
B. RIP
C. SPF
7 / 149
D. IS-IS
Answer: A
23.The OSPF-based SR-MPLS function is enabled on all routers in a network. The SREB of each router
is shown in the figure. By default, when R3 forwards a packet whose destination address is 10.0.4.4,
which of the following MFLS labels is carried item?
A. 3
B. 100
C. 40100
D. 50100
Answer: D
24.SR-MPLS Policy can use BGP extension to transmit tunnel information, as shown in the figure.
Among them, SR-MPLS Policy is optimized by which of the following parameters?

A. Priority
B. Preference
C. Weight
D. Binding SID
Answer: C
25.The network administrator enters display telemetry subscription on the device to view the Telemetry
subscription information, and the output is as follows. Which of the following descriptions is wrong?
8 / 149
A. The subscription name is Sub1

B. The device sends sampling data every second
C. The IP address of the device is 192.168.56.1
D. The subscription method is static subscription
Answer: C
26.Which of the following statements about the difference between NSR and NSF is correct?
A. NSF must rely on neighbor routers to complete
B. Both NSR and NSF require neighbor routers to complete
C. NSF can be done without neighbor routers
D. NSR must rely on neighbor routers to complete
Answer: A
27.The RF function of the BGP protocol can control the routing entries sent by the neighbors.
Which of the following tools does a BGP router need to use for this purpose?
A. Filter-Policy
B. IP Prefix List
C. ACL
D. Route-Policy
Answer: B
28.In the process of establishing an LDP session, the active party will first send Initialization information to
negotiate parameters. If the passive party does not accept the negotiated parameters, which of the
following messages will be sent?
A. Error Notification Message
B. Initialization Message
C. Hell Message
D. Keepalive Message
Answer: A
9 / 149
29.If the configuration of IS-IS can be found through the display current-configuration command, but the
configuration of IS-IS cannot be found through the display saved-configuration command, which of the
following is the possible reason?
A. The running IS-IS configuration in the memory is not saved to Flash
B. No IS-IS command entered
C. Flash running IS-IS configuration, not saved to memory
D. The running IS-IS configuration in memory has been saved to Flash
Answer: A
30.The IS-IS Level-1 neighbor relationship between R3 and R4 is not established.

[R3] display isis error
Hell packet errors：
... ...
Repeated System ID：0 Bad Circuit Type：0
Bad TLV Length：0 Zer Holding Time：0
Unusable IP Addr：0 Repeated IPV4 Addr：0
Mismatched Area Addr（L1）：13 Mismatched Prot：0
SNPA Conflicted（LAN）：0 Mismatched Level：0
Mismatched Max Area Addr：0 Bad Authentication：0
... ...
[R3]
Based on the information in this graph, which of the following is the likely cause?
A. The IIH authentication of R3 and R1 failed
B. The circuit-type of the interconnection interface of R3 and R4 does not match
C. The IS-Level of R3 and R4 do not match
D. The area numbers of R3 and R4 are different
Answer: D
31.Which of the following does not belong to the scope of dynamic data collection on the live network
before cutover?
A. Routing Protocol Status
B. ARP entry
C. Port Status
D. SNMP version
Answer: C
32.The network administrator uses ACL and only wants to match the four routing entries whose Num
numbers are 1, 3, 5, and 7 in the figure. What are minimum numbers of ACL ruler need to be configured
by the network administrator?
10 / 149
A. 3
B. 3
C. 1
D. 2
Answer: C
33.As shown in the figure, the ARP broadcast suppression function is enabled in the BD20 domain on
VTEP1, and VTEP1 has learned the ARP information of PC2 through the BGP EVPN route. When the
ARP request sent by PC1 for PC2 is forwarded by VIEP1 to VIEP2, which of the following is the
destination MAC address of the inner data frame?
A. MAC C
B. MAC A
C. MAC B
D. MAC D
Answer: D
34.Which of the following statements about choosing an authentication point location in a network is
incorrect?
A. Deploying authentication at the access layer of the network is conducive to fine-grained management
of permissions and high network security
B. After the user authentication point is moved from the access layer to the aggregation layer, the user's
MAC authentication may fail
C. Setting the user authentication point at the access layer has advantages and disadvantages compared
to setting it at the aggregation layer or the core layer. Policy linkage can be used as a solution.
11 / 149
D. When the user authentication point is moved from the access layer to the aggregation layer and the
core layer, the number of authentication points is greatly reduced, which can effectively relieve the
pressure on the AAA server
Answer: B
35.Which of the following descriptions about "security group" and "resource group" is wrong in Business
Travel?
A. The resource group supports static binding of IP addresses or address segments
B. On iMaster NCE-Campus, the UCL group is the security group
C. The any group can be used as both a source group and a destination group
D. The security group supports static binding of IP addresses or address segments
Answer: C
36.Compared with traditional networks, SD-WAN can better ensure application experience. Which of the
following is the main reason?
A. SD-WAN can use IPsec technology to realize encrypted transmission of packets
B. SD-WAN can provide different routing strategies and different QoS strategies for different applications
C. SD-WAN can build various networking types such as Full Mesh, Hub-Spoke, Partial Mesh, etc.
D. SD-WAN can realize multi-department business isolation based on VRF
Answer: B
37.Assuming that there are 5 segment IDs in the SRH of an SRv6 packet, when the packet reaches the
third router on the forwarding path, the node will set the segment ID numbered by which of the following
as the IPv6 destination address?
A.5
B.2
C. Not sure
D.3
Answer: D
38.Which of the following descriptions about Prefix Segmente is incorrect?

A. On Huawei devices, Prefix Segment ID supports manual configuration and automatic protocol
configuration
B. Prefix Segment is identified by Prefix Segment ID (SID)
C. Prefix Segment is used to identify a destination address prefix in the network
D. Prefix Segment spreads to other network elements through IGP protocol, globally unique
Answer: D
39.The following is a part of the NETCONF protocol message, <rpc xmlns="urn:ietf:params:xml:ns:netc

nf:base:1.0" message-id="1024">Where is it located in the NETCONF architecture layer?
A. Transport layer
B. Message layer
C. Content Layer
D. Operation layer
12 / 149
Answer: B
40.There are multiple protocols that can change or obtain network device data. Which of the following
protocols cannot be used to change network device data?
A. SNMP
B. NETCONF
C. RESTC NF
D. IPsec
Answer: D
41.When the client calls the iMaster NCE-Campus login authentication RESTful interface, the method
used is POST, and the request message body format is {"userName": "xxx", "password": "xxx"}
A. TRUE
B. FALSE
Answer: B
42.BGP-LS (BGP Link State) carries information such as links, nodes and topology prefixes.
A. TRUE
B. FALSE
Answer: A
43.Enterprises can access the Internet through dial-up connection, xDSL, xPON, etc.
A. TRUE
B. FALSE
Answer: B
44.NVE is a network entity that realizes the function of network virtualization, and can only be a hardware
switch.
A. TRUE
B. FALSE
Answer: B
45.Switch stacking and cross-device link aggregation can be deployed to achieve link reliability in small
and medium-sized campus scenarios.
A. TRUE
B. FALSE
Answer: A
46.Using BGP EVPN as the control plane of VXLAN can completely avoid traffic flooding in the VXLAN
network, such as ARP broadcast packets.
A. TRUE
B. FALSE
Answer: B
13 / 149
47.When MPLS is deployed in the network and the network layer protocol is IP, the route corresponding
to the FEC must exist in the IP routing table of the LSR, otherwise the label forwarding entry of the FEC
will not take effect.
A. TRUE
B. FALSE
Answer: A
48.When there is a relay device between the DHCP client and the server, if the IP address in the global
address pool of the DHCP server is not in the same network segment as the IP address of the VLANIF
interface connected to the client on the relay device, it will cause a DHCP failure.
A. TRUE
B. FALSE
Answer: A
49.In order to speed up the sensing speed of link failure in IS-IS network, IS-IS can be linked with BFD.
A. TRUE
B. FALSE
Answer: A
50.In the dual-system hot backup scenario of the firewall, the heartbeat interface can be directly
connected physically, or it can be connected through an intermediate device such as a switch or router.
A. TRUE
B. FALSE
Answer: A
51.BGP/MPLS IP VPN can only use LDP to build public network tunnels.
A. TRUE
B. FALSE
Answer: B
52.YANG technology originated from netconf but is not only used for netconf.
A. TRUE
B. FALSE
Answer: A
53.For the telemetry side, both json and GPE are supported.
A. TRUE
B. FALSE
Answer: B
54.The SRP technology can flexibly select the egress link based on the link quality.
A. TRUE
B. FALSE
Answer: A
14 / 149
55.When the Next header is 43, it must be SRH.

A. TRUE
B. FALSE
Answer: B
56.protobus is a language-independent and platform-independent method of serializing structured data,

which pays more attention to efficiency, resulting in poor space, speed, and read and write speeds.
A. TRUE
B. FALSE
Answer: B
57.For telemetry data push, devices and collectors can be based on TLS. If GRPC is used, TLS must be
used.
A. TRUE
B. FALSE
Answer: B
58.Netconf uses SSL to achieve secure transmission, and uses the mechanism of RPC remote invocation
to achieve client to server communication.
A. TRUE
B. FALSE
Answer: B
59.In the Huawei SD-WAN networking solution, the RR must use an independent device and cannot be
deployed on the same device with the CPE.
A. TRUE
B. FALSE
Answer: B
60.iFIT supports the measurement of end-to-end service packets, so as to obtain performance indicators
such as packet loss rate and delay of real service packets in the IP network.
A. TRUE
B. FALSE
Answer: A
61.In SRv6, every time an SRv6 endpoint node passes through, the Segments Left field is decremented
by 1, and the IPv6 destination address information is converted once.
A. TRUE
B. FALSE
Answer: A
62.The MAC address learning of the static VXLAN channel depends on the exchange of packets between
hosts (such as the exchange of ARP packets).
15 / 149
A. TRUE
B. FALSE
Answer: A
63.The iMaster NCE-Campus controller connects to various applications through open APIs in the
northbound direction, and delivers configurations to campus network devices through the Telemetry
technology in the southbound direction.
A. TRUE
B. FALSE
Answer: B
64.By default, LDP adjacencies will trigger the establishment of LSPs based on IP routes of 32-bit
addresses.
A. TRUE
B. FALSE
Answer: B
65.IETF takes advantage of the strong scalability of OSPF to expand the functions of OSPF so that it can
support IPv6 networks. The expanded protocol is called OSPFv3. OSPFv3 is compatible with OSPPv2.
A. TRLE
B. FALSE
Answer: B
66.Traffic shaping can only be used in the outgoing direction, and its function is to control the rate of
outgoing packets.
A. TRLE
B. FALSE
Answer: A
67.When configuring the DHCP Relay function on the device, the VLANTF interface of the relay
connection client must be bound to a DHCP server group, and the bound DHCP server group must be
configured with the IP address of the proxy DHCP server.
A. TRUE
B. FALSE
Answer: B
68.The following figure shows the MPLS VPN cross-domain Option B solution. In the scenario where an
RR exists within the domain, PE1 and ASBR-PE1 establish a VPNv4 neighbor relationship with RR1. By
default, user traffic must be forwarded through RR1.
16 / 149
A. TRUE
B. FALSE
Answer: B
69.When deploying BGP/MPLS IP VPN, when two VPNs have a common site, the common site must not
use overlapping address space with other sites of the two VPNs.
A. TRUE
B. FALSE
Answer: A
70.The OPS (Open Programmability System) function of Huawei network equipment provides the open
programmability of network equipment. To facilitate users to write scripts, Huawei provides a Python
script template for the OPS function. The OPSComnection class is created in the script template. Among
them, the member function of creating device resource operation is def post (self, uri, req_data).
A. TRUE
B. FALSE
Answer: B
71.In the virtualized campus network scenario deployed by iMaster INCE-Canrpus, to realize user mutual
access between different VNs, the administrator can deploy a policy control matrix on the controller.
A. TRUE
B. FALSE
Answer: B
72.During the process of establishing the SSH connection, the two communicating parties conduct
version negotiation. Which of the following data is not included in the version negotiation packet sent by
both parties?
A. Client Device Type
B. Minor Protocol Version Number
C. Software version number
D. Main agreement version number
Answer: A
73.The NETCONF protocol provides a set of mechanisms for managing network devices, which can be
divided into the following layers?
17 / 149
A. Security transport layer, message layer, operation layer, content layer

B. Encrypted transport layer, message layer, configuration layer, content layer
C. Security transport layer, message layer, configuration layer, content layer
D. Encrypted transport layer, message layer, operation layer, content layer
Answer: A
74.The SSH server has been configured and correct. Which of the following Pythom codes can be run on
the SSH client to successfully establish an SSH connection (the private key file is id_rsa, which is in the
same path as the client Python script?
A. import paramiko
client=paramiko.client.SSHClient()
client.connect(hostname='192.168.1.1', username='huawei', key_filename='id_rsa')
B. import paramiko
client = paramiko.Transport(('192.168.1.1', 22))
client.connect(username='huawei', key_filename='id_rsa')
C. import paramiko
client.connect(hostname='192.168.1.1', username=1 huawei', pkey='idrsa')
D. import paramiko
key = paramiko.RSAKey.from_private_key_file('id_rsa')
client = paramiko.Transport((192.168.1.1', 22)
client.connect(username=huawei', pkey-key
Answer: B
75.YANG is the data modeling language of NETCONF. The client can compile RPC operations into
XML-formatted messages. XML follows the constraints of the YANG model for communication between
the client and the server.
Which of the following XML content is written against this data model?
A)
B)
18 / 149
C)
D)
A. Option A
B. Option B
C. Option C
19 / 149
D. Option D
Answer: C
76.Which of the following is the default port number for the northbound API of iMaster NCE-Campus?
A. 18000
B. 18002
C. 18008
D. 18006
Answer: B
77.In the request header field of the HTTP request message, which of the following fields is used to
identify the MIME type?
A. Content-Type
B. Data-Type
C. Referer
D. MIME-Type
Answer: A
78.The engineer wants to log in to the Huawei device remotely. When writing the SSH Python script, the
Paramiko library is used to write the following code:
Cli=ssh.invoke_shell（）
Cli. send（‘screen-length 0 temporary\n'）
Which of the following is the role of screen-length 0 temporary?
A. Cancel split screen display
B. Do word wrapping
C. Cancel word wrap
D. Perform split screen display
Answer: A
79.As shown in the figure, the gateway of the PC is located in the aggregation switch. If you want to
realize the load sharing of the gateway device, which of the following descriptions is wrong?
20 / 149
A. Set different gateway addresses on the PC so that traffic is sent to different gateways in a balanced
manner
B. The VRID parameter only has local significance, so the VRIDs of the two aggregation switches about
the same virtual router can be different
C. It is necessary to configure the priority to make the aggregation switch become the master device of
the two virtual routers respectively
D. Multiple VRRP backup groups need to be configured on the aggregation switch
Answer: B
80.In BGP4+, which of the following descriptions is correct about the content of the next hop network
address field carried by the MP_REACH NLRI attribute in the Update message?
A. Only link-local addresses
B. Can only be a global unicast address
C. Can carry link-local addresses and global unicast addresses at the same time
D. Can be just a link-local address
Answer: C
81.After the interface sticky MAC function is enabled on the device, what is the number of MAC
addresses learned by the interface by default?
A. 5
B. 15
C. 1
D. 10
Answer: C
82.Which of the following token bucket technologies is used in traffic shaping??

A. Double barrel single speed
B. Single barrel double speed
C. Single barrel single speed
D. Double barrel double speed
Answer: C
83.In the controller public cloud deployment scenario, if you use the Huawei Registration Query Center to
deploy, you do not need to configure DHCP Option148 on the campus DHCP server.
A. TRUE
B. FALSE
Answer: B
84.In free mobility, if the authentication point device and the policy enforcement point device belong to the
same device, you need to subscribe to the IP-Group entry to view the user IP-Group information.
A. TRUE
B. FALSE
Answer: B
21 / 149
85.In the scenario of dynamically establishing a VXLA tunnel through BGP EVPN, BGP EVPN advertises
the host's MAC address information to the remote VTEP through Type 5 routes.
A. TRUE
B. FALSE
Answer: B
86.View the running configuration in memory through the "display current-configuration" command.
A. TRUE
B. FALSE
Answer: A
87.As long as FIT-AP is added in NCE, the AP can go online normally.

A. TRUE
B. FALSE
Answer: B
88.In the HUAWEI CLOUD WAN, the controller can plan paths in real time and deliver path information
through PCEP or BGPLS.
A. TRUE
B. FALSE
Answer: A
89.On the premise that the 32-bit host route of the remote host exists on the VXLAN L3 gateway, the L3
gateway can enable the local ARP proxy under the VBDIF interface to reduce the broadcast of ARP
packets. For packets destined for the remote host, the L3 gateway will match the host route for Layer 3
forwarding.
A. TRUE
B. FALSE
Answer: A
90.The Huawei iMaster NCE-WAN controller delivers the configuration to the CPE through the NETCONF
protocol.
A. TRUE
B. FALSE
Answer: A
91.In the virtualized campus network scenario deployed by iMaster NCE-Campus, which of the following
descriptions about configuring network service resources is correct?
A. Network service resources include DHCP server, RADIUS server, Portal server, and other servers, etc.
B. If the scene is selected as "Directly Connected Switch", it means that Border adds the interconnection
port to the interconnection VLAN in an untagged way
C. The interconnection address in the network service resource must belong to the "interconnection IP" in
the "Underlay Automation Resource Pool"
D. Configuring network service resources is to configure the global resource pool of Fabric
22 / 149
Answer: A
92.How many bits are there in the label field of MPLS?

A. 1
B. 8
C. 20
D. 3
Answer: C
93.In the description of DHCP Snooping, which one is wrong?

A. DHCP Snooping can prevent illegal attacks by setting trusted ports
B. When the DHCP snooping function is enabled in the interface view, the function of assigning all DHCP
packets on the interface will take effect.
C. If DHP Snooping is enabled in VLAN view, the command function of DHCP packets received by all
interfaces of the device belonging to the VLAN will take effect.
D. Enable DHCP Snooping globally, and the device only processes DHCPv4 packets by default without
any post-parameters
Answer: D
94.Which of the following routing types does EVPN use to achieve fast convergence and split horizon?
A. Inclusive Multicast Route
B. MAC/IP Advertisement Route
C. Ethernet Segment Route
D. Ethernet Auto-discovery Route
Answer: D
95.Which of the following is the meaning of the ipv6 enable topology ipv6 command in IS-IS protocol
view?
A. has no meaning
B. SPF calculation is performed separately in the topology of IPv4 and IPv6
C. SFF calculation without IPv6 support
D. IPv4 and IPv6 use the same topology for SPF calculation
Answer: B
96.Which of the following descriptions about the principle of DHCP is wrong?

A. DHCP supports assigning a fixed IP address to a specified terminal. This assignment mechanism is
called DHCP static assignment.
B. When the DHCP client and the DHCP server are on different Layer 3 networks, a DHCP relay needs to
be configured to forward packets between the client and the server
C. The Options field in the DHCP packet adopts a TLV structure, which can carry parameter information
such as the NTP server address, AC address, and log server address.
D. If only the information of the gateway and DNS server needs to be delivered to the DHCP client, the
DHCP Offer packet sent by the DHCP server to the client will not carry the Options field
Answer: D
23 / 149
97.Which of the following descriptions about the VXLAN gateway is wrong?

A. XLAN Layer 3 gateway is used for cross-subnet communication of VXLAN virtual network and access
to external network (non-VXLA network)
B. VBDIF is a logical interface created based on BD, similar to the concept of VLANIF in traditional
networks
C. Both XLAN Layer 2 and Layer 3 gateways must maintain the VBDIF interface, otherwise users cannot
communicate normally through this interface
D. The XLAN Layer 2 gateway enables traffic to enter the VXLAN virtual network, and can also be used to
implement the same subnet communication within the same VXLAN virtual network
Answer: C
98.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, for the VTEP peer to
generate BGP EVPN Type 2 routes based on the local terminal ARP information, which of the following
commands needs to be enabled on the VBDIF interface?
A. arp collect host enable
B. arp-proxy enable
C. mac-address xxxx-xxxx-xxxx
D. arp distribute-gateway enable
Answer: A
99.When configuring access authentication, it is necessary to define the contents authorized to the user in
the authorization result, which one of the following is not included?
A. Security Group
B. ACL
C. VLAN
D. IP address
Answer: D
100.In the Huawei SD-WAN solution, which of the following protocols is used for the control channel?
A. Static routing
B. BGP4
C. BGP VPNv4
D. BGP EVPN
Answer: D
101.Which of the following descriptions about SR-MPLS BE and SR-MPLS TE is correct?

A. SR-MPLS BE supports creating a tunnel by specifying Node SID and Adjacency SID at the same time
B. Both SR-MPLS BE and SR-MPLS TE support tunnel creation by specifying the Adjacency SID
C. SR-MPLS TE supports creating a tunnel by specifying Node SID and Adjacency SID at the same time
D. When creating an SR-MPLS BE, you can specify the necessary routers
Answer: C
24 / 149
102.The network administrator enters display telemetry sensor Sensor1 on the device to view the related
information of the Telemetry sampling sensor Sensor1, and the output is as follows. Which of the
following descriptions is wrong?
A. Telemetry samples CPU information, memory information, and MAC address table
B. The device is configured with three Telemetry sampling paths
C. For the sampling path huawei-mac: mac/macAddrSurmarys/macAddrSurmary, when the capacity of
the mac address table does not reach 40000, the device will continue sampling
D. The device can continue to add Telemetry sampling paths
Answer: B
103.The <config> operation of the NETCONF protocol may contain an optional "operation" attribute, that
is used to specify the operation type "operation" for configuration data that does not include which of the
following?
A. create
B. remove
C. update
D. merge
Answer: C
104.There are various types of northbound interfaces, ranging from SUMP, CORBA, SMP to REST, but
nowadays the northbound interfaces of various devices are gradually evolving to REST interfaces.
Which of the following is NOT a reason to use REST?
25 / 149
A. REST adopts a stateless design

B. REST standardizes URI naming
C. REST realizes front-end and back-end coupling
D. REST has good cross-platform compatibility
Answer: A
105.Which of the following protocols can be used by the iMaster NCE service open and programmable to
complete the device configuration?
A. BGP
B. CLI/SSH
C. NETCONF
D. SNMP
Answer: C
106.Which of the following descriptions about labels is wrong?

A. The principle to be followed when manually assigning labels is: the value of the outgoing label of the
upstream node is the value of the incoming label of the downstream node
B. Dynamic LSPs are dynamically established through label distribution protocols, such as MP-BGP,
RSVP-TE, LDP
C. LSPs are classified into two types: static LSPs and dynamic LSPs: static LSPs are manually
configured by the administrator, and dynamic LSPs are dynamically established using label protocols.
D. LSPs established by statically assigning labels can also be dynamically adjusted according to network
topology changes without administrator intervention
Answer: D
107.In the data header, which of the following fields cannot be used for simple flow classification?
A. DSCP
B. Protocol
C. EXP
D. 802.1P
Answer: B
108.Which of the following descriptions about the functions of Ping and Tracert is correct?
A. Tracert has the same function as Ping, but the name is different
B. Tracert must be able to trace the IP address of each hop from the source to the destination
C. Ping verifies the reachability from the local end to the peer end, but it does not mean that the peer end
to the local end must be reachable
D. Ping detects the two-way reachability with the peer through the one-way icmp echo request message
Answer: C
109.Which of the following NPLS L3VPN cross-domain solutions does not need to run MPLS between
ASBRs?
A. Option B
B. Option D
26 / 149
C. Option A
D. Option C
Answer: C
110.When the network administrator tried to access the internal network device through Telnet, it was
found that it could not be accessed.
Which of the following is impossible?
A. The protocol inbound all is configured on the VTY user interface
B. The route is unreachable, and the client and server cannot establish a TCP connection
C. ACL is bound in the VTY user interface
D. The number of users logged into the device has reached the upper limit
Answer: A
111.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, which of the
following routes is used by BGP EVPN for MAC address advertisement, ARP information advertisement
and IRB route advertisement?
A. Type1
B. Type3
C. Type4
D. Type2
Answer: D
112.A company's headquarters network and branch network are interconnected through the Internet. If
VPN technology is used to realize secure and reliable data transmission between headquarters users and
branch users, which of the following VPN technologies is most suitable?
A. SSL VPN
B. MPLS VPN
C. L2TP VPN
D. IPsec VPN
Answer: D
113.Which of the following descriptions about access control for small and medium-sized campuses is
wrong?
A. iMaster NCE supports directly as an authentication server
B. Cloud AP supports Portal local authentication
C. iMaster NCE supports connection to third-party RADIUS servers
D. iMaster NCE supports as a portal relay device
Answer: D
114.Which of the following descriptions about data encryption methods is wrong?

A. Data encryption methods are divided into symmetric encryption and asymmetric encryption
B. Symmetric encryption algorithms use the same key to encrypt and decrypt data
C. Asymmetric encryption uses public key encryption and private key decryption
27 / 149
D. The key used by the symmetric encryption algorithm must be exchanged by mail, otherwise there is a
risk of key leakage
Answer: D
115.IPsec SA (Security Association) triple does not include which of the following parameters?
A. Source IP address
B. Security protocol number (AH or ESP)
C. Destination IP address
D. Security Parameter Index SPI (Security Parameter Indez)
Answer: A
116.Which of the following descriptions about GRE tunnels is incorrect?

A. GRE can encapsulate IPv4 unicast packets
B. The implementation mechanism of GRE is simple, and the burden on the devices at both ends of the
tunnel is small.
C. GRE can encapsulate IPv6 unicast packets
D. GRE can encapsulate IPv6 broadcast packets
Answer: D
117.If there are multiple service packets on the same link, in order to give priority to the use of
high-priority applications when the link is congested, and low-priority applications to avoid high-priority
applications when congestion occurs, then you should choose Which of the following is an intelligent
routing strategy?
A. Routing based on link priority
B. Routing based on application priority
C. Routing based on link bandwidth
D. Routing based on link quality
Answer: B
118.SR-MPLS TE distributes MPLS labels through which of the following protocols?

A. RSVP-TE
B. PCEP
C. IGP
D. LDP
Answer: C
119.The deployment of a virtualized campus network is shown in the figure. In this scenario, which
method should be used to interconnect the fabric with the external network?
28 / 149
A. Layer 2 shared egress

B. Layer 3 Shared Export Mode
C. Layer 2 exclusive export method
D. Layer 3 exclusive export method
Answer: A
120.Which of the following is not a principle that needs to be followed when designing an SR-MPLS Policy
tunnel?
A. The traffic of a single tunnel should not be too large. To facilitate progress in bandwidth tuning
B. Business traffic and tunnel association. Achieve a certain level of path visibility
C. Consider possible future network expansion
D. Increase the number of tunnels as much as possible. The more the number of tunnels, the more
refined the high-level service can be separated and the service quality can be guaranteed
Answer: D
121.The OPS (Open Progrannability System. Open Programmable System) function of Huawei network
equipment uses the HTTP protocol method to access the management objects of network equipment. To
facilitate users to write scripts, Huawei provides Fython script templates for the OPS function. Which of
the following is the content of the header fields "Content-type" and "Ahccept" in the HTTP request
message sent in the Pythorn script template?
A. text/xml, text/json
B. text/json, tcxt/xml
C. text/json. text/json
D. text/xml, text/xsml
Answer: D
122.Which of the following descriptions cannot be the cause of the dual-active failure of the VRRP backup
group?
A. The master device sends 1 notification message per second
B. VRRP backup group IDs on both ends are different
C. The link that transmits VRRP advertisement packets is faulty
29 / 149
D. The low-priority VRRP backup group discards the received VRRP advertisement packets as illegal
packets
Answer: A
123.MACsec can provide users with secure MAC layer data transmission and reception services.
Which of the following is not a service provided by MACsec?
A. Integrity Check
B. Controllability Check
C. User Data Encryption
D. Data source authenticity verification
Answer: B
124.Which of the following regular expressions can match only the EGP route entries that pass through
AS300 and then AS200?
A. 200$/300$
B. _[200 300]_
C._(200 300)_
D.^200l^300
Answer: B
125.Which of the following descriptions about TTL in MPLS Header is correct?

A. To control label distribution
B. Limiting LSR
C. Similar to the TTL in the IP header, it is used to prevent packet loops
D. Control of upstream equipment for label distribution
Answer: C
126.As shown in the figure, OSPF is enabled on all interfaces of the router. Which of the following
statements is correct?
30 / 149
A. The Type1 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
B. The Type5 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
C. The Type2 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/24
D. The Type3 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
Answer: A
127.During HTTP communication, the client only sends one request for each HTTP connection, and once
the server response data is sent, the connection will be released.
To solve this problem, which header field extension is used so that the HTTP session can be maintained
without immediate disconnection?
A. Session
B. Cookie
C. Set-Cookie
D. Connection
Answer: D
128.As shown in the figure, if you want to realize that only legitimate users (users who obtain IP
addresses through a legitimate DHCP server or specific static IP users) are allowed to access the network
in this network, which of the following solutions can be used?
A. DAI +Port Security

B. DHCP Snooping+IPSG
C. DHCP Snooping+DAI
D. DAI+IPSG
31 / 149
Answer: B
129.In order to enable the VPN instance to advertise IP routes to the BGP-EVPN address family, which of
the following commands needs to be enabled in the BGP view?
A. advertise 12vpn evpn
B. advertise irb
C. advertise vpnv4
D. advertise irbv6
Answer: A
130.An enterprise wants to centrally and securely manage and control Internet traffic. Which of the
following Internet access methods is more appropriate?
A. Internet access by priority
B. Centralized Internet access
C. Hybrid Internet access
D. Local Internet access
Answer: B
131.In the MA network environment, all IS-IS routers enable the SR-MPLS function. Which of the
following descriptions is correct?
A. DIS will collect the SRGB of each device in the MA network and advertise it to other routers
B. If SR-MPLS is enabled, there is no need to elect DIS
C. The LSP generated by DIS will describe all IS-IS routers in the network
D. DIS will generate a special Node ID
Answer: A
132.As shown in the figure, PE1 has enabled the OSPF-based SR-MPLS function. Based on this, it is
inferred that the label when PE1 forwards data packets to 10.0.3.3 is which of the following?
32 / 149
A. 24003
B. 24004
C. 3
D. 24001
Answer: A
133.MPLS LDP can be used to build BGP/MPLS IP VPN bearer tunnels. Which of the following
descriptions about MPLS LDP is wrong?
A. The default label publishing and management methods adopted by Huawei devices are: downstream
autonomous mode (DU) + ordered label control mode (Ordered) + free label retention mode (Liberal)
B. MPLS LDP tunnels are established based on IP shortest paths, and tunnel forwarding path planning
cannot be performed
C. LDP, RSVP-TE, MP-BGP share the label space of 1024~1048575
D. Due to its relatively simple configuration and maintenance, BGP/MPLS IP VPNs are widely used in
carrier WAN bearer networks and enterprise WAN bearer networks
Answer: B
134.SR-MPLS Policy is one of the current mainstream ways to implement SR-MPLS. Which of the
following descriptions about SR-MPLS Policy is wrong?
A. Common SR-MPLS Policy application scenarios the controller collects information such as network
topology, network bandwidth, link delay, etc., calculates the SR-MPLS Policy tunnel according to service
requirements, and delivers the policy to the head node
B. A candidate path can contain multiple forwarding lists, load balancing based on weights
C. An SR-MPLS Policy is identified by the triplet <headend, color, endpoint>
D. Multiple candidate paths can be defined, and the candidate paths form a master-standby or
load-sharing relationship according to their priorities
Answer: D
33 / 149
135.The NETCONF protocol provides a mechanism for managing network devices. The operation object
of NETCONF is the configuration library of network devices. Which of the following descriptions of the
configuration library is wrong?
A. <delete-config> is an operation on the startup configuration library
B. The configuration library of network devices can be divided into candidate configuration library, running
configuration library, and startup configuration library
C. <validate> is the operation on the candidate configuration library
D. <commit> will submit the configuration in the startup configuration library as the configuration in the
running configuration library
Answer: D
136.The establishment of an SSH connection needs to go through multiple stages in turn. Which of the
A. Version negotiation stage, algorithm negotiation stage, key exchange stage, user authentication stage,
session interaction stage
B. Version negotiation phase, user authentication phase, key exchange phase, algorithm negotiation
phase, session interaction phase
C. Version negotiation stage, user authentication stage, algorithm negotiation stage, key exchange stage,
D. Version negotiation stage, key exchange stage, algorithm negotiation stage, user authentication stage,
Answer: A
137.Which of the following descriptions about the purpose of configuring LSP fragmentation on IS-IS
equipment is correct?
A. Make the device unable to establish IS-IS neighbors
B. Enable the device to support more IS-IS routing entries
C. Have no practical purpose
D. Prevent the device from learning IS-IS routing information
Answer: B
138.Which of the following tools cannot be used to match BGP routing entries?
A. Community Filter
B. IP Prefix List
C. Basic ACL
D. Advanced ACL
Answer: D
139.Which of the following NAT64 prefixes do not require manual configuration by the administrator?
A. 64:FF9B::/16
B. 64:FF9B::/32
C. 64:FF9B::/64
D. 64:FF9B::/96
34 / 149
Answer: D
140.In order to advertise IPv6 routes in BGP4+, what fields are added to the Update message?
A. A new path attribute: IPv6_REACH_NLRI
B. A new path attribute: MP_REACH_NLRI
C. A new path attribute: MP_UNREACH_NLRI
D. A new NLR type: IPv6_NLRI, which carries IPv6 NLRI prefix 1ength and IPv6 NLRI prefix
Answer: B
141.In the VXLAN network, which of the following is used to realize cross-subnet communication within
the VXLAN network and access to the external network (non-VXLAN network) from the VXLAN network?
A. VXLAN L2Gateway
B. VLANIF interface
C. NVE interface
D. VXLAN L3 Gateway
Answer: D
142.For scenarios that need to support advanced security functions such as URL filtering, IPS, security
defense, and AV anti-virus, and need to support multi-link uplinks, which one of the following can the
export device choose?
A. AP
B. AR
C. AC
D. FW
Answer: D
143.In the VXLAN network, similar to the traditional network using VLAN to divide the broadcast domain,
VXLAN identifies the broadcast domain locally according to which of the following?
A. VRF
B. BD
C. VNI
D. NVE
Answer: B
144.EVPH supports multiple service modes. In which of the following service modes, an interface can
only be used by a single user?
A. VLAN Based
B. Port Based
C. VLAN Bundle
D. VLAN-Aware Bundle
Answer: A
35 / 149
145.During the implementation of the Wi-Fi-based location service of iMaster NCE-Campus, the terminal
data is reported to the location service platform by HTTP request. Which of the following HTTP methods
is used for this HTTP request?
A. PUI
B. POST
C. DELETE
D. GET
Answer: D
146.In Huawei's access control solution, which of the following user authentication methods is not
supported by portal authentication?
A. Based on Passcode
B. SMS-based verification code
C. Based on the user's MAC address
D. Username based password
Answer: C
147.Which of the following tunneling technologies is used in Huawei SD-WAN solution to establish data
channels?
A. GRE over IPsec
B. MPLS
C. IPsec
D. Vxlan
Answer: A
148.NCE-campus has some key parameters when configuring access authentication and authorization,
which one of the following is not included?
A. Certification Rules
B. Result name
C. Site binding
D. Authorized Security Groups
Answer: C
149.Which AP is independent, can manage a small number of APs, has low cost, and does not require
high management skills?
A. Leader AP
B. FIT AP+AC
C. FAT AP
D. Agile distribution of AP
Answer: A
150.Before the SSH client uses public key authentication to connect to the SSH server, it needs to create
a key pair in advance. The client uses Git Bash to create a DSS key pair. Which of the following
commands is used to create it?
36 / 149
A. ssh-keygen -t rsa
B. ssh-keygen -t dss
C. ssh-keygen -t ecc
D. ssh-keygen -t dsa
Answer: B
151.In SD-WAN, after deploying NAT in RR, what kind of features are required?
A. NAT SERVER
B. 1:1 NAT
C. NAT444
D. ALG
Answer: B
152.Which of the NCE-Campus descriptions about the access management configuration is wrong?
A. A template can only have one authentication method
B. NCE device can be used as Radius server or portal server
C. Fabric needs to specify wired or wireless templates
D. Before creating a user template, you must first create a server template
Answer: A
153.When configuring SR-MPLS, which of the following is not mandatory?

A. Enable MPLS
B. Enable SR
C. Configure LSR-ID
D. Link configuration Adj-Sid
Answer: D
154.Traffic monitoring does not include monitoring which of the following?

A. Management plane traffic
B. Control Plane Traffic
C. Monitor plane traffic
D. Data plane traffic
Answer: C
155.There are three roles in strategy linkage. Which of the following is not?
A. Authentication Control Point
B. Terminal
C. Policy enforcement point
D. Certification enforcement point
Answer: C
156.In SD-WAN, CPE is located in the private network area behind the NAT device. NAT technology is
required between CPE. Which technology in SD-WAN enables NAT between CPE?
A. STUN
37 / 149
B. IPSEC
C.NAT SERVER
D. ALG
Answer: A
157.Engineers often log in to the device remotely to check the status of the device. Now engineers want
to realize automatic remote login through Python script, they can use Python Paramiko library and
telnetlib library to achieve the above requirements. Using telnetlib to achieve remote login is more secure.
A. TRUE
B. FALSE
Answer: B
158.In an MPLS domain, LSR can be divided into Ingress LSR, Transit LSR and gross LSR according to
the different processing methods of LSR for data. For the same FEC, a certain LSR can be the Ingress
LSR of the FEC or the Transit LSR of the FEC.
A. TRUE
B. FALSE
Answer: A
159.The business package (Specific Service Plugin, SSP) implements the mapping by using the jinja2
template. The jinja2 syntax {%...%} contains control structures (ControllStructures), such as for loops.
A. TRUE
B. FALSE
Answer: A
160.When OSPFv2 evolves to OSPFv3, the LSA format and function are exactly the same, but the
network layer address in the LSA is changed from IPv4 to IPv6.
A. TRUE
B. FALSE
Answer: B
161.. Which of the following security protection actions can be performed by a secure MAC address does
not include?
A. Remark
B.Shutdown
C. Restrict
D. Protect
Answer: A
162.In the SSH algorithm negotiation phase, the two parties exchange the list of algorithms they support.
The symmetric encryption algorithm list of the SSH server is: aes256-ctr, aes192-ctr, aes128-ctr,
aes256-cbc.
The list of symmetric encryption algorithms of the SSH client is: aes128-c9-ctr, aes256-ctr, aes256-cbc.
Which of the following is the symmetric encryption algorithm that both parties will use?
38 / 149
A. aes128-ctr
B. aes192-ctr
C. aes256-cbc
D. aes256-ctr
Answer: A
163.Huawei network equipment provides the OPS function. Which of the following commands can view
the information of the OPS script installed on the network equipment?
A. check ops script
B. display ops file
C. display ops script
D. check ops file
Answer: C
164.Which of the following descriptions about the application scenarios of the 0PS function is wrong?
A. In the scenario of using the OPS function to automatically deploy devices with empty configuration, the
function of the Python script is to obtain the server addresses of software and configuration files, and to
download system software and configuration files
B. The user needs to realize the function of automatically sending the configuration file to the server after
the network device configuration is saved. This can be achieved by creating a timer type trigger condition
through the maintenance assistant and executing the Python script regularly.
C. Using the OPS function can reduce the impact of the network environment in some cases. For
example, when transmitting collected information to the server, the Python script can realize that when
the network is unavailable. The function of temporarily storing the execution result in the device and
transferring it to the server after the network is restored.
D. Using OPS can realize the function of automatically checking the health status of the device.
Answer: B
165.Which of the following protocols does not support SR-MPLS?

A. BGP
B. IS-IS
C. OSPF
D. RSVP-TE
Answer: D
166.Telemetry is a technology that collects data remotely from physical or virtual devices at high speed.
Which of the following is NOT a component of the data layer for a mode that uses gRPC push?
A. Notification message layer
B. Telmetry layer
C. RPC layer
D. Business data layer
Answer: A
39 / 149
167.In the virtualized campus network deployed through iMaster NCE-Campus, in the "network planning"
stage, which of the following is not an operation that the administrator needs to complete?
A. Deploy Overlay Access Resource Pool
B. Create an authentication template
C. Deploy the Fabric global resource pool
D. Deploy the Underlay automation resource pool
Answer: A
168.In the virtualized campus network design, which of the following descriptions about the Fabric
networking design is wrong?
A. Single/dual Border networking can be selected according to different scenarios, in which the VXLAN
centralized gateway supports single Border or dual Border deployment at the same time.
B. If users in multiple VNs want to access the same external network, and the security policies of each VN
are different, you can configure the VN to connect to the external network through Layer 3 exclusive
egress.
C. If you want to use the original access switches (which do not support VXLAN), you can deploy VXLAN
covering the core layer to the aggregation layer
D. When the terminal scale is small, a centralized gateway network can be selected, in which Border acts
as a gateway to manage the network uniformly.
Answer: A
169.Both SNMP and NETCONF can be used for the management of network devices. Which of the
following descriptions about these two protocols is correct?
A. When Huawei switches need to be managed through NETCONF, the NETCONF parameters of each
switch must be manually configured by default.
B. Both protocols adopt the Client/Server architecture, with NMS as the server and the managed network
device as the client
C. When Huawei switches need to be managed through SNMP, the SNMP parameters of each switch
must be manually configured by default.
D. Both protocols manage different objects through MIB on network devices
Answer: C
170.Which of the following commands can be used to adjust the link cost of the IS-IS interface?
A. isis cost
B. isis timer hello
C. isis circuit-type
D. isis circuit-level
Answer: A
171.Execute the print(r.json()) command in the Python script, and the print output is as follows;
The output contains multiple elements, and now the value of token_id needs to be filtered out and
assigned to the variable id. Which of the following is the correct command?
{'data': {'token_id': 'x-eonsfw', 'expirelate': '2020-07-07-07:30:00' }, 'errcode': '0', 'errmsg': 'get token'
successfully' }
40 / 149
A. id=r.json()['data']['token_id']
B. id=r.json(){'data'}{'token_id'}
C. id= r.json()('data')('token_id')
D. id = r.json()('token_id')
Answer: A
172.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when using BGP
EVPN Type 2 routes for host MAC address advertisement, which of the following descriptions is correct?
A. Will carry specific L2 VNI and L3 VNI values at the same time
B. Will carry the specific L3 VNI value
C. The RT value carried is the Export RT in the IP VPN instance
D. IP Address and IP Address Length fields will not carry specific content
Answer: D
173.In the virtual campus network scenario deployed through iMaster NCE-Campus, after VN are created,
VN interworking needs to be configured.
Which of the following descriptions about configuring VN interworking is correct?
A. Actually, OSPF is deployed for the VPN-Instance corresponding to the VN
B. Actually, a static route is created for the VPN-Instance corresponding to the VN
C. Actually deploying routing strategies
D. Actually deploying traffic filtering
Answer: B
174.In a small and medium-sized cloud-managed campus network scenario based on the HUAWEI
CLOUD campus network solution, which of the following components provides query services for devices
to automatically go online?
A. WLAN Planner
B. Registration Inquiry Center
C. CloudCampus APP
D. iMaster NCE-campusInsight
Answer: C
175.A campus network deploys the Free Mobility function through iMaster NCE-campus, and the
configured policy control matrix is shown in the figure.
Policy Control Matrix:
41 / 149
Which of the following statements about the policy control matrix is wrong?
A. If the policy enforcement point does not find the security group corresponding to an IP address, the
traffic of the IP address can access the server group
B. The sales group cannot communicate with the guest group
C. The guest group can access the guest group
D. If the server group is a resource group, you can configure the policy source for the server group
Answer: D
176.Man-in-the-middle attacks or IP/MAC spoofing attacks can lead to information leakage and other
hazards, and are more common in intranets. Which of the following configuration methods can be taken
to prevent man-in-the-middle attacks or IP/MAC spoofing attacks?
A. Limit the maximum number of MAC addresses that can be learned on the switch interface
B. Enable DHCP Snooping to check the CHADDR field in the DHCP REQUEST message
C. Configure DHCP Snooping on the switch to associate with DAI or IPSG
D. Configure the Trusted/Untrusted interface
Answer: C
177.In the firewall dual-system hot backup scenario, which protocol is used between the active and
standby devices to implement session table backup?
A. VRRP
B. VCMP
C. HRP
D. BFD
Answer: C
178.When using EVPN to carry VPLS, which of the following descriptions about the advantages of EVPN
is wrong?
A. PE does not need to learn the MAC address of CE
B. Support automatic discovery of PE members
C. EVPN supports CE multi-active access to PE
D. Loop avoidance without hard running STP
Answer: D
42 / 149
179.Which of the following descriptions about the BGP/MPLS IP VPN network architecture is wrong?
A. In general, CE devices cannot perceive the existence of VPN, and CE devices do not need to support
MPLS, MP-BGP, etc.
B. The P device only needs to have basic MPLS forwarding capabilities and does not maintain
VPN-related information
C. The BGP/MPLS IP VPN network architecture consists of three parts: CE, PE and P. PE and P are
operator equipment, and CE is BGP/MPLS IP VPN user equipment
D. Sites can access each other through VPN, and a site can only belong to one VPN
Answer: D
180.RESTCONF and NETCONF are both protocols used to manage the configuration of network devices.
Which of the following statements about RESTCONF and NETCONF is wrong?
A. The data encoding format of RESTCONF supports XML or JSON
B. RESTCONF uses HTTP operations, stateless, with transaction mechanism, with rollback
C. The operation methods of RESTCONF are GET, POST, PUT, PATCH, DELETE
D. NETCONF operates multiple configuration libraries for devices, with transaction mechanism and
rollback
Answer: B
181.The role of Link-LSA in OSPFv3 does not include which of the following?
A. Advertise the IPv6 prefix list of this interface to other routers on the link
B. Advertise the options set in the Network-LSA originating from this link to other routers on the link
C. Advertise the link-local address of this interface to other routers on the link
D. Advertise the router's interface ID to other routers on the link
Answer: D
182.Which of the following is not part of the operation process in the intermediate stage of cutover?
A. Business testing
B. Cutover Preparation
C. Cutover Implementation
D. Field Defence
Answer: D
183.Which of the following descriptions about the OSPFv3 Router-ID is correct?

A. 100-bit value
B. 64-bit value
C. 128-bit value
D. 32-bit value
Answer: D
184.As shown in the figure, SW1 and SW2 use asymmetric IRB forwarding. When PC1 communicates
with PC2, which of the following is the destination MAC address of the original data frame in the message
sent by VTEP1 to VTEP2?
43 / 149
A. MAC A
B. MAC D
C. MAC C
D. MAC B
Answer: B
185.As shown in the figure, R1 and R4 establish a GRE tunnel to transmit data sent from PC1 to PC2.
The TTL of the inner header of the packet sent from the GEO/0/1 interface of R1 is 126. Which of the
following is the inner TTL of a packet sent by interface 0/3?
A. 124
B. 125
C. 127
D. 126
Answer: C
186.The figure shows the IPv6 SR-Policy routing information on a router. Which of the following does [10]
mean?
A. distinguisher
B. policycolor
C. Turnnel ID
D. endpoint
Answer: A
44 / 149
187.The OPS (Open Progranmrability System) function of Huawei network equipment uses the HTTP
protocol method to access the management objects of network equipment. To facilitate users to write
scripts, Huawei provides Python script templates for the OPS function.
The following is the internal call method rest_call of the OPSCornection class in the OPS script template.
Which of the following descriptions is correct?
A. The response.status in the rest_call method is the status code
B. The response.reason in the rest_call method is the reason phrase used to interpret the status code
C. The parameter method in rest_call (self, method, uri, req_data), the value can be DELETE, GET, SET,
CREATE
D. The values of self.host and self.port in the rest_call method are "localhost".80 respectively
Answer: C
188.Based on the information given in the figure, which of the following statements is correct?
A. The IS-IS interface type of the GE0/0/0 interface on R1 is Leve1-1-2

B. IS-IS IPv6 is not enabled on the GE0/0/1 interface of R1
C. IS-IS IPv6 is enabled on the GE0/0/0 interface of R1
D. The IS-IS interface type of the GE0/0/1 interface of R1 is Level-1
Answer: A
189.All routers in a network enable SR-MPLS, and the label information encapsulated by R1 to a data
packet is shown in the figure. At this time, which of the following is the MPLS label carried when the data
packet is sent from R2 to R4?
45 / 149
A. 2046
B. 2024
C. Unlabeled
D. 2032
Answer: B
190.Huawei provides Python script templates for OPS functions.
The code of the Main method in the script template is as follows. Which item is wrong in the following
description?
A. ops_conn.close() means to close the HTTP connection
B. rsp_data = get_startup_info (ops_corn) means to call the get_startup_infc method, which will send an
HTP request to the device and store the device's response data in rsp_data
C. ops_conn = OPSConnecticn (host) means to create an instance of the OPSC onnection class
ops_cornn
D. When executing the Python script on the local PC, the value of host needs to be set to the IP address
of the network device
Answer: C
46 / 149
191.A user wrote the clear_start_info method. Use the oPS function to clear the configuration file of the
current network device, the code is as follows:
Which of the following descriptions is wrong?

A. ret is the HTIP status code
B. When ops_corn.create(uri, req_data) is executed, an HTTP request of the "TPUT" operation type is
sent
C. rsp_data is the response data of the system after the request is executed, the format can refer to the
RESTful API of the network device
D. req_data data is stored in the body part of the HTTP request
Answer: C
192.How to deliver the results of topology arrangement in SD-WAN to RR?

A. Flow table
B. NSPF
C. BGP
D. SNMP
Answer: C
193.Which of the following descriptions about Multi-VPN-Instance CE (MCE) is wrong?

A. On the MCE device, you need to create their own routing and forwarding tables for different VPNs and
bind them to the corresponding interfaces
B. Users who are connected to the same MCE but do not belong to a VPN instance cannot access each
other
C. There must be multiple physical links between MCE and PE to achieve isolation between different VPN
instances
D. Devices with MCE function can access multiple VPN instances in BGP/MPLS IP VPN applications,
reducing the investment in user network equipment
Answer: C
194.OSPFv2 is an IGP running on IPv4 networks, and OSPv3 is an IGP running on IPv6 networks. The
basic working mechanism of OSPFv3 is the same as that of OSFv2, such as the election of DR and BDR.
An engineer uses three routers to test IPv6 services. He wants to realize the interconnection of IPv6
networks by running OSPFv3.
47 / 149
Which of the following descriptions about the DR election for this network is correct?
A. After the network converges, R1 is the DR
B. After the network converges, the engineer changes the priority of R1 to 100, the priority of R2 to 10,
and the default value of R3. When the network converges again, R1 is DR and R2 is BDR
C. After the network converges, a new device R4 is added to the broadcast link, and the priority of R4 is
150. When the network converges again, R4 is DR
D. After the network converges, R1 is powered off and restarted. When the network converges again. R3
is DR
Answer: B
195.Which of the following EVPN route types does not carry MPLS labels?
A. MAC/IP Advertisement Route
B. Ethernet Segment Route
C. Ethernet AD Route
D. Inclusive Multicast Route
Answer: B
196.Which of the following descriptions about configuring user access authentication is wrong?
A. Configure an 802.1X access profile, MAC access profile, Portal access profile or hybrid authentication
profile based on the authentication requirements of the actual networking
B. To implement network access control for users, it is necessary to determine the domain to which the
user belongs and the AAA scheme used
C. The access profile needs to be bound in the authentication profile to confirm the authentication method
of the user, and then the authentication profile needs to be applied to the interface to enable the network
admission control function
D. If authentication needs to be performed through a RADIUS or HWTACACS server, you need to
configure the relevant parameters for connecting with the authentication server in the AAA scheme
Answer: C
48 / 149
197.802.1X authentication is deployed in the network shown in the figure. Which of the following packets
cannot trigger 802.1X authentication?
A. DHCP
B. ICMP
C. EAPoL
D. ND
Answer: B
198.Which of the following descriptions about AH (Authentication Header, message authentication

header protocol) is wrong?
A. AH provides anti-message replay function
B. AH provides message encryption function
C. AH provides data source verification
D. AH provides data integrity verification
Answer: B
199.Which of the following protocols is used for the management of Huawei iMaster NCE-WAN
controllers?
A. SNMP
B. HIIP/2
C. NETCONF over DTLS
D. NETCONF over SSH
Answer: D
200.In the MA network environment, all IS-IS routers enable the SR-MPLS function. Which of the
A. If SR-MPLS is enabled, there is no need to elect DIS
B. DIS will generate a special Node ID
C. DIS will collect the SRGB of each device in the MA network and advertise it to other routers
D. The LSP generated by DIS will describe all IS-IS routers in the network
Answer: C
201.If the SRH extension header is carried, the numbers filled in the next-header of IPv6 are:
A.43
B.49
C.50
D.16
Answer: A
202.Regarding the tunnel, which statement is wrong?
49 / 149
A. The tunnel is a GRE tunnel

B. The destination address of the tunnel is 10.3.3.3
C. The tunnel enables keepalive detection
D. Keyword detection is not enabled for this tunnel
Answer: C
203.Part of the configuration on the device is shown in the figure. In the following description of this
configuration, which one is wrong?
A. Configure the GigabitEthernet0/0/1 interface as a trusted interface

B. Enabling DHCP Snooping configuration can be used to prevent DHCP Server spoofing
C. Attacks Enabling DHCP Snooping configuration can be used to prevent ARP spoofing attacks
D. If there is no Sub0ptionl information of Option82 in the DHCP request packet received by the
GigabitEthernet0/0/1 interface, the device will generate Option82 and insert it into the packet
Answer: C
204.Which of the following descriptions about MPLS label space is wrong?

A. If the outgoing label value is 0, the router will directly discard the packet
B. Above 1024 is the label space shared by dynamic signaling protocols such as LDP, RSVP-TE,
MP-BGP, etc.
C. When the penultimate LSR performs label switching, if the value of the label after the exchange is
found to be 3, the label will be popped by default and the packet will be sent to the last hop
D. 16~1023 is the label space shared by static LSP and static CR-LSP
Answer: A
205.In free mobility, after the policy enforcement point device receives user traffic.
According to which of the following information carried by the traffic, find the corresponding policy and
execute it, and then forward/discard the traffic?
A. Source/Destination Security Group
B. Source/destination IP address
C. Source/destination port number
D. Source/destination MAC address
Answer: B
206.In the accompanying business travel, which of the following descriptions about "security group" and
"resource group" is correct?
A. When using resource groups, a policy will be generated based on each resource group on the policy
enforcement point device
B. The user IP address of the dynamic security group is not fixed, and the IP address is dynamically
associated with the security group after user authentication
50 / 149
C. When configuring the policy control matrix, the resource group can be used as the source group and
destination group of the policy
D. For service resources with overlapping IP address sets, they can be distinguished by static security
groups
Answer: B
207.To achieve isolation between different users in the same VLAN, which of the following techniques
can be adopted?
A. IPSG
B. Port isolation
C. Ethernet Port Security
D. Super VLAN
Answer: B
208.A network means that all routers enable SR-MPLS, and the label information encapsulated by R1 for
a data packet is shown in the figure. At this time, which of the following is the forwarding path of the data
packet?
A. R1-R3-R5-R6
B. R1-R2-R3-R5-R6
C. R1-R2-R4-R6
D. R1-R3-R2-R4-R6
Answer: D
209.OSPF supports SR-MPLS through which of the following types of LSA?

A. Type10 opaque LSA
B. Type1 Router L5A
C. Type7 NSSA External LSA
D. Type2 Network LSA
Answer: A
210.As shown in the figure, it is a typical network of "two places and three centers". Which device in the
figure is responsible for branch access to the WAN bearer network?
51 / 149
A. DC-PE
B. BR-PE
C. BR-CE
D. WAN-P
Answer: C
211.For the following Python code, which description is incorrect?
A. The HTTP request data (message body) is encoded in XML format

B. There are two header fields in the HTTP request, 'Content-Type': 'application/json' and 'Accept':
'application/json'
C. This code implements the sending of HTTP request messages, and the request method is POST
D. The Python code imports the requests library to implement the interaction process of the HTTP
protocol
Answer: A
212.Which of the following is not a principle that needs to be followed when designing an SR-MPLS Policy
tunnel?
A. The traffic of a single tunnel should not be too large to facilitate the progress of bandwidth tuning
B. The service traffic is associated with the tunnel to achieve a certain degree of path visibility
C. Increase the number of tunnels as much as possible. The more tunnels there are, the more refined the
service isolation and service quality can be guaranteed.
D. Consider possible future network expansion
Answer: B
52 / 149
213.The home broadband service requirements of an operator are as follows: the maximum downlink
bandwidth of the broadband is 100M when it is idle, and the guaranteed downlink available bandwidth is
50M when it is busy. The home broadband service needs to bear the home IP telephone service in
addition to the home Internet service.
Which of the following configurations best matches the business requirement?
A. qos car inbound cir 100000
B. qos car inbound cir 100000 pir 50000
C. qos car inbound cir 50000 pir 100000
D. qos gts cir 100000
Answer: C
214.Assume that the neighbor relationship between BGP routers has been established successfully, and
the configuration on R1 is as shown in the figure.
Which router can the routing entry 10.10.10.0/24 advertised by R1 be delivered to the farthest?
A. R2
B. R1
C. R4
D. R3
Answer: D
215.The number of tunnels established in Huawei SD-WAN solution can be controlled through specific
parameters.
53 / 149
A network topology is shown in the figure. How many trails can be established in this topology?
A.3
B.4
C.2
D.1
Answer: B
216.According to the configuration information shown in the figure, it can be inferred that how many
interfaces on R4 that are advertised into ISIS?
A. 3
B. 1
C. 0
D. 2
Answer: A
217.In the virtualized campus network scenario deployed by iMaster NCE-Campus, which of the following
descriptions about the access management configuration is wrong?
A. When creating a user authentication template, a template can only contain one authentication method
B. Before creating a user authentication template, you need to create a server template
C. iMaster NCE-Campus can be used as RADIUS server or Portal server
D. The authentication template bound to the wired and wireless access points needs to be specified in the
access management of the Fabric
Answer: A
54 / 149
218.An engineer uses two routers to test IPv6 services, and simulates the interconnection between the
headquarters and branches by running BGP4+.
As shown in the figure, an engineer captures packets to view the Update packets sent by R1.
Which of the following descriptions about the message information is correct?

A. This packet describes the currently withdrawn IPv6 route
B. The next hop address of the route described in this packet is: 2001:db8:2345:1::1
C. The route described in this packet may be imported through import
D. The routing address prefix and prefix length described in this packet are: 2001:db8:2345:1::1/128
Answer: D
219.Which of the following descriptions about the SP scheduling algorithm is wrong?

A. SP scheduling algorithm prioritizes queues with high priority
B. When using the SP scheduling algorithm to schedule multiple low-priority queues, the packets that
enter the queue first will be forwarded first
C. In order to ensure the quality of key services, the service can be scheduled through the SP algorithm,
and the minimum bandwidth can be set
D. When using the SP scheduling algorithm, if the high priority occupies a lot of bandwidth, it may cause
the low priority queue to death
Answer: B
220.In the firewall dual-system hot backup scenario, each firewall has a VGMP group. By default, which
of the following working states is the VGMP group in?
A. Standy
B. Initialize
C. Active
D. Load Balance
Answer: C
221.In the design of small and medium-sized campus network, when mutual visits are required between
branches and the number of branches is large (over 100), which of the following interconnection
networking models is recommended?
A. Partial-Mesh networking
B. Hub-Spoke Networking
55 / 149
C. Direct networking
D. Full-Mesh networking
Answer: D
222.Which of the following descriptions about configuring authentication templates is correct?

A. Under the same interface of the same device, all authentications can only be configured with the same
default domain or mandatory domain
B. When multiple access profiles are bound to the authentication profile, the order of triggering
authentication is 802.1X-->Portal-->MAC
C. If the user's mandatory domain is configured, the user will be forced to authenticate in the mandatory
domain regardless of whether the user name carries the domain name or not.
D. The domain that the user accesses by default is the default domain, which cannot be modified by
commands
Answer: C
223.In the VXLAN implementation, which of the following is the mapping relationship between VNI and
BD?
A. 1:1
B. N: 1
C. 1: N
D. N: M
Answer: A
224.Configure ISIS IPv6 cost 50 under the interface, which of the following is the meaning of this
command?
A. The IS-IS IPv6 Level-1 cost of the interface is 50
B. The IS-IS IPv6 Level-1 and Level-2 costs of the interface are both 50
C. The IS-IS IPv6 Level-2 cost of the interface is 50
D. The IS-IS IPv6 Level-1 and Level-2 costs of the interface are both 60
Answer: B
225.Which of the following MPLS L3VPN cross-domain solutions needs to transmit VPNv4 routes
between ASBR?
A. Option D
B. Option B
C. Option A
D. Option C
Answer: B
226.After configuring the VLAN-based MAC address flapping detection function, if the MAC address flaps,
you can configure the actions of the interface as required. Which of the following is NOT a configurable
action?
A. Interface blocking
B. Send an alert
56 / 149
C. Traffic filtering
D. MAC address blocking
Answer: C
227.The value range of DSCP is 0~63, some of which have proper names.
Which of the following DSCP values represent EF?
A. 46
B. 30
C. 22
D. 38
Answer: A
228.The network administrator executes the display current-configuration command to obtain the
configuration file of the device when troubleshooting MSTP faults. In the following description of the
troubleshooting ideas, which one is the wrong?
A. Check the port configuration to check whether the MSTP-enabled port is enabled with the protocol
packet sending command. Such as bpdu enable
B. Whether the MSTP port connected to the user terminal device is disabled or configured as an edge
port
C. Check whether the device port is added to the correct VLAN
D. No matter whether BPDU Tunnel is configured on the device, it will not affect MSTP
Answer: D
229.All routers in a network enable the OSPF-based SR-MPLS function. The SRGB of each router is as
shown in the figure. By default, when R2 forwards a packet whose destination address is 10.0.4.4, which
of the following MPLS labels are carried?
A. 100
B. 40100
C. 30100
D. 3
Answer: B
230.Python Paramiko implements the SSH protocol. In the Python Paramiko module, which of the
following classes is used to create an SFTP session connection and perform remote file operations?
A. Channel class
B. SFTP Client class
C. Packetizer class
D. Transport class
Answer: B
57 / 149
231.Which of the following statements about MP-BGP is wrong?

A. When the PE and CE exchange routes through BGP, a BGP process needs to be created on the CE
for each VPN instance
B. MP-BGP advertises VPNv4 routes through MP_REACHNLRI and MP_UREACH NLRI attributes
C. MP-BGP needs to assign private network labels to VPNv4 routes
D. The packet types and VPNv4 route advertisement policies of MP-BGP are the same as those of BGP-4
Answer: A
232.As shown in the figure, the OSPF protocol is running between CE and PE. When CE1 advertises the
route of this site to CE2, which one of the following descriptions is wrong?
A. When PE2 receives the BGP route sent from PE1 with the same Domain ID as the local one, for Type3
LSA, PE2 will generate Type5 LSA
B. The Domain ID configured on PE1 can be used as the BGP extension community attribute and sent to
PE2 along with the route
C. When PE2 receives a BGP route from PE1 with a different Domain ID from the local one, PE2 will
generate Type5 LSA or Type7 LSA for all LSA
D. When PE2 receives the BGP route sent by PE1 and carries the same Domain ID as the local one, for
Type1 LSA and Type2 LSA, PE2 will generate Type3 LSA
Answer: A
233.As shown in the figure is the output information of a network engineer when troubleshooting OSPF
faults. Based on this, which of the following reasons may cause the adjacency relationship to fail to be
established normally?
A. Inconsistency between Hello messages sent
58 / 149
B. Inconsistent authentication passwords

C. The IP address mask of the interface is inconsistent
D. Inconsistent area types
Answer: C
234.As shown in the figure, the OSPF protocol is enabled on all interfaces of the router, the cost value of
the link is marked in the figure, and the Loopback0 interface of R2 is advertised in area 1.
Based on this, which one of the following is the cost of R1 reaching 10.0.2.2/32?
A. 50
B. 150
C. 200
D. 100
Answer: C
235.In the large and medium-sized virtualized campus network scenario, which of the following
descriptions about the security design of the campus network egress is wrong?
A. Special security devices such as firewalls and intrusion prevention systems can be deployed, and
routers with security functions can also be deployed
B. The exit area can deploy security policies and intrusion prevention to prevent illegal access and attacks
C. Anti-virus and URL filtering can be deployed in the exit area to realize virus detection and URL access
control
D. Security zone division is required, and the Trust zone is usually used to define the zone where the
servers that provide services are located.
Answer: D
236.Which of the following descriptions about Underlay in VXLAN virtualized campus applications is
wrong?
A. The virtualized campus solution uses VXLAN technology and uses MAC in UDP encapsulation to
virtualize a layer of logical network on the traditional IP network
B. When using iMaster NCE-Campus to realize automatic arrangement of two routing domains underlay,
only OSPF routing protocol is supported
C. When using astor NCE-Campus to realize the automatic arrangement of the routing domain of the
underlay network, only the single-area deployment of the routing protocol is supported
59 / 149
D. Underlay achieves IP reachability with the same network, so that service packets encapsulated by
VXLAN can communicate with each other between VTEP nodes
Answer: C
237.Which of the following is the three-layer logical interface used to implement different VXLAN virtual
network communication on the XLAN L3 Gateway?
A. VBDIF interface
B. Layer 2 sub-interface
C. VLANIF interface
D. NVE interface
Answer: A
238.In the virtual campus network scenario deployed through iMaster NCE-campus, which of the
following statements about "adding devices" is wrong?
A. iMaster NCE-campus supports adding devices in batches
B. iMaster NCE-campus supports adding devices through device roles
C. iMaster NCE-campus supports adding devices through device ESN
D. iMaster NCE-campus supports adding devices by device type
Answer: B
239.When a wireless user passes Portal authentication, which of the following parameters is not
supported to authorize the user?
A. free-rule
B. UCL
C. IP address
D. ACL
Answer: A
240.Which of the following descriptions about the GRE security mechanism is wrong?
A. A GRE tunnel can be established only when the identification keywords set at both ends of the tunnel
are exactly the same
B. If the checksum is configured on the local end but not on the peer end, the local end will not check the
checksum of the received packets, but will check the sent packets.
C. If the key word is configured on the local end of the tunnel but not on the opposite end, the tunnel can
normally forward user packets
D. If the local end is configured with a checksum and the opposite end is configured, the local end checks
the checksum of the packets sent from the opposite end, and does not check the checksum of the sent
packets.
Answer: C
241.Network information collection is a prerequisite for network tuning, including network topology and
interface bandwidth collection, link delay collection, and traffic statistics collection. Which of the following
technologies cannot be used for volume statistics collection?
A. Telemetry
60 / 149
B. PCEP
C. Netstream
D. SNMP
Answer: B
242.Which of the following technologies does not support SR-MPLS?

A. BGP
B. IS-IS
C. LDP
D. OSPF
Answer: C
243.Which of the following is correct about the meaning of the display current-configuration | include vlan
command?
A. View all configurations that contain the "VLAN" keyword
B. View the IP address of the VLANIF interface
C. View information about physical interfaces bound to each VLAN
D. Check which VLANs are currently created
Answer: A
244.Which of the following statements about VXLAN capabilities is true?

A. VXLAN uses MAC in UDP encapsulation mode.
B. VXLAN is essentially a VPN technology that can be used to build a Layer 2 virtual network over any
network with reachable routes. The VXLAN gateway is used to implement communication within the
VXLAN network and between the VXLAN network and non-VXLAN network.
C. VXLAN is a Layer 2 tunneling technology and cannot implement Layer 3 communication.
D. When using VXLAN on the network, all intermediate devices on the VXLAN channel must support
VXLAN.
Answer: A
245.In the Huawei CloudCampus solution, which of the following onboarding modes does APs support?
A. CloudCampus Application
B. Registration Center Inquiry
C. Network System
D. CLI
Answer: A
246.In a broadcast network, if the DR priority of the interconnecting interface of two routers is both set to 0,
which state will the OSPF neighbor stay in?
A. DOWN
B. Exchange
C.Full
D. 2-way
Answer: D
61 / 149
247.Assume that the SRH of an SRv6 packet has five segment IDs. When a packet is sent from the third
endpoint, which segment ID will the node use as the IPv6 destination address?
A. 5
B. 3
C. 2
D. 1
Answer: B
248.The Huawei Open Programmable System (OPS) uses HTTP methods to access managed objects to
manage network devices. To facilitate script compilation, Huawei OPS provides Python script templates.
In a Python script template, what are the contents of the Content type and Accept fields in the HTTP
request packet header?
B. text/xml, text/xsml
C. text/json, text/json
D. text/json, text/xml
Answer: B
249.Which of the following fields represents the MIME type of the data in the HTTP request header?
A. MIME-Type
B. Content-Type
C. Data-Type
D. Referer
Answer: B
250.Huawei's Open Programmable System (OPS) provides openness and programmability for network
equipment, and users can carry out secondary development to realize customized functions.
Which of the following commands can be used to view information about OPS scripts installed on network
devices?
A. display ops script
B. display ops file
C. check ops script
D. check ops file
Answer: A
251.During the implementation of iMaster NCE Campus Wi-Fi Location Service (LBS), terminal location
data is sent to the LBS platform through HTTP requests.
Which of the following methods is used in this HTTP request?
A. GET
B. PUT
C. POST
D. DELETE
Answer: A
62 / 149
252.Which of the following scenarios is the SD-WAN solution suitable for?

A. Enterprise branch interconnection
B. Internal interconnection of enterprise data center network
C. Enterprise Campus Wireless Network Deployment
Answer: A
253.When running OSPFv3 on a Huawei router, the OSPFv3 process will automatically select an
interface address as the router ID of the process.
A. True
B. False
Answer: B
254.OSPFv3 adopts the same route advertisement method as OSPFv2: advertise through the network
command in the OSPFv3 area view
A. True
B. False
Answer: B
255.What are the key components of jointly building an IP WAN bearer network solution with Huawei
NetEngine smart routers?
A. iMaster NCE-Fabric
B. iMaster NCE-IP
C. iMaster NCE-Campus
D. iMaster NCE-WAN
Answer: D
256.As shown in the figure, a campus has deployed IPv6 for service testing, and there are 4 routers in the
network. Run OSPFV3 to realize network interconnection.
Which of the following statements is false about the LSA generated by this OSPFV3 network?
A. R1 will generate Router-LSA to describe the device interface information, and will also receive
Router-LSA generated by R2 and R3
63 / 149
B. There is a Network LSA generated by R3 in the LSDB of R1, indicating that R3 may be the DR of this
link
C. R1 will receive 2 Link-LSAs generated by R2, describing the information of the two links connected by
R2 respectively
D. As an ABR, R2 will generate an Inter-Area-Prefix-LSA describing the IPv6 address prefix of Area 1 and
advertise it to R1 and R3
Answer: C
257.Which of the following is not a preliminary preparation for the cutover plan?
A. Field Defence
B. Cutover target
C. Existing network root description
D. Risk Assessment
Answer: A
258.The dynamic IP address assigned to the client by the DHCP server. Usually there is a certain rental
period, so which is wrong description of the rental period?
A. The lease renewal timer is 50% of the total lease period. When the "lease renewal timer" expires, the
DHCP client must perform an HP-only renewal
B. The rebinding timer is 87.5% of the total lease period
C. If the "rebinding timer" expires but the client has not received a response from the server, it will always
send a DHCPREQUEST message to the DHCP server that has previously assigned an IP address until
the total lease expires
D. During the lease period, if the client receives an OHCP NAK message, the client will immediately stop
using this IP address and return to the initialization state, and Kangxin will apply for a new IP address
Answer: C
259.In a VXLAN campus network, which of the following resources can a virtual network call? (Multiple
Choice)
A. External network
B. Wired Access Port and/or Wireless Access Point
C. End user IP address segment, VANL belonging to the VN
D. Web Services Resources
Answer: ABCD
260.If SRv6 is deployed in a wide area bearer network, which of the following technologies are required?
(Multiple Choice)
A. BGP
B. MPLS
C. IGP
D. BGP-LU
Answer: ACD
64 / 149
261.The naming of SRv6 instructions follows certain rules, and the function of the instruction can be
quickly judged from the naming combination.
Which of the following descriptions of keywords in SRv6 directive names are correct? (Multiple Choice)
A. M: Query the Layer 2 forwarding table for unicast forwarding
B. X: Specify one or a group of Layer 3 interfaces to forward packets
C. T: Query the routing table and forward the packet
D. V: Look-up table forwarding according to the VPN instance routing table
Answer: BC
262.The Telemetry network model is divided into two types: generalized and chivalrous. What horizontal
blocks are included in generalized Telemetry? (Multiple Choice)
A. Controller
B. Analyzer
C. Equipment
D. Collector
Answer: ABCD
263.The SSH connection protocol multiplexes encrypted session connections into several logical
channels. What types of logical channels can be created based on an SSH session connection? (Multiple
Choice)
A. TCP/IP forwarding channel
B. X11 channel
C. SFTP channel
D. Session channel
Answer: ABD
264.Which of the following are commonly used techniques for the differentiated service model? (Multiple
Choice)
A. Congestion management techniques
B. Flow rate limiting technology
C. WAN Acceleration Technology
D. Congestion Free Technology
Answer: ABD
265.In MPLS VPN, in order to distinguish IPv4 prefixes that use the same address space, the RD value is
added to the IPv4 address. Which of the following statements about RD is correct? (Multiple Choice)
A. On a PE device, each VPN instance corresponds to an RD value. On the same PE device, the RD
value must be unique.
B. RD is encapsulated in the Update message as the extended community attribute of BGP during the
delivery process
C. RD can be used to control the publication of VPN routing information
D. After the PE receives the IPv4 route from the CE, it adds RD to the IPv4 route to convert it into a
globally unique VPN-IPv4 route, and publishes it on the public network
Answer: AD
65 / 149
266.Which of the following statements about MPLS L3VPN cross-domain solutions are correct? (Multiple
Choice)
A. In the cross-domain potion B solution, ASBR does not need to bind an interface for each VPN instance
B. In the cross-domain potion C solution, two layers of MPLS labels are carried when forwarding user
data between ASBR
C. In the cross-domain potion A solution, MPLS must be enabled on the interfaces interconnected
between ASBRs
D. In the cross-domain potion C solution, VPNv4 routes can be directly transmitted between PEs in
different AS
Answer: ABD
267.Telemetry technology supports specific sampling sensor paths to collect specified data information.
What sampling paths does Telemetry currently support? (Multiple Choice)
A. CPU Information
B. Interface Statistics
C. Memory Information
D. Optical module information on the interface
Answer: ABCD
268.As shown in the figure, the MAC address table of a VXLAN L2 Gateway device is shown. Which of
the following description are correct? (Multiple Choice)
A. The outgoing interface of 5489-922d-77e2 is GE1/0/1.20 and its BD is 20. It can directly communicate
with 5489-9893-48a3 at Layer 2
B. 0000-0000-0010 and 5489-9893-48a3 are both in BD10, they belong to the same Layer 2 broadcast
domain
C. The MAC address entry with the outgoing interface 10.3.3.3 is learned from the remote VTEP through
the VXLAN tunnel
D. The outgoing interface of 5489-9893-48a3 is GE1/0/1.10, and its BD is 10
Answer: BD
269.The channelized sub-interface FlexE technology can be used to implement network slicing, but the
application scenarios of the two technologies are slightly different.
66 / 149
Which of the following descriptions of these two technologies is correct? (Multiple Choice)
A. It is recommended to use channelized interface technology for resource reservation for interfaces
below 50GE
B. Only network slices based on channelized sub-interfaces can be deployed when cross-domain MSTP
devices are used in the network
C. Only network slicing based on FlexE technology can be deployed when TN devices are deployed in the
network
D. It is recommended to use FlexE technology for resource reservation on 50GE and above interfaces in
the network
Answer: ABD
270.As shown in the figure, R1 and R2 establish a GRE tunnel, and execute "Ping-a 10.1.1.1 10.3.1.1" on
R1. At this time, the description of the ICMP packet sent from the GE0/0/1 interface of R1, which is wrong?
(Multiple Choice)
A. The packet will be encapsulated with GRE, the source IP address of the inner IP header is 10.1.1.1,
and the destination IP address of the inner IP header is 10.0.12.2
B. The packet is not encapsulated by GRE, the source IP address is 10.0.12.1, and the destination IP
address is 10.0.12.2
C. The packet is not encapsulated by GRE, the source IP address is 10.1.1.1, and the destination IP
address is 10.3.1.1
D. The packet will be encapsulated with GRE, the source IP address of the outer IP header is 10.1.12.1,
and the destination IP address of the outer IP header is 10.3.1.1
Answer: ABCD
271.The following descriptions about IKEv1 are summarized, which items are correct? (Multiple Choice)
A. There are two negotiation modes in the first phase of IKE: Main Mode and Aggressive Mode
B. IKE Phase 2 negotiation to establish IPSec SA
C. The first phase of IKE negotiation to establish an IKE SA
D. There are two negotiation modes in the second phase of IKE, fast mode (Quick M de) and slow mode
Answer: AB
67 / 149
272.Which of the following descriptions about the Portal protocol are correct? (Multiple Choice)
A. This protocol describes the protocol interaction between the Portal server and the access device, and
can be used to pass parameters such as username and password
B. The protocol adopts a client/server structure and operates based on UDP
C. The protocol supports CHAP and PAP authentication methods. Compared with PAP, CHAP has higher
security
D. The protocol packet uses TLV format to carry attribute information such as username, password, and
user MAC.
Answer: ABCD
273.View the information as shown in the figure through the command on VTEP1, which one of the
following descriptions is correct? (Multiple Choice)
A. The route must carry L3 VNI information when it is advertised to the outside world
B. This is an EVPN Type 5 route
C. This is an EVPN Type 3 route
D. The route carries both MAC information and host IP information
Answer: ACD
274.As shown in the figure, the network has a loop because STP is not enabled. Which of the following
phenomena may be caused? (Multiple Choice)
68 / 149
A. MAC address table flapping

B. Host E can receive a large number of broadcast packets
C. Device CPU usage is too high
D. The device will have a loop alarm
Answer: ABCD
275.After completing the project investigation, in order to clarify the project cutover plan, what needs of
the customer for the network need to be understood? (Multiple Choice)
A. Packet Loss Rate
B. Bandwidth Utilization
C. New business carrying capacity
D. QS
Answer: BC
276.In the VXLAN scenario, in order to reduce the flooding of ARP packets between VTEP, which of the
following features can be enabled? (Multiple Choice)
A. Port isolation
B. Host Information Collection
C. APR broadcast suppression
D. Local APR Proxy
Answer: ACD
277.In a virtualized campus network scenario deployed through iMaster NCE-Campus, when creating a
Fabric network service resource, the parameter information that needs to be configured, including which
of the following? (Multiple Choice)
A. Interconnected Information
B. Server Type
C. Scene Selection
D. Server address
Answer: ACD
69 / 149
278.A campus network deploys the Free Mobility function through iMaster NCE-Campu. Which of the
following information should the administrator pay attention to? (Multiple Choice)
A. Distribution of policies between groups
B. Definition of Security Groups
C. Selection of Policy Enforcement Points
D. Deployment of the Policy Control Matrix
Answer: ABCD
279.A router has the SRv6 function enabled and is configured as shown in the figure.
Which of the following descriptions about the configuration are correct? (Multiple Choice)
[Router-segment-routing ipv6] locator srv6_locator1 ipv6-prefix
2001:DB8:ABCD::64 static 32
A. The l cat r of this node is 2001:DB8:ABCD::
B. The static segment of the node occupies 32 bits
C. The dynamic segment of the node occupies 32 bits
D. The args field of the node occupies 32 bits
Answer: AD
280.The NETC NE content layer is the device configuration data. For the following NETC NEF information,
which description are correct? (Multiple Choice)
A. The configuration adopts the Huawei-YANG method

B. The configuration is to create VLAN 10 on the device
C. The configuration uses the NETCONF <edit-config> operation to load the configuration data into the
startup configuration library
D. <config> contains the "peration" attribute, which is a merge operation
Answer: ABCD
70 / 149
281.The SSH server has been configured and correct. Which of the following Python codes can be run on
the SSH client to successfully establish an SSH connection (the private key file is id_rsa, which is in the
same path as the client station Python script)? (Multiple Choice)
A. import paramiko
Client-paramiko.client.SSHClient()
Client.connect(hostname='192.168.1.1', username='huawei', key filename='id_rsa')
B. import paramiko
Client-paramiko.client.SSHclient()
Client.connect(hostname='192.168.1.1', username='huawei', pkey='id_rsa)
C. import paramik
Client = paramik.Transp rt(('192.168.1.1', 22))
Client.connect(username='huawei', key_filename='id_rsa')
D. import paramiko
Key=paramiko.RSAKey.from_private_key_file('id_rsa')
Client = paramiko.Transport(('192.168.1.1', 22))
Client.connect(username='huawei', pkey=key))
Answer: BD
282.Engineers need to collect the running status of existing network equipment. Currently, there is a
Huawei CE12800 switch with an SSH server configured on the live network. The authentication method is
username and password authentication. The device information is IP address: 192.168.1.1, SSH
username: huawei, SSH password: 123456, and SSH slogan: 22.
Engineers need SSH to log in to the switch to check the memory usage of the device. Which of the
following Python codes can implement this function? (Multiple Choice)
A. import paramiko
Client = paramiko.client.SSHClient()
Client.connect(hostname='192.168.1.1', username='huawei', password='123456')
stdin, stdout, stderr = client.exec_command('display memory')
print(stdout)
Client.close()
B. import paramiko
Client = paramiko.Transport(('192.168, 1.1', 22)
Client.connect(username='huawei', password='123456')
Cli = client.inv ker_she11()
Cli.send('display memory\n')
Dis = clli.recv(999999).dec de()
Cli.cl se()
C. imp rt paramiko
Client = paramiko.Transp rt(('192.168.1.1', 22)
Client.connect(username='huawei', passw rd='123456')
stdin, stdout, stderr = client.exec_command('display memory')
Result=std ut.resd()
For line in result:
Print(line)
71 / 149
Ssh.close()
D. import paramiko
Client.connect(h stname='192.168.1.1', username='huawei', password='123456')
Print(dis)
Cli.close()
Answer: CD
283.There is a Linux SSH server on the existing network. The network administrator uses his own PC
SSH to log in to the server for the first time and receives the following information. Which of the following
descriptions are correct?
The authenticity of host'server (192.168.1.1) can't ba establfished.ECDSA key fingerprint is
53:b9:f9:30:67:ec:34:88:e8:bc:2a:a4:6f:3e :97:95.
Are you sure you want to continue conneacting? (Multiple Choice)
A. The client does not save the public key of the Linuk server
B. The prompt information can be skipped through the SSH method in the Python Paramik library,
set_missing_host_key_policy (WarningPolicy()
C. This prompt can be skipped by the SSH method in the Python Paramik library,
set_missing_host_key_policy(Aut AddPolicy())
D. The client does not save the private key of the Linux server
Answer: AC
284.Which of the following reasons may cause BGP neighbor relationship failure? (Multiple Choice)
A. The loopback interface is used to establish an EBGP neighbor without peer ebgp-max-hop configured
B. ACL filters TCP port 179
C. The peer connect-interface is not configured when establishing neighbors through the loopback port
D. Conflict of router ID of neighbors
Answer: ABCD
285.The network administrator wants to use AS-Path Filter to match the routing entries of BGP routing
ASP_PATH[100 200 300]. The network administrator sorts out the four configurations in the figure, which
configurations in the figure can meet the requirements of the network administrator? (Multiple Choice)
A. Method D
B. Method C
C. Method A
D. Method B
72 / 149
Answer: ACD
286.Please judge according to the information given in the figure, which of the following descriptions are
A. There is no IS-IS routing entry in R1's IP routing table

B. There are 6 routing entries generated by IS-IS in the IP routing table of R1
C. A route entry with prefix 172.16.1.4/32 exists on R1
D. R1 has no route entry to 172.16.1.4/32
Answer: BC
287.After the client passes 802.1X authentication, which of the following authorization information does
the RADIUS server support? (Multiple Choice)
A. VLAN
B. MAC
C. UCL group
D. ACL
Answer: ACD
288.Which of the following are the intelligent operation and maintenance functions supported by the
Huawei Cloud Campus Network Solution? (Multiple choice)
A. Based on big data + AI, providing predictive intelligent tuning capabilities
B. Based on Telemetry technology, monitor the network quality on the wireless side from three
dimensions: AP, radio, and user
C. Ability to analyze network failures based on individual and group problems
D. Visually monitor network quality through network health
Answer: ABCD
289.IPsec is not a separate protocol, but an open standard technical solution. Which of the following
protocols are included in the IPsec protocol framework? (Multiple choice)
A. PKI
B. AH
C. SSL
D. ESP
Answer: ABD
73 / 149
290.All routers in a network enable the OSPF-based SR-MPLS TE function, as shown in the figure for the
network diagram of adjacency label assignment. Which of the following adjacency labels are assigned by
router P3? (Multiple choice)
A. 9003
B. 9005
C. 9006
D. 9002
Answer: CD
291.Which of the following descriptions about Prefix Segment and Adjacency Segment are correct?
(Multiple choice)
A. Prefix Segment is used to identify a destination address prefix in the network
B. Adjacency Segment is used to identify an adjacency in the network
C. Prefix SID is a local SID outside the SRGB range
D. Adjacency SID is the offset value within the SRGB range published by the source
Answer: AB
292.Taking the typical networking of "two places and three centers" as an example, which of the following
levels are generally divided into the WAN bearer network? (Multiple choice)
A. Control layer
B. Core layer
C. Aggregation layer
D. Access layer
Answer: BCD
293.What information carried in the packet does simple flow classification support setting the internal
priority of a packet based on? (Multiple choice)
74 / 149
A. Traffic Class
B. Source or destination IP address
C. MPLS EXP
D. DSCP
Answer: CD
294.Which of the following functional parameter configuration errors will affect the establishment of BGP
neighbors? (Multiple choice)
A. BGP Certification
B. BGP GTSM
C. ebgp max hop
D. BGP route filtering
Answer: ABC
295.Which of the following descriptions about internal priority is wrong? (Multiple choice)
A. The highest internal priority level is EF
B. The highest internal priority level is CS7
C. All external priority garbage can be mapped one-to-one to internal priority
D. There are 8 levels of internal priority
Answer: AC
296.SR MPLS directly uses the forwarding plane of MPLS. Therefore, the MPLS function needs to be
enabled when deploying SR MPLS. When which of the following conditions are met, the interface will
automatically enable the MPLS function? (Multiple choice)
A. Enable Segment Routing in the global view
B. Configure the static adjacency label of the corresponding interface in the Segment Routing view
C. Enable Segment Routing on IGP and enable IGP on the interface
D. Configure SRGB under the IGP process
Answer: AD
297.An enterprise's wide-area bearer network needs to support IPv4 and IPv6 networks, and needs to
deploy SRv6, which of the following parameters need to be planned when planning the IP address of the
network? (Multiple choice)
A. IPv6 address
B. IPv4 address
C. SRv6 Locator
D. SRv6 Function
Answer: ABCD
298.In order to ensure the reliability of Huawei iMlater NCE-WAN controllers, active and standby
controllers can be deployed.
In order to ensure the access of the active and standby controllers, some IP addresses need to be
configured as the same IP. Which of the following addresses need to be configured as the same IP?
(Multiple choice)
75 / 149
A. Southbound private address

B. Northbound address
C. The controller's southbound public network address
D. The Controller's internal interconnection address
Answer: BC
299.RR rules for advertising routes violate the rules of IBGP split horizon, so it may cause loops in the AS.
What routing attributes does RR use to prevent loops? (Multiple choice)
A. Cluster List
B. Originator ID
C. Nexthop
D. AS-PATH
Answer: AB
300.In a small and medium-sized cloud management campus network scenario based on HUAWEI
CLOUD campus network solution, which of the following devices are supported as Portal authentication
point devices? (Multiple choice)
A. FW
B. SW
C. AR
D. AP
Answer: ABCD
301.NETCONF can flexibly read and edit the configuration library, and realize the distribution, verification
and rollback of the overall configuration. Which of the following configuration libraries does NETCONF
support? (Multiple choice)
A. Startup configuration library <startup>
B. Running Configuration library <running>
C. Candidate configuration library <candidate>
D. Backup configuration library <backup>
Answer: ABC
302.A network runs SR-MPLS, and now R1 wants to access R7, and its label stack is as shown in the
figure.
Which of the following may be the path for R1 to access R7? (Multiple choice)
A. R1-R3-R5-R7
76 / 149
B. R1-R2-R4-R6-R7
C. R1-R3-R5-R4-R7
D. R1-R2-R4-R5-R7
Answer: BD
303.In an SR-MPLS network, the manually configured Prefix SIDs on different devices may conflict with
labels.
If there are four routes (prefix/mask SID) as shown in the options, which of the following routes will be
preferred in the end according to the conflict handling principle? (Multiple choice)
A. 3.3.3.3/32 1
B. 1.1.1.1/32 2
C. 1.1.1.1/32 1
D. 2.2.2.2/32 3
Answer: CD
304.As shown in the figure, R1 and R2 establish a GRE tunnel. If it is required that the R1 device "Ping -a
10.1.1.1 10.3.1.1" can be successfully pinged, which of the following commands needs to be configured
on R1 or R2? (Multiple choice)
A. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2";
Configure the following command on R2, "ip route-static 10.1.1.1 255.255.255.255 Tunnel0/0/0"
B. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.25.255 Tunnel0/0/0";
Configure the following command on R2, "ip route-static 10.1.1.1 255.255.255.255 Tunnel0/0/0"
C. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2";
Configure the following command on R2, "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
D. Configure the following command on R1, "ip route-static 10.3.1.1 25.255.255.255 Turnel0/0/0";
Configure the following command on R2, "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
Answer: ABCD
305.According to the information given in the figure, which of the following descriptions are correct?
(Multiple choice)
77 / 149
A. R1 does not have routes for 3002::3/128 and 3002::4/128

B. If no routing policy about AS_Path is configured, then 3002::4/128 must not originate from AS 65001
C. If no routing policy about AS_Path is configured, then 3002::4/128 must originate from AS 65001
D. R1 has routes for 3002::3/128 and 3002::4/128
Answer: CD
306.ping -a X -c Y -s Z -vpn-instance M 10.5.16.2, which of the following descriptions of this command is

correct? (Multiple choice)
A. The ping packet belongs to VPN instance M
B. The ping sends Y ICMP requests
C. The source IP address of the ping packet is X
D. The ICMP request of the ping, the packet size is Z (excluding IP and ICMP headers)
Answer: ABCD
307.Which LSAs in OSPFv3 can be flooded within an area? (Multiple choice)

A. Link-LSA
B. Intra-Area-Prefix-LSA
C. Inter-Area-Router-LSA
D. Inter-Area-Prefix-LSA
Answer: BCD
308.Which of the following key technologies need to be used to implement SRv6 Policy based on the
HUAWEI CLOUD WAN solution architecture? (Multiple choice)
A. PCEP
B. NETCONF
C. BGP-LS
D. BGP IPv6 SR Policy
Answer: ACD
78 / 149
309.Which of the following stages of the SSH session is encrypted transmission? (Multiple choice)
A. Version Negotiation Phase
B. User Authentication Phase
C. Key Exchange Phase
D. Session Interaction Phase
Answer: BCD
310.What are the risks in the communication process of the HTTP protocol? (Multiple choice)
A. Tampering: The third party can modify the content of communications
B. Eavesdropping: The third party can learn the content of communications
C. Losting: communication content may be lost with a small probability during transmission
D. Pretending: the third party can impersonate another person to participate in the communication
Answer: ABD
311.A campus has deployed IPv6 for service testing. There are 4 routers in the network, running OSFv3
to realize the interconnection of IPv6 networks. As shown in the figure, an engineer checked the LSDB of
R2 and intercepted one of the Link-LSAs.
Which of the following statements about the LSA is correct? (Multiple choice)
A. The LSA shows that R2 does not support external routing, but participates in IPv6 routing calculation
B. The link-local address of the R2 interface GE0/0/0 is: FE80::2E0:FCFF:FECD:4F79
C. The router that generated the LSA is R2
D. The IPv6 address prefix of the R2 interface GE0/0/0: 2001:DB8:2345:23::/64
Answer: BCD
312.Which of the following descriptions about the OSPFv3 packet format are correct? (Multiple choice)
A. There is no change in the option field of the Hello message
B. Removed Authentication, Auth Type fields
C. OSPF version number changed from 2 to 3
D. Hello packets no longer contain address information and carry Interface ID
Answer: BCD
313.In the HUAWEI CLOUD campus network solution, which of the following are the deployment
79 / 149
methods supported by HUAWEI switches? (Multiple choice)

A. WEB interface
B. Based on DHCP Option148
C. Command Line Interface (CLI)
D. Huawei Registration and Inquiry Center
Answer: ABCD
(Multiple choice)
A. R1 is IBGP neighbor with 3000:FDEA::3

B. The optimal outgoing interface for R1 to access 3000:FDEA::3 is GigabitEthernet0/0/1
C. R1 has a TCP connection with 3000:FDEA::3
D. R1 learned route 3002::3/128 through IBGP
Answer: ACD
315.Which of the following descriptions about 802.1X authentication are correct? (Multiple choice)
A. 802.1X authentication uses EAPoL (Extensible Authentication Protocol over LAN) to realize the
exchange of authentication information between the client, the device and the authentication server
B. EAPoL defines EAP encapsulation on a network using the IEEE 802.3 protocol, and EAPoW is
required to implement EAP encapsulation on a network using the IEEE 802.11 protocol
C. When using EAP relay mode, EAP packets are directly encapsulated into RADIUS packets (EAP over
RADIUS, referred to as EAPoR) by the network access device, and the network access device uses
EAPoR to perform authentication, authorization and accounting with the AAA server. fee
D. When the EAP termination method is used, the EAP packets are terminated at the network access
device and re-encapsulated into RADIUS packets. The standard RADIUS protocol is used to complete
authentication, authorization and accounting between the network access device and the AAA server.
Answer: ABC
80 / 149
316.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, run the command
on the VTEP to view the BGP EVPN route, and see the route entry as shown in the figure. Which of the
following descriptions of these route entries are correct? (Multiple choice)
A. These route entries are all Type3 routes. which carries the VTEP IP address
B. These route entries are all Type2 routes. It carries the host IP information
C. These routing entries are all Type 3 routes. If the VTEP IP address carried in them is reachable with a
Layer 3 route, a VXLAN tunnel to the peer will be established.
D. These route entries are all Type3 routes. The local end will create a headend replication list after
receiving it
Answer: ACD
317.Which of the following descriptions about the security protocols used by IPsec are correct? (Multiple
choice)
A. The encryption range of ESP is the entire IP packet
B. ESP is an IP-based transport layer protocol with protocol number 50
C. Both AH and ESP support tunnel mode encapsulation
D. The integrity verification scope of AH is the entire IP packet
Answer: BCD
318.Network traffic optimization solves network congestion through a series of behaviors, which of the
following stages are mainly included? (Multiple choice)
A. Network bandwidth reservation
B. Network Information Collection
C. Network Traffic Tuning Calculations
D. Delivery of tuning results
Answer: ABCD
319.Which of the following descriptions about HTTP messages are correct? (Multiple choice)
A. The body of the HTTP response message is the data that the web server wants to return to the client
B. Header fields are used to supplement additional information about HTTP requests and responses
C. The start line is used to describe the execution result in the HTTP request message, and the operation
to be performed is described in the response message
D. The body of the HTTP request message is the data that the client wants to send to the Web server
Answer: ABCD
81 / 149
320.Which of the following descriptions about the forwarding of the Ingress node in the MPLS forwarding
process are correct? (Multiple choice)
A. Find the corresponding NHLFE entry according to the Turn1 ID of the ILM table, and associate the
LFIB entry with the NHLFE entry
B. View the NELFE entry, you can get the outgoing interface, next hop, outgoing label and label operation
type, the label operation type is Push
C. After the Ingress node receives the data packet, it will first check the ILM table to find the Tunnel ID
D. Press the obtained label into the IP packet, process EXP according to the QoS policy, and process the
TTL at the same time, and then send the encapsulated MPLS packet to the next hop
Answer: BD
321.Which of the following descriptions about the REST software architecture design concepts and
principles are correct? (Multiple choice)
A. Each resource has a unique resource identifier, and operations on the resource will not change these
identifiers
B. All operations are stateless
C. Everything on the web can be abstracted as resources
D. Use standard methods to operate resources, the core operations are GET, PUI, POST, DELETE
defined by the HTTP specification
Answer: CD
322.Configuring DHCP Snooping can be used to prevent spoofing attacks. Which of the following steps
should be included in the configuration process? (Multiple choice)
A. Enable the global DAI Snooping function
B. Enable the global DHCP function
C. Enable DHCP Snooping on an interface or VLAN
D. Configure the interface trust state
Answer: ABCD
323.Which of the following descriptions about the multicast addresses used by OSFFv3 are correct?
(Multiple choice)
A. The DR router uses FF08::6
B. The DR router uses FF2::6
C. All OSFF Routers use FF02::5
D. All OSPF Routers use FF08:5
Answer: BC
324.A network administrator wants to use ACLs to match specific routing entries. Which of the following
routing entries will be matched by the ACL rules in the figure? (Multiple choice)
82 / 149
A. 10.0.0.0/24
B. 10.0.2.0/24
C. 10.0.0.1/32
D. 10.0.1.0/24
Answer: AB
325.The following figure shows the MPLS VPN cross-domain Option C solution. In the scenario where RR
exists within the domain, if Option C mode 1 is used, which of the following descriptions about the
neighbor relationship between devices are correct? (Multiple choice)
A. Establish a unicast BGP neighbor relationship between RR1 and RR2

B. Establish a VPNv4 neighbor relationship and a unicast BGP neighbor relationship simultaneously
between PE1 and RR1
C. Establish a VPNv4 neighbor relationship between RR1 and RR2
D. Establish a VPNv4 neighbor relationship and a unicast BGP neighbor relationship between ASBR1
and ASBR2 at the same time
Answer: BC
326.The Discovery message of LDP is used for neighbor discovery, and LDP has different discovery
mechanisms when discovering neighbors, so which of the following descriptions of the Discovery
message in the discovery mechanism are correct? (Multiple choice)
A. This message is encapsulated in a UDP packet, and the destination port number is 646
B. The destination IP address of the message is the multicast IP address 224.0.0.2
C. After the TCP connection is established, the LSR does not continue to send Hello Message
D. The message is sent to the specified LDP Peer
Answer: AB
327.A campus deploys the OSPF protocol to achieve network interoperability, and the LSDB information
of R2 is shown in the figure.
83 / 149
Which of the following information from this LSDB is correct? (Multiple choice)
A. R2 delivers the default route in the OSPF process
B. R2 converts the default route of Type7 LSA to the default route of Type5 LSA
C. There is no Type3 LSA in Area1, it may be that R2 has filtered the Type3 LSA in the outbound direction
of Area1
D. Area1 is the NSSA area
Answer: AD
328.In the VXLAN scenario, in order to reduce the flooding of ARP packets between VTEPs. Which of the
following features can be enabled? (Multiple choice)
A. ARP broadcast suppression
C. Local ARP proxy
D. Port isolation
Answer: ABC
84 / 149
329.Which of the following reasons may cause OSPF neighbors to fail to reach the Full state? (Multiple
choice)
A. The router IDs of the neighbors are the same
B. The link works abnormally
C. The OSPF network types at both ends of the link are inconsistent
D. Interface OSPF MTU configuration are different
Answer: ABCD
330.Which of the following reasons may cause IS-IS neighbor relationship failure? (Multiple choice)
A. The IP addresses of the interfaces at both ends of the storage route are not in the same network
segment
B. The devices on both ends of the link are configured with the same System ID
C. The IS-IS Levels at both ends of the link do not match
D. When an interface establishes an IS-IS Level-1 neighbor relationship, the area numbers of the devices
at both ends of the link do not match.
Answer: BCD
331.Which of the following Commmity attributes can ensure that the propagation scope of EGP routing
entries is only within the AS? (Multiple choice)
A. No_Export_Subconfed
B. No_Export
C. Internet
D. No_Advertise
Answer: AB
332.In an intra-domain MPLS VPN network, when a data packet enters the public network and is
forwarded, it will be encapsulated with two layers of MPLS labels.
Which of the following descriptions about the two-layer label is wrong? (Multiple choice)
A. The outer label is used to correctly send the data packet to the corresponding VPN on the PE device
B. The outer label of MPLS VPN is assigned by LDP or statically, and the inner label is assigned by the
MP-BGP neighbor of the opposite end
C. By default, the outer label is popped before the packet is forwarded to the last hop device
D. The outer label of MPLS VPN is called the private network label, and the inner label is called the public
network label
Answer: AD
333.When configuring an SFTP server on Huawei devices, which of the following commands are not
required (the server uses user Name and password authentication, user name: huawei, password:
123456)? (Multiple choice)
A. [Server] ssh user huawei authentication-type rsa
B. [Server] ssh server enable
C. [Server] aaa
[Server-aaa] local-user huawei password irreversible-cipher 123456
[Server-aaa] 1ocal-user huawei user-group manage-ug
85 / 149
[Server-aaa] 1ocal-user huawei service-type ssh

[Server-aaa] quit
D. [Server] sftp server enable
Answer: AB
334.Which of the following technologies may be used to improve the reliability of the bearer network?
(Multiple choice)
A. BFD/SBFD
B. PIM-SM
C. Anycast FRR
D. Mirror SID
Answer: ACD
335.In which of the following ways can traffic be introduced into the SR-MPLS TE tunnel? (Multiple
choice)
A. In the execution statement of policy routing, use the SR-MPLS TE tunnel interface as the outgoing
interface
B. Use the SR-MPLS TE tunnel as a logical link to participate in IGP routing calculation
C. By configuring the tunnel policy
D. By configuring a static route, specify the outgoing interface of the static route as the tunnel interface of
SR-MPLS TE
Answer: ABCD
336.In the Huawei SD-WAN solution, which of the following items are included in the information
transmitted using EVPN? (Multiple choice)
A. IPsec SA Information
B. NAT Configuration information
C. TNP routing
D. Business Routing
Answer: ACD
337.A company consists of a head office and two branch offices, and uses MPLS VPN technology to
transmit private network routes. In the Hub&Spoke networking mode, branch offices can only send and
receive routes to and from the head office, and branch offices cannot directly send and receive routes to
each other.
Which of the following RT setup schemes can achieve the above requirements? (Multiple choice)
A. Head Office
Import Target: 12:3 Export Target: 3:12 Branch 1:
Import Target: 3:12 Export Target: 12:3
B. Head Office:
Import Target: 1:1, 2:2 Export Target: 3:3
Branch 1:
86 / 149

C. head office
D. Head Office:
Answer: AB
338.As shown in the figure, if you want to realize that the network does not allow users to access the
network through statically configured IP addresses, which of the following solutions can be used?
(Multiple choice)
A. DAI+IPSG
C. DAI+Port Security
D. DHCP Snooping+DAI
Answer: BC
339.A campus network deploys two virtual networks through iMaster NCE-Campus: the R&D VN and the
market VN. The R&D personnel belong to the R&D security group and access the R&D VN, and the sales
personnel belong to the sales security group and access the market VN.
87 / 149
Now the campus network requires R&D personnel and sales personnel to be able to achieve mutual visits.
For the realization of mutual visit requirements, which of the following tasks should network administrators
complete? (Multiple choice)
A. Deploying an external network
B. Configuring VN Interworking
C. Deployment Policy Control Matrix
D. Configure network service resources
Answer: BC
340.In the accompanying business, which of the following descriptions of authentication points and policy
enforcement points are correct? (Multiple choice)
A. The authentication point device will execute the policy according to the source/destination security
group corresponding to the source/destination IP address of the traffic
B. Authentication point and policy enforcement point can be different devices
C. Authentication point and policy enforcement point must be unified
D. The policy enforcement point is responsible for enforcing inter-group policies based on security groups
Answer: BD
341.As shown in the figure, a VP-BCP neighbor relationship is established between PE1 and PE2 through
the Loopback0 interface. After the configuration is complete, it is found that CE1 and CE2 cannot learn
routes from each other. Which of the following items will cause this problem? (Multiple choice)
A. The PH instance parameters on PE1 or PE2 are incorrectly configured

B. Misconfiguration of routing protocols between PE1 or PE2 and their respective CEs
C. The LSP tunnel between PE1 and PE2 is not established
D. PE1 or PE2 does not have neighbors enabled in the BGP-VPv4 unicast address family view
Answer: ABC
342.As shown in the figure, RI, R, R3, and R4 all belong to OSP area 0, and the cost value of the link is
listed in the figure. The LoopbackO interfaces of R1, R2, R3, and R4 have been advertised into OSPF. R1,
R2, R3, and R4 use Loopback0 as the connection interface to establish an IBGP peer relationship. R1,
R2, and R3 are clients of R4. The directly connected network segment 172.20.1.4/32 of R4 has been
advertised into the BGP protocol.
88 / 149
Judging from the above information, regarding the traffic trend of R1 accessing 172.20.1.4/32, which of
the following descriptions are correct? (Multiple choice)
A. If R3 is configured with Stub router on-startup, packets will be lost when R3 is powered off, and no
packets will be lost during R3 startup.
B. The preferred route is R1-R2-R4
C. During the two processes of power failure and startup of R3, there will be packet loss
D. The preferred route is R1-R3-R4
Answer: AD
343.A campus has deployed IPv6 for service testing. There are 4 routers (R1, R2, R3, and R4) in the
network, running OSPFv3 to realize the interconnection of IPv6 networks. A new router R5 needs to be
connected to the network for testing. An engineer introduces a direct route into the OSPFv3 process of R4
to enable devices in the campus network to access the CE0/0/1 port address of R5.
Which of the following statements about the scene is correct? (Multiple choice)
A. R2 will generate a Type4 LSA and only flood in Area 0
B. R4 will generate a Type5 LSA and only flood in Area 1
C. R2 will generate a Type4 LSA describing the Router ID of R4
D. R4 will generate a Type5 LSA describing the imported IPv6 routing prefix
Answer: ACD
344.Which of the following items does the Huawei Cloud Campus Network Solution include? (Multiple
choice)
A. NetEngine AR series routers
B. iMaster NCE-Carpus
C. CloudEngine S-Series Switches
D. iMaster NCE-CampusInsight
Answer: ABCD
345.In the campus network, which of the following problems exist when creating static VXLAN tunnels
manually? (Multiple choice)
A. Static VXLAN tunnels also use related protocols on the control plane. Will cause equipment resource
consumption
B. N devices establish static VXLAN tunnels. Then, at most N (N-1)/2 tunnels need to be manually
configured, and the amount of configuration is large.
C. VTEP can only rely on data flooding to learn the remote MAC address
89 / 149
D. Although the static VXLAN tunnel mode can support distributed gateway application scenarios, the
configuration workload is large and the configuration adjustment is complicated
Answer: BC
346.As shown in the figure, 802.1X authentication is deployed on GE0/0/1 of ST2. Which of the following
descriptions are correct? (Multiple choice)
A. Assuming that SW2 adopts interface-based access control and 802.1x client A passes the
authentication first, if 802.1x client A goes down first, then 802.1x client B will lose the corresponding
network access rights
B. When using interface-based access control, assuming that 802.1X client A is successfully
authenticated, then 802.1X client B can use network resources without authentication
C. When MAC address-based access control is used, both 802.1.x authentication client A and 802.1.x
authentication client B need to be authenticated separately to obtain the corresponding network access
rights
D. Assuming that SW2 adopts MAC-based access control and 802.1X client A passes the authentication
first, if 802.1X client A goes offline first, since the port status has not changed, 802.1X client B will
continue Retain appropriate network access rights
Answer: BCD
347.Which of the following descriptions about the authentication protocol used in the Portal authentication
process are correct? (Multiple choice)
A. When the HTTP/HTTPS protocol is used as the authentication protocol, all devices involved in the
authentication process do not need to support the Portal protocol
B. When the Portal protocol is used as the authentication protocol, the Portal server and access device
only need to support the Portal protocol, and do not need to support the HTTP/HTTPS protocol
C. When the Portal protocol is used as the authentication protocol, the Portal server needs to exchange
authentication information with the access device, and then the access device sends this part of the
information to the authentication server for identity authentication
D. When using HTTP/HTTPS to access the device, the access device sends this part of the information to
the authentication server for identity authentication
Answer: BC
90 / 149
348.Network tuning calculation is to select an appropriate tuning purpose, apply a corresponding

algorithm, and globally or locally compute an optimized path.
Which of the following constraints can the controller take when calculating the path? (Multiple choice)
A. Explicit path
B. Hop count
C. Priority
D. Bandwidth
Answer: ACD
349.Considering the dimensions of transformation cost, technological advancement and the scope of
impact of transformation, which of the following principles should be followed during IPv6 transformation?
(Multiple choice)
A. Select an appropriate IPv6 upgrade and evolution plan from a global perspective, make reasonable
use of the old, and avoid wasting assets
B. Deploy a dual-stack network to achieve long-term coexistence of IPv4 and IPv6 networks
C. Ensure that existing users are unaware and service migration is smooth
D. Build an advanced next-generation enterprise IPv6 network system architecture to fully support the
long-term development and stable operation of enterprise business systems, and avoid network
re-engineering and repeated investment
Answer: ABCD
350.During the SSH public key authentication process, the server decrypts the digital signature generated
by the client through the public key to complete user authentication.
Which of the following objects need to be involved in the generation of SSH digital signatures? (Multiple
choice)
A. Username
B. Public key
C. Public key algorithm
D. Private key
Answer: ABCD
351.What are the parts of the response message of the HTTP/1.1 protocol? (Multiple choice)
A. Response body
B. Response headers
C. Status line
D. Blank line
Answer: ABCD
352.Which of the following are the deployment methods of iMaster NCE-CampusInsight? (Multiple
choice)
A. MSP self-built cloud CloudCampus deployment
B. Local Standalone Deployment
C. Local CloudCampus Deployment
D. Huawei Public Cloud CloudCampus Deployment
91 / 149
Answer: ABCD
353.From the perspective of architecture, Huawei SD-WAN solution can be divided into management
layer, control layer and network layer.
Which of the following devices belong to the network layer? (Multiple choice)
A. FW
B. EDGE
C. GW
D. RR
Answer: BC
354.SRv6 has strong network programming ability, which is reflected in those fields of SRH? (Multiple
choice)
A. Each SRv6 SID
B. Flags
C. Segment List
D. Optional TLV
Answer: ACD
355.IFIT implements end-to-end delay and packet loss statistics by inserting packet headers into service
flows to make color markings. Which of the following is correct? (Multiple choice)
A. Whether in MPLS or SRv6 scenarios, IFIT is in-band detection, so it can sense the service flow status
Flags in real time
B. In the IFIT for SRv6 scenario, the Option TLV in the SRH extension header carries the IFIT-related
information Optional TLV
C. The network device reports information to the controller through Telemetry. The controller obtains
information such as delay and packet loss through calculation
D. In the IFIT for SR/MPLS scenario, the IFIT header is indicated by label 12
Answer: BCD
356.Yangon is the data modeling language of NETCONF. Which of the following belongs to the basic
data model of yangon? (Multiple choice)
A. LEAF node
B. LIST node
C. SER node
D. TREE node
Answer: AB
357.Which of the following is not a function provided by MACsec? (Multiple choice)

A. Controllability
B. Authenticity
C. Encryption
D. Integrity
Answer: BCD
92 / 149
358.In the small and medium-sized campus network, which of the following devices support the
registration center method? (Multiple choice)
A. AP
B. FW
C. AR
D. SW
Answer: ABCD
359.Which of the following protocols does IPsec include? (Multiple choice)

A. PKI
B. SSL
C. AH
D. ESP
Answer: CD
360.Which of the following source node behaviors allow devices to be inserted into the SRH? (Multiple
choice)
A. Insert
B. insert.red
C. encaps
D. encaps.red
Answer: AB
361.In SR-MPLS, the manually configured prefix sid of different devices may conflict, so according to the
conflict handling principle, which of the following will be selected in the end? (Multiple choice)
A. 1.1.1.1/32 1
B. 1.1.1.1/32 2
C. 3.3.3.3/32 1
D. 2.2.2.2/32 3
Answer: AD
362.Which of the following types of SIDs does BGP EPE assign to inter-domain paths? (Multiple choice)
A. peer-prefix
B. peer-set
C. peer-adj
D. peer-node
Answer: BCD
363.Which of the following about IKEv1 is correct? (Multiple choice)

A. Phase 2 Negotiation of IPSec SA
B. The first phase of negotiation to establish an IKE SA
C. Two modes in the first stage: main mode, brutal mode
D. Two modes in the second stage: fast and slow
93 / 149
Answer: ABC
364.Which of the following descriptions about the label encapsulation format in MPLS is correct? (Multiple
choice)
A. For Ethernet and PPP packets, the label stack is like a "shim" between the Layer 2 header and the data.
When there is a VLAN tag, the MPLS header is placed between the Ethernet header and the VLAN tag
B. The total length of a single MPLS label is 4 bytes
C. The TTL field in the label is similar to the TTL (Time To Live) in the IP packet, and it also has the effect
of preventing loops.
D. The length of the S field in the label is 1 bit, which is used to identify whether the label is the bottom
label of the stack. When the value is 1, it indicates the second-to-last layer label.
Answer: BC
365.For which packets can Huawei equipment perform traffic suppression? (Multiple choice)
A. Broadcast
B. Multicast
C. Unknown Unicast
D. Known Unicast
Answer: BCD
366.Which of the following descriptions about the MPLS header TTL is correct? (Multiple choice)
A. MPLS handles TTL in two ways. One is to copy the IP TTL value of the TTL of the MPLS header when
the IP packet enters the MPLS network; the other is to set the TIL of the MPLS header to 255 at the
ingress LER.
B. It can prevent infinite loop forwarding of messages
C. When copy TTL is prohibited, Tracert can see the LSR of the passing MPLS domain
D. The processing method of copying the IP TTL value hides the LSR of the MPLS domain and plays a
certain security role
Answer: AB
367.DHCP Snooping is a DHCP security feature that can be used to defend against various attacks.
Which of the following about the types of attacks that DHCP Snooping can defend against are correct?
(Multiple choice)
A. A starvation attack where the defense department changes the CHADDR value
B. Defense against man-in-the-middle attacks and IP/MAC spoofing attacks
C. Defense Against DHCP Bogus Attacks
D. Anti-TCP flag attack
Answer: AC
368.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, which of the
following descriptions about symmetric IRB forwarding are correct? (Multiple choice)
A. Ingress VTEP only performs L2 table lookup
B. The VNI carried in the VXLAN header is L3 VNI when forwarding cross-network segment user
communication packets between VTEPs
94 / 149
C. Egress VTEP only performs L2 table lookup and forwarding

D. Ingress VTEP and Egress VIEP will perform L3 table lookup and forwarding
Answer: BD
369.Port Security enhances the security of the device by converting part of the MAC address into a
secure MAC address and preventing hosts other than the secure MAC from communicating with the
device through this interface.
Which of the following is a secure MAC? (Multiple choice)
A. Secure Static MAC Address
B. Protected MAC address
C. Sticky MAC address
D. Secure Dynamic MAC Address
Answer: ACD
370.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when BGP EVPN
Type 2 routes are used to transmit IRB type routes, which of the following information is carried? (Multiple
choice)
A. Layer 2 VNI
B. Layer 3 VNI
C. Host MAC address
D. Host IP address
Answer: ABCD
371.In the Huawei SD-WAN solution, which of the following routing protocols can be used on the LAN
side to connect to the Layer 3 network? (Multiple choice)
A. RIP
B. IS-IS
C. OSPF
D. BGP
Answer: CD
372.MPLS supports the establishment of LSPs in a static or dynamic manner. In the MPLS TE scenario,
which of the following protocols can establish dynamic LSPs? (Multiple choice)
A. OSPF
B. RSVP-TE
C. BGP
D. IS-IS
Answer: ABD
373.SR-MPLS can use the IGP protocol to advertise topology information, prefix information, SRGB and
label information. In order to complete the above functions, OSPF defines TLVs for SIDs and SR-MPLS
capabilities of network elements.
Which of the following TLVs does OSPF use to advertise the Prefix SID and Adjacency SID of SR-MPLS?
(Multiple choice)
95 / 149
A. LAN Aaj-SID Sub-TLV

B. SID/Label Sub-TLV
C. Prefix SID Sub-TLV
D. Adj-SID Sub-TLV
Answer: CD
374.Which of the following is included in the SR Policy triple? (Multiple choice)

A. color
B. dscp
C. endpoint
D. headend
Answer: ACD
375.XML is the encoding format of the NETCONF protocol. NETCONF uses text files to represent
complex hierarchical data.
<?xml version="1.0" encoding="UTF-8“?>
<note>
<to>Learners</to>
<from>Huawei</from>
<heading>Reminder</heading>
<body>Don't forget Reading!</body>
</note>
For the following XML file, which of the following descriptions are correct? (Multiple choice)
A. encoding: Indicates the character set encoding format, currently only UTF-8 encoding is supported
B. <?: Indicates the start of an instruction
C. /: Indicates the end of the current label
D. ?>: Indicates the end of an instruction
Answer: ABCD
376.The enterprise wide-area bearer network needs to provide different quality of service guarantees for
various services. At this time, QoS planning can be used to ensure that various services are reasonably
forwarded on the bearer network. Which of the following descriptions about QoS planning principles are
A. Reasonable: Allocate reasonable resources based on the importance of the business
B. Maintainability: Actual business changes rapidly, and QoS policy may need to be adjusted frequently
during routine maintenance. It needs to be easily adjusted and maintained.
C. Scalability: the current QoS policy needs to consider subsequent business expansion
D. Consistency: QoS planning involves business classification, marking, scheduling, speed limiting and
other behaviors, and the entire network needs to be consistent
Answer: ABCD
377.Which of the following location reporting methods does the iMaster NCE-Campus support to
implement Wi-Fi-based location services? (Multiple choice)
A. After the network device is transferred, it is reported to the LBS Server
96 / 149
B. WLAN AP reports terminal location data through Bluetooth Beacon packets

C. WLAN AP directly reports terminal location data
D. iMaster NCE-Campus relay reports terminal location data
Answer: ABCD
378.Which of the following statement about LDP is correct? (Multiple choice)

A. Relying on hello packets to establish LDP session
B. After receiving the label mapping relationship sent by the other party, the establishment of the LDP
session is completed
C. Maintain LDP sessions by keepalive packets.
D. Negotiate parameters by init message.
Answer: ACD
379.Which of the following sequences can be represented by the regular expression [100200]$? (Multiple
choice)
A. 300 200 100
B. 100 300 200
C. 200 100 300
D. 100 200 300
Answer: CD
380.Part of the configuration of the switch is shown in the figure.
Which of the following descriptions about the configuration on this switch is correct? (Multiple choice)
A. First you need to create a DHCP server group and add a DHCP server to the server group
B. The VLANIF 100 interface will send the received DHCP packets to the external DHCP Server through
the relay
C. Both DHCP server and DHCP Delay must be configured with DHCP enabled globally
D. Specify the DHCP server group for the VLANIF100 interface as dhcp group1
Answer: ABCD
(Multiple choice)
A. There are 2 equivalent paths for R1 to access 172.16.1.4
97 / 149
B. There are 4 equivalent paths for R1 to access 172.16.1.4

C. R1 needs to go through a 4-hop router to access 172.16.1.4
D. R1 needs to go through a 2-hop router to access 172.16.1.4
Answer: AD
382.Which of the following description of the MPLS header TTL are correct? (Multiple choice)
A. The processing method of copying the IP TTL value hides the LSR of the MPLS domain and plays a
certain security role
B. MPLS handles TTL in two ways. One is to copy the IP TTL value of the TTL of the MPLS header when
the IP packet enters the MPLS network, and the other is to uniformly set the TTL of the MPLS header to
255 in the ingress LER.
D. It can prevent infinite loop forwarding of messages
Answer: BD
383.According to the information given in the figure, which of the following statements are correct?
(Multiple choice)
A. There is a loop when R1 accesses 172.17.1.5

B. R1 has a route between 172.17.1.5
C. R1 has no problem accessing the path of 172.17.1.5
D.R1 has no route to access 172.17.1.5
Answer: AB
98 / 149
384.In a virtualized network scenario deployed through iMaster NCE-Campus, when creating a fabric, it is
necessary to configure the fabric global resource pool, which of the following items are included? (Multiple
choice)
A. Bridged Broadcast Domain (BD)
B. Interconnecting IP Address Resources
C. XLAN Network Identity (VNI)
D. VLAN resources
Answer: ACD
385.In the Huawei SD-WAN solution, which of the following descriptions of the Hub-Spoke topology are
A. Hub-Spoke topology mode supports dual-Hub site networking
B. Hub-Spoke topology mode supports network-segment-based hub site active-active
C. Hub-Spoke topology mode supports active-active hub site based on Spoke site
D. Hub-Spoke topology mode supports four-Hub site networking
Answer: ABC
386.As shown in the figure, R1 and R2 establish a GRE tunnel. If it is required to successfully ping when
R1 "Ping 10.3.1.1", which of the following commands needs to be configured on R1 or R2? (Multiple
choice)
A. Configure the following command on R2: "ip route-static 10.1.1.1 255.255.255.255 Turnnel0/0/0"
B. Configure the following command on R1: "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2"
C. Configure the following command on R2: "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
D. Configure the following command on R1: "ip route-static 10.3.1.1 255.255.255.255 Turnnel0/0/0"
Answer: AD
387.Which of the following descriptions about the SD-WAN resale scenario by operators are correct?
(Multiple choice)
A. Enterprises can realize the connection between SD-WAN network and traditional operator backbone
network through SD-WAN GW
B. Operators provide a unified SD-WAN controller to provide SD-WAN services for multiple enterprises
C. Enterprises can manage and control their own SD-WAN services through the tenant rights assigned by
the operators, or they can be hosted by the operators, and the operators can manage and control the
SD-WAN services of the enterprises
99 / 149
D. Enterprises can act as tenants and rent SD-WAN services provided by operators. Enterprise tenants
can control SD-WAN services of all sites within the enterprise, but cannot see SD-WAN services of other
tenants
Answer: ABCD
388.In the scenario of dynamically establishing a VLAN tunnel through BGP EVPN, run commands on the
VTEP to view the detailed information of the BGP EVPN route and see the route information as shown in
the figure. Which of the following descriptions are correct? (Multiple choice)
A. This is an IRB type Type2 route

B. This route contains RT and EVPN Router's MAC Extended Community extended community attributes
C. This is a Type5 route
D. Import RT contains 0:2 or 0:3 VPN instances can learn the host routing information contained in this
route
Answer: AD
389.As shown in the figure, in the scenario of dynamically establishing a VLAN tunnel through BGP EVPN,
VTEP1 transmits a BGP EVPN Type2 route to VTEP2, where the EVPN RT value is 20:1, then which of
the following description about this scenario are wrong? (Multiple choice)
A. VTEP2 will drop the route directly

B. VTEP2 compares the RT value carried by the route, which is different from the IRT value of the EVPN
instance bound to BD20, so VTEP2 will discard the route
100 / 149
C. VTEP2 compares the RT value carried by the route, which is the same as the IRT value bound to the
IP VPN instance VTEP_VBDIF20, so VTBP2 will learn the IP routing entry carried in the route
advertisement packet into the IP routing table corresponding to the IP VPN instance
D. VTEP2 compares the RT value carried by the route, which is different from the IRT value of the EVPIt
instance bound to R20, so TEP2 will not learn the MAC address entry carried by the route into the MAC
address table of BD20
Answer: BD
390.As shown in the figure, if 802.1x authentication needs to be enabled on the GE0/0/2 and GE0/0/3
interfaces of SW3, the RADIUS server needs to be used for user authentication and authorization
delivery.
Which of the following configuration steps are required? (Multiple choice)

A. Configure the 802.1X access profile
B. Configure certificate horizontal pole
C. Configure the AAA scheme
D. Configure the authentication domain
Answer: ABCD
391.The topology shown in the figure adopts VXLAN distributed gateway, VBDIF10 on SW1 is configured,
and the arp-proxy local enable command is used, which of the following descriptions are correct?
(Multiple choice)
101 / 149
A. The ARP entry on PC1 is, 172.16.1.2 MAC B

B. The ARP entry on PC1 is, 172.16.1.2 MAC D
C. SW1 receives the message sent from PC1 to PC2, and will perform L2 table lookup and forwarding
D. SW1 receives the message sent by PC1 to PC2, and will perform L3 table lookup and forwarding
Answer: BD
392.As shown in the figure, in the scenario of dynamically establishing a BXLAN tunnel through BGP
EVPN, VTEP1 transmits a BGP EVPN Type2 route about PC1 to VTEP2. Which of the following
descriptions about this scenario are correct? (Multiple Choice)
A. The route is an IRB type route

B. The RT value carried by this route is 10:1
C. The RT value carried by this route is 100:1
D. The RD value carried by the route is 103:1
Answer: ABD
393.Ethernet is a broadcast-enabled network, and once there are loops in the network, this simple
broadcast mechanism can have catastrophic consequences.
Which of the following phenomena may be caused by loops? (Multiple choice)
A. Serious packet loss during network test via ping command
B. CPU usage exceeds 70%
102 / 149
C. Use the display interfacet command on the device to view interface statistics and find that the interface
receives a large number of broadcast packets
D. The device cannot record remotely
Answer: ABCD
394.In the following description of OSPF Router LSA and Network LSA, which items are wrong? (Multiple
choice)
A. Routers running OSPF must generate Router LSAs
B. There must be both Router LSA and Network LSA in the NSPF network
C. A router running OSPF must generate a Network LSA
D. Network LSA carries both topology and routing information
Answer: BC
395.In the virtualized campus network deployed through iMaster NCE-campus, administrators should
configure the parameters as shown in the figure.
Which of the following statements about this operation is correct? (Multiple choice)
A. The administrator is configuring VN interworking
B. After this step is completed, the controller will deliver the static route corresponding to the
VPN-Instance to the device
C. After this step is completed, the controller will deploy OSPF on the device
D. The administrator is creating the VN
Answer: AB
396.Overlay network topology in Huawei SD-WAN solution system, which of the following items are
included? (Multiple choice)
A. Full-Mesh
B. Hierarchical Topology
C. Partial-Mesh
D. Hub- Spoke
Answer: ABCD
397.In Huawei SD-WAN solution, which of the following items are mainly included in the application
optimization function? (Multiple choice)
A. Application Identification
B. Intelligent routing
C. QoS
103 / 149
D. Wide-area optimization
Answer: ABCD
398.The NETCONF content layer configures data for the device. Configuration data requires a modeling
language. Which of the following are the content layers currently supported by Huawei devices? (Multiple
choice)
A. ONF-YANG
B. OpenConfig-YANG
C. Huawei-YANG
D. IETF-YAG
Answer: BCD
399.HTTP/1.1 is the mainstream standard today. Regarding the HTTP/1.1 request message, which of the
following request methods are included? (Multiple choice)
A. GET
B. POST
C. PATCH
D. DELETE
Answer: ABCD
400.The unified monitoring and performance management of network equipment is an important function
of the operation and maintenance platform. Which of the following protocols or technologies does the
operation and maintenance platform obtain equipment monitoring data? (Multiple choice)
A. Telemetry
B. Netstream
C. Syslog
D. SNMP
Answer: ABCD
401.Which of the following description about configuring static VXLAN access are correct? (Multiple
choice)
A. An NVE interface can be associated with multiple VNIs. So when there are multiple BDs, only one NVE
interface can be created
B. For a VXLAN tunnel, a corresponding NVE interface needs to be created, in which the source IP
address and destination IP address are clearly specified. Therefore, if there are multiple VXLAN tunnels
on the VIEP, the corresponding number of NVE interfaces must be configured.
C. In the NVE interface, the destination address of the VXLAN tunnel is specified by the address in the
headend replication list. Multiple VXLAN tunnels can create only one NVE interface
D. A BD needs to create an NVE interface when there are multiple BDs. Multiple NVE interfaces must be
created
Answer: AC
402.In the firewall dual-system hot backup scenario, which of the following situations will cause the local
device to actively send VGMP packets? (Multiple choice)
104 / 149
A. The dual-system hot backup function is enabled

B. Link Detection Packet Timeout
C. Priority increase
D. The dual-system hot-standby function is turned off
Answer: ACD
403.Which of the following are the Features of HTTP? (Multiple choice)

A. Using UDP encapsulation
B. Media independence
C. Stateless
D. No connection
Answer: BCD
404.Which of the following information needs to be planned for network cutover? (Multiple choice)
A. QoS
C. Packet Loss Rate
D. Business situation
Answer: BD
405.After the port security function is enabled, if the number of MAC addresses learned on the interface
reaches the upper limit, which of the following processing methods may be taken by the port? (Multiple
choice)
A. Discard the message with the new MAC address and report an alarm
B. Discard the message with the new MAC address and do not report an alarm
C. The interface is error-down, and the alarm is reported.
D. The interface is error-down, and the alarm is not reported.
Answer: ABC
406.Which of the following statements about MPLS VPN cross-domain solutions are correct? (Multiple
choice)
A. In the OPTION C scheme, when transferring between ASBRs, carry two layers of labels
B. In the OPTION A scheme, ASBR cannot open MPLS
C. In the OPTION C scheme, PEs can directly exchange VPNv4 routing information
D. In the OPTION B scheme, the intermediate link does not need to process the label information.
Answer: ACD
407.Which of the following statement is correct? (Multiple choice)

A. The next hop of this packet is 2001::xxxxxx
B. This packet only carries one attribute, and multi-protocol cannot reach NLRI
C. The prefix carried by this packet is 2001::xxxxxx
D. This message is used to revoke the relevant routing information.
Answer: BCD
105 / 149
408.Regarding ISIS equivalent routing, which of the following statements is correct? (Multiple choice)
A. If load balancing is used, the data packets are evenly distributed on each link
B. The priority of an equal-cost route can be adjusted, the route with higher priority is forwarded first, and
the rest of the links are backed up
C. If the priority is the same, the packet will be preferentially forwarded to a certain link according to the
principle that the smaller the system-id, the better
D. If the number of equal-cost routing entries exceeds the number set by the device, the entire load will be
shared.
Answer: ABC
409.Which of the following layers does the telemetry protocol include? (Multiple choice)
A. Transport layer
B. Communication layer
C. Data encoding layer
D. Data Model Layer
Answer: ABCD
410.There are three families in a residential building: A, B, and C.

Family A leases 30M network bandwidth, and purchases voice phone, Internet TV and broadband
Internet access services.
Family B leases 20M of network bandwidth and purchases Internet TV and broadband Internet access
services.
Family C rents 10M network broadband and only purchases broadband Internet access services.
The operator has made the HoS configuration on the access device as shown in the figure below. Which
of the following descriptions are correct? (Multiple choice)
A. The Internet TV service of family A can obtain a maximum bandwidth of 30M, and the broadband
Internet service of family C can obtain a maximum bandwidth of 10M
B. Home A's voice and telephone services can obtain a bandwidth of 30M at most, and home B's Internet
TV service can obtain a maximum bandwidth of 10M
C. Family A's broadband Internet access service can obtain a maximum bandwidth of 30M, and family B's
Internet TV service can obtain a maximum bandwidth of 20M
D. The broadband Internet service of family A can obtain a maximum bandwidth of 10M, and the
broadband Internet service of family C can obtain a maximum bandwidth of 10M
Answer: AC
106 / 149
411.Which of the following aspects should be considered in the cutover risk assessment? (Multiple
choice)
A. Location of key risk points
B. Losses from Risk
C. Timing of Risk Impact
D. Scope of Risk Impact
Answer: ABCD
412.Which of the following is the key technology for implementing SRv6 strategy based on Huawei Cloud
WAN solution architecture? (Multiple choice)
A. BGP-LS
B. BGP IPv6 SR Policy
C. PCEP
D. Network form
Answer: ABC
413.LDP uses discovery messages to discover neighbors. Which of the following statements about the
basic discovery mechanism is true? (Multiple choice)
A. The destination IP address of the LDP discovery message is the multicast IP address 224.0.0.2.
B. LDP discovery messages are sent to the specified LDP peers.
C. After the TCP connection is established, the LSR no longer sends Hello messages.
D. LDP discovery messages are encapsulated into UDP packets with destination port number 646.
Answer: ACD
414.Ethernet supports broadcasting. In the event of a network loop, this simple broadcast mechanism can
lead to catastrophic consequences.
Which of the following symptoms may be caused by a loop? (Multiple choice)
A. Users cannot log in to the device remotely.
B. The display interface command outputs a large number of broadcast packets received on the display
interface.
C. CPU usage exceeds 70%.
D. During the ping test, many ICMP packets are lost.
Answer: ABCD
415.Regarding forwarding equivalence classes (FEC) in MPLS, which of the following statements is
incorrect? (Multiple choice)
A. Packets with the same FEC are handled differently on MPLS networks.
B. FEC can be flexibly divided according to source IP address, destination IP address, source port,
destination port, protocol type, VPN or any combination of them.
C. MPLS classifies packets with the same forwarding processing mode into one FEC.
D. An FEC is marked with only one unique label.
Answer: AB
107 / 149
416.Regarding the security protocols used by IPsec, which of the following statements is true? (Multiple
choice)
A. AH performs an integrity check on the entire IP packet.
B. ESP encrypts the entire IP packet.
C. Both AH and ESP support tunnel encapsulation.
D. ESP is an IP-based transport layer protocol with protocol number 50.
Answer: ACD
417.Regarding the hub-and-spoke topology in Huawei SD-WAN solution, which of the following
statements is correct? (Multiple choice)
A. The hub-and-spoke topology mode supports dual hub networks.
B. The hub-and-spoke topology mode supports segment-based active hub sites.
C. The hub-and-spoke topology mode supports active hub sites based on spoke sites.
D. The hub-and-spoke topology mode supports networking with four hub sites.
Answer: ABC
418.Which of the following intelligent operation and maintenance functions does Huawei CloudCampus
solution support? (Multiple choice)
A. Use telemetry to monitor AP, radio, and user wireless network quality.
B. Provide visual monitoring of network quality based on network health.
C. Analyze network failures based on individual and group failures.
D. Provide predictive intelligence optimization capabilities based on big data and artificial intelligence.
Answer: ABCD
419.Huawei CloudCampus solution supports the free mobility function. Which of the following
descriptions about the free mobility function is correct? (Multiple choice)
A. Administrators can centrally manage network-wide policies on the controller and execute business
policies on devices
B. In the free mobility solution, the administrator does not need to repeat the configuration for each device
C. The controller is not only the authentication center in the campus network, but also the management
center of the business policy
D. Administrators do not need to pay attention to users' IP addresses when configuring policies
Answer: ABCD
420.In PIM, which of the following description about DR is correct? (Multiple choice)
A. PIM routers become PIM neighbors by exchanging Hello packets. The Hello packets carry the DR
priority and the interface address of the network segment.
B. On the shared network segment of the connected group members, the DR is responsible for sending a
Register join message to the RP. The DR connected to the group member is called the group member
side DR
C. On the shared network segment connected to the multicast source, the DR is responsible for sending
the Join registration message to the RP. The DR connected to the multicast source is called the source
DR
108 / 149
D. If the current DR fails, the PIM neighbor relationship will time out, and a new round of DR election will
be triggered between other PIM neighbors
Answer: AD
421.RTA is the source DR router, RTB is the RP router, the multicast source sends multicast data to RTA,
but the multicast source registered to it through the PIM Register message cannot be seen on RTB, what
are the possible reasons? (Multiple choice)
A. There is no unicast route from RTB to RTA, which causes RTB to fail the RPF check of the source
B. The multicast network dynamically elects the RP, but the RTA fails to check the RPF of the BSR
C. RP elected by RTA is not RTB
D. The multicast network is statically configured with RP, but the RTA router is not statically configured
with RP
Answer: ACD
422.Which of the following descriptions about Filter-Policy are correct? (Multiple choice)
A. Filter-Policy can be used on both OSPFv2 and OSPFv3
B. In the distance vector protocol, because routing information is passed between devices, Filter-Policy
can directly
C. Filtering In the link state routing protocol, the routing table is generated by LSDB, so Filter-Policy is
essentially filtering the LSAs in the LSDB
D. In the distance vector protocol, if you want to filter out the route from the upstream device to the
downstream device, you need to configure filter-policy export on the downstream device.
Answer: AB
423.What functions can Huawei iMaster NCE products achieve? (Multiple choice)
A. Devices can be managed across manufacturers
B. Network Automation
C. Provide a variety of open API interfaces
D. Predictive maintenance based on big data and Al
Answer: ABCD
424.In the security assistance of Agile Controller, which of the following description of security linkage
components are correct? (Multiple choice)
A. The log reporting device is undertaken by the network devices, security devices, policy servers,
third-party systems, etc. in the middle of the network. It is mainly responsible for providing network
information and security logs.
B. Client devices are producers of network information and security logs
C. The linkage policy execution device is undertaken by the switch, which is mainly responsible for the
security response of the dark part of the linkage between the devices after the security time occurs.
D. The security defense component of Agile Controller is responsible for log collection and processing,
event correlation, security situation presentation, and security response.
Answer: ACD
109 / 149
425.In order for the eSight network management to be able to receive and manage devices and report
alarms, what conditions must be met? (Multiple choice)
A. The device is managed by the network management
B. The correct trap parameters are configured on the device side
C. The managed devices on the network management should be configured with the correct SNMP
protocol and parameters
D. The network management and equipment should be connected
Answer: ABCD
426.Which of the following statements about ASPF and Servermap are correct? (Multiple choice)
A. ASPF checks the application layer protocol information and monitors the application layer protocol
status of the connection
B. ASPF determines whether packets pass through the firewall by dynamically generating ACLs
C. Configure NAT Server to generate static Server-map
D. The Servermap table uses a five-tuple to represent a conversation
Answer: AC
427.When congestion occurs, which of the following indicators of Qos are usually affected? (Multiple
choice)
A. Transmission delay
B. Transmission Jitter
C. Transmission bandwidth
D. Transmission distance
Answer: ABC
428.What information of the message can be marked or remarked? (Multiple choice)

A. MAC Address information
B. Any information in the message
C. IP Source, Destination Address, EXP information
D. IP DSCP. IP Precedence, 802.1p.EXP information
Answer: ACD
429.Regarding the statement of ASPF and Server-map, which of the following is correct? (Multiple
choice)
A. Server-map is usually only used to check whether the message after the first message channel is
established or forwarded according to the session table
B. After the channel is established, the message is still forwarded according to the Server-map
C. The server-map entry will be deleted after a certain aging time because there is no packet matching.
This mechanism ensures that the looser channel such as the Server-map entry can be deleted in time; it
ensures the security of the network. When a new data connection is subsequently initiated, the
establishment of the Server-map entry will be re-triggered
D. Only ASPF will generate the Sever-map table
Answer: AC
110 / 149
430.Which of the following working modes does the interface of the firewall have? (Multiple choice)
A. Exchange Mode
B. Transparent Mode
C. Transmission Mode
D. Routing Mode
Answer: BD
431.LSR retains the received label, and there are several ways to retain it, then which of the following
statement about LDP label retention - free mode is correct? (Multiple choice)
A. Keep all labels sent by neighbors
B. Requires more memory and label space
C. Keep only labels from next-hop neighbors and discard all labels from non-next-hop neighbors
D. Save memory and label space
E. Reduced LSP convergence time when IP route convergence next hop changes
Answer: ABE
432.Which protocol modules can BFD detection be linked with? (Multiple Choice)
A. VRRP
B. OSPF
C. BGP
D. Static routing
Answer: ABCD
433.Which description is correct for the configuration on this switch? (Multiple Choice)
A. By default, both DHCP server and DHCP delay must be enabled to enable DHCP service
B. VLANIF100: The interface will send the received DHCP packets to the external DHCP Server through
the relay
C. Specify the DHCP server group as dhcpgroup for the VLANIF1O0 interface
D. First you need to create a DHCP server group and add a DHCP server to the server group
E. By default, DHCPgroup1 will automatically add a DHCP server in the network
Answer: ABCD
434.By default, the D main ID of each SPF process running on the router is the same as the process ID of
the process, which can be modified through the d main-id command under the process.
A. True
B. False
Answer: B
435.BFD can implement link status detection at the ms (millisecond) level.

A. True
B. False
Answer: A
111 / 149
436.In the DU label distribution mode, if the Libera1 retention mode is adopted, the device will retain the
labels distributed by all LDP peers, regardless of whether the LDP peer is the optimal next hop to the
destination network segment.
A. True
B. False
Answer: A
437.Traditional BGP-4 can only manage IPv4 unicast routing information. MP-BGP extends BGP-4 in
order to support multiple network layer protocols.
The feature that MP-BGP supports for IPv6 unicast networks is called BGP4+, and BGP4+ carries routing
next-hop address information through the Next_Hop attribute.
A. True
B. False
Answer: B
438.The request header field Accept-Language indicates the language type desired by the client.
A. True
B. False
Answer: A
439.In the MA network, if IS-IS is used to publish the Adjacency SID, since every IS-IS router will publish
the Adjacency SID, it is not necessary to select DIS at this time.
A. True
B. False
Answer: B
440.Node Segments in SR-MPLS must be manually configured.

A. True
B. False
Answer: B
441.The enterprise WAN connects the enterprise headquarters and branches, the enterprise and the
cloud, and also realizes the interconnection between the clouds.
A. True
B. False
Answer: A
442.When configuring an IPsec tunnel on Huawei AR series routers, you must create an IPSec tunnel
interface. Otherwise, user data cannot be encrypted.
A. True
B. False
Answer: B
112 / 149
443.To isolate the communication between wired user terminals, you can enable port isolation on the
access switch; however, for wireless users, APs cannot implement user isolation.
A. True
B. False
Answer: B
444.As shown in the figure, the SPF protocol is enabled for all classes of the router, the cost of the link is
marked in the figure, and the Lookback class end announcement of R2 is in area 0.
In area 1, both R2 and R3 transmit the routing information of 10.0.2.2/32 in the form of Type3 LSA.
A. True
B. False
Answer: A
445.The down of the BFD session causes the direct link to fail.
A. True
B. False
Answer: B
446.A campus deployed IPv6 for service testing. In the initial stage of deployment, engineers wanted to
implement network interoperability through IPv6 static routes. When creating an IPv6 static route, you can
specify both the outbound interface and the next hop, or you can specify only the outbound interface or
only the next hop.
A. True
B. False
Answer: B
447.When there is a relay between the DHCP client and the DHCP server. If the IP address in the global
address pool of the DHCP server is not in the same network segment as the IP address of the VLANIF
interface connected to the client on the relay device, a DHCP failure will occur.
113 / 149
A. True
B. False
Answer: A
448.As shown in the figure, on the R1 router, the network administrator can control the path of the traffic
entering AS100 after modifying the MED value of the routing entry sent to R2 through the routing policy.
A. True
B. False
Answer: A
449.The ipv6 enable topology standard is configured in the IS-IS protocol view. The meaning of this
command is that IPv4 and IPv6 share the same topology.
A. True
B. False
Answer: B
450.SR-MPLS issues labels and reserves bandwidth through the extended IGP, thereby supporting
large-bandwidth services.
A. True
B. False
Answer: B
451.For the same MAC address, manually configured MAC entries have higher priority than automatically
generated entries.
A. True
B. False
Answer: A
452.VXLAN uses VNI to distinguish tenants. A tenant can have one or more VNIs, and the VNI length is
24 bits, so VXLAN supports up to 12 M tenants.
A. True
B. False
Answer: B
453.As shown in the figure, all interfaces of the router enable the SPF protocol, in which R4 and R5 can
establish an OSPF virtual connection.
114 / 149
A. True
B. False
Answer: B
454.When deploying a BGP/MPLS VPN, when two VPNs have a common site, the common site must not
use overlapping address spaces with other sites of the two VPNs.
A. True
B. False
Answer: B
455.The traffic shaping technology will temporarily cache the data that exceeds the forwarding threshold.
For the data in the cache, you can use the congestion management technology to discard the data
packets from the cache queue in advance to prevent the cache queue from being full.
A. True
B. False
Answer: A
456.The traffic shaping technology will temporarily cache the data that exceeds the forwarding threshold.
For the data in the cache, you can use the congestion management technology to discard the data
packets from the cache queue in advance to prevent the cache queue from being full.
A. True
B. False
Answer: A
457.In the dual-system hot backup scenario of the firewall, service interfaces need to be added to the
security zone, and heartbeat interfaces do not need to be added to the security zone.
A. True
B. False
Answer: B
458.iMaster NCE-CampusInsight uses SNMP technology to collect performance indicators and log data
of network devices, and discover network anomalies based on real business traffic.
A. True
B. False
Answer: B
115 / 149
459.iMaster NCE-Campus control does not support device management through SNMP.
A. True
B. False
Answer: B
460.In the Huawei SD-WAN solution, the CPE needs to establish a control channel before being
managed by the iMaster NCE-WAN controller.
A. True
B. False
Answer: B
461.MPLS LDP sends a large number of packets to maintain the protocol neighbor relationship and path
status.
A. True
B. False
Answer: A
462.NETCONF uses SSL to implement secure transmission, and uses the RPC (Remote Procedure Call)
remote call mechanism to implement the communication between the client and the server.
A. True
B. False
Answer: A
463.As shown in the figure, the operator's BGP/MPLS IP VPN backbone network constructs LSPs
through LDP. If the two sites of user X are to communicate through the BGP/MPLS IP VPN network, PE1
and PE2 must use a 32-bit mask. Loopback interface address to establish MP-IBGP peer relationship.
A. True
B. False
Answer: A
464.In an SR network, if IS-IS is used to transmit the SID, the Node SID advertised by the Level-2 router
is only transmitted within the same area by default.
A. True
B. False
Answer: B
465.The difference between SRv6 and SR-MPLS is that the segment in the SRv6 SRH will not be ejected
after being processed by the node, so the SRv6 header can be used for path backtracking.
116 / 149
A. True
B. False
Answer: B
466.When BGP/MPLS IP VPN is deployed, the OSPF VPN Route Tag is not transmitted in the extended
community attribute of MP-BGP, but is only a local concept, only on the PE router that receives MP-BGP
routes and generates OSPF LSA Significant.
A. True
B. False
Answer: B
467.The OPS (Open Programmability System) function of Huawei network equipment enables users to
run Python scripts on the local PC and call the open RESTful API interface of the equipment.
A. True
B. False
Answer: B
468.The path of the SR-MPLS TE tunnel can be calculated by the controller or the tunnel head node.
A. True
B. False
Answer: A
469.In the Huawei SD-WAN solution, the RR is automatically selected after the CPE goes online, and the
iMaster NCE-WAN controller does not need to be involved.
A. True
B. False
Answer: B
470.In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when a BGP EVPN
route is passed between VTEPs, the BGP EVPN route will be discarded only if the RT value carried by
the route is different from the EVPN IRT and IP VPN IRT.
A. True
B. False
Answer: B
471.When an administrator creates a policy control matrix, when a source security group has policies for
multiple destination groups, the matching order of different policies needs to be distinguished by priority.
A. True
B. False
Answer: A
472.Free Mobility implements policy management and permission control based on the user's VLAN and
IP.
A. True
117 / 149
B. False
Answer: B
473.Under the distributed gateway, VNI is divided into L2 VNI and L3 VNI. The L2 VNI is a common VNI,
which is mapped to the broadcast domain BD in a 1:1 manner to implement the forwarding of VXLAN
packets on the same subnet; the L3 VNI is associated with the VPN instance. It is used to forward VXLAN
packets across subnets.
A. True
B. False
Answer: A
474.Traffic policing can only be used in the inbound direction. Its function is to monitor the traffic entering
the device to ensure that the upstream device does not abuse network resources.
A. True
B. False
Answer: B
475.When encountering a large-scale network cutover project, it can be divided into several relatively
independent but related small cutovers.
A. True
B. False
Answer: A
476.After snetconf server enable is configured on a Huawei network device, the client can establish a
NETCONF connection with the device through port 830.
A. True
B. False
Answer: B
477.When policy linkage is deployed in the campus network, a CAPWAP (Control And Provisioning of
Wireless Access Points) tunnel is established between the control point and the enforcement point device,
and CAPWAP is used to implement user association, message communication, user authorization policy
issuance, and user services data forwarding, etc.
A. True
B. False
Answer: A
478.The following figure shows the MPLS VPN cross-domain Option B solution. If ASBR-PE1 and
ASBR-PE2 are only responsible for transmitting VPNv4 routes, you can configure the following command
on ASBR-PE1: [ASBR-PE1-bgp-af-vpnv4] undo peer 10.0 .34.4 enable
118 / 149
A. True
B. False
Answer: B
479.ESI (Ethernet Segment Identifier) has a total length of 10 bytes and is unique in the entire network.
A. True
B. False
Answer: A
480.As shown in the figure, all routers in the figure run the OSPF protocol.
Because R3 is in the backbone area, there are no three types of LSAs in the LSDB of R3.
A. True
B. False
Answer: B
481.The public key is public and does not need to be kept secret. Private keys are held by individuals and
are not disclosed and disseminated to the public.
A. True
B. False
Answer: A
482.Currently, Huawei uses the TLS protocol as the bearer protocol of the NETCONF protocol.
A. True
B. False
Answer: B
483.In an SRv6 network, a Locator is an identifier of a network node in the network topology, which is
used to route and forward packets to the node. In the SR domain, the Locator of each node must be
unique.
119 / 149
A. True
B. False
Answer: A
484.The full name of HTTP is Hypertext Transfer Protocol, which is an application layer protocol for
distributed, collaborative, and hypermedia information systems.
A. True
B. False
Answer: A
485.Segment Routing SR (Segment Routing) is a technical architecture designed to forward data packets
on the network based on the concept of source routing. Segment Routing MPLS refers to SR based on
MPLS label forwarding, referred to as SR-MPLS.
A. True
B. False
Answer: A
486.If network admission control is deployed on the campus network, if a terminal device fails the
admission authentication, the terminal cannot access all network resources.
A. True
B. False
Answer: B
487.LLDP (Link Layer Dizcovary Protocol) is a link discovery protocol defined in IEEE 802.1ab. Because
it works at the data link layer, it cannot obtain the management address of neighbors.
A. True
B. False
Answer: B
488.In the small and medium-sized campus network based on HUAWEI CLOUD campus network
solution, the On-Premise mode is recommended for the controller deployment mode.
A. True
B. False
Answer: A
489.The terminal management of iMaster NCE-Campus provides terminal identification function, which
can display terminal type, operating system, and manufacturer information.
A. True
B. False
Answer: A
490.In a virtualized campus network scenario, all devices in the VXLAN domain must support the VXLAN
feature.
A. True
120 / 149
B. False
Answer: B
491.The <config> operation of the NETCONF protocol may contain an optional "operation" attribute, if not
specified, the default action is creat.
A. True
B. False
Answer: B
492.The VN on i-master-nce is equivalent to VPN-instance, which plays the role of business isolation.
A. True
B. False
Answer: A
493.After traffic shaping is deployed, congestion avoidance techniques are used in the cache queue to
prevent the cache queue from being filled.
A. True
B. False
Answer: A
494.The function of using the command ipv6 preference in the ISIS process is to adjust the routing priority
of IPv6.
A. True
B. False
Answer: A
495.In 6PE and 6VPE networking scenarios, it is not necessary to enable VPN-instance on PEs.
A. True
B. False
Answer: B
496.In SR-MPLS, segment-NOD must be manually configured

A. True
B. False
Answer: B
497.EVPN's L2VPN and L3VPN use two address clusters.

A. True
B. False
Answer: A
498.In the MPLS L3VPN inter-AS Option C solution, if there is an RR, the RR cannot transmit the VPNv4
route without changing the next hop address when it reflects the VPNv4 route to the neighbor.
A. True
121 / 149
B. False
Answer: B
499.HTTP/2 is a low-latency Internet transport layer protocol based on UDP.

A. True
B. False
Answer: B
500.Node segments in SR-MPLS must be configured manually.

A. True
B. False
Answer: B
501.The enterprise WAN provides the interconnection between the enterprise headquarters and
branches, between the enterprise and the cloud, and between the cloud.
A. True
B. False
Answer: A
502.BFD can implement millisecond-level link status detection.

A. True
B. False
Answer: A
503.If you run the ipv6 enable topology standard command in the is-is view, then IPv4 and ipv6 share the
same topology.
A. True
B. False
Answer: A
504.Traffic shaping can only be used in the outbound direction. Its purpose is to control the rate of
outgoing packets.
A. True
B. False
Answer: A
505.During the evolution from OSPFv2 to OSPFv3, the format and function of the LSA remain unchanged,
except that the network layer address in the LSA is changed from IPv4 to IPv6.
A. True
B. False
Answer: B
506.In Huawei SD-WAN solution, the topology of different VNs must be the same.
A. True
122 / 149
B. False
Answer: B
507.iMaster provides terminal identification, displaying terminal type, operating system and manufacturer
information.
A. True
B. False
Answer: A
508.Network admission control can be deployed at different network layers according to actual network
requirements. Deploying it at the access layer enables finer-grained rights management and higher
network security than deploying at the aggregation or core layers.
A. True
B. False
Answer: A
509.When establishing a VXLAN tunnel between VTEPs, it is recommended to use the IP address of the
loopback interface on the VTER instead of the IP address of the physical interface as the VTEP IP
address of the VXLAN tunnel.
A. True
B. False
Answer: A
510.A company purchased private lines from two operators. In order to optimize the lines, the company
used the 6GP protocol to learn the routing entries of the two operators. However, the enterprise found that
after this configuration, the traffic of the egress route increased greatly. After the network engineering
investigation, it was found that the traffic of the two operators was transmitted to each other through the
enterprise egress router.
Therefore, the enterprise intends to use the routing strategy so that the traffic of the packets of different
carriers is no longer transmitted to each other. Is the configuration in the following figure correct?
A. True
B. False
123 / 149
Answer: A
511.As shown in the figure, OSPF is deployed in a campus, and Area1 is deployed as an NSSA area.
In the case of missing header, R2 will automatically generate the missing header route of Type7 LSA and
flood it in the NSSA area.
A. True
B. False
Answer: A
512.To prevent hackers from attacking user devices or networks through MAC addresses, you can
configure the MAC addresses of untrusted users as black hole MAC addresses to filter out illegal MAC
addresses.
A. True
B. False
Answer: A
513.In an MPLS network, SRs running the DP protocol exchange LDP messages to implement functions
such as neighbor discovery, session establishment and maintenance, and label management. To ensure
the reliability of message delivery, all LDP messages are sent and received based on TCP connections.
A. True
B. False
Answer: B
514.There are two types of stream mirroring: local stream mirroring and remote stream mirroring.
A. True
B. False
Answer: A
515.BFD determines whether a fault occurs by periodically detecting packets. It is a fast fault detection
mechanism that relies on routing protocols.
124 / 149
A. True
B. False
Answer: B
516.BFD (Bidirectional Forwarding Detection) technology is a fast detection technology, but it is relatively
complex and requires special manufacturer equipment support.
A. True
B. False
Answer: B
517.The traffic of the traditional network is connected to the VXLAN network by the edge node, and the
VXLAN network accesses the VXLAN external network through the ( ) node. (Fill in English, the first letter
is capitalized)
Answer: Border
518.When L3VPNv4 ver SRv6 BE is configured, if RR is used in the SR domain, you need to configure
the () command on the RR to ensure that the PEs at both ends can correctly learn VPNv4 routes. (Please
enter the complete command, no extra spaces, all letters are lowercase)
Answer: display bgp vpnv4 all routing-table
519.DiffServ-based horizontal QS has four major components: traffic classification and marking, traffic
policing and shaping, congestion management and ().
Answer: avoid
520.There are many SR-MPLS TE tunnel protection mechanisms, among which ( ) FRR adopts the
method of constructing a virtual node, converts multiple identical route advertisement nodes into a single
route advertisement node, and then calculates the backup downlink of the virtual node according to the
TT-LFA algorithm. One hop, thus realizing fast switching of traffic when a fault occurs. (Fill in English
terms, capitalize only the first letter)
Answer: Anycast
521.Huawei AR series routers are configured with GRE tunnels and enable keepalive detection. By
default, the interval for sending keepalives is ( ) seconds.
Answer: 5
522.To configure a static VXLAN tunnel, the parameters that need to be manually configured are: ( ),
VTEP IP address, and headend replication list. (All letters capitalized)
Answer: VNI
523.In a campus, SPF is deployed to achieve network interoperability, and SPF is also enabled on the
GE0/0/2 interface of R3.
Among them, Area1 is deployed as an NSSA area, and the addresses of each device are shown in the
figure.
125 / 149
An engineer configures a static route on R3 to access the loopback interface address of R4, and imports
the static route in the SPF process. At this time, in the Type5 LSA received by R1, the forwarding address
(FA) is: ( ) (please fill in the IP address without mask)
Answer: 10.1.34.4
524.VGMP packets are encapsulated by UDP packet headers and VGMP packet headers. By default, the
UDP port used by VGMP packets is ( ).
Answer: 18514
525.In order to improve network security, a company uses static MAC address binding for all internal
computers. Now buy a new host with MAC address 5489-98FD-7B7F. The network administrator
connects the host to the corporate network by executing the mac-address ( ) 5489-98FD-7B7F
GigabiteEthernet 0/0/1 vlan10 command. (Please use English lowercase letters to complete the
command, and the command cannot be abbreviated)
Answer: static
526.For VXLAN external networks, VTEP transmits network segment routes through Type ( ) BGP EVPN
routes, which are used to instruct VXLAN internal hosts to access external networks. (Arabic numerals)
Answer: 5
126 / 149
527.In the Vxlan-based virtualized campus network, the Fabric networking can select Vxlan to the access
layer. The nodes in this networking include: Border, transparent node, ( ). (expressed in English, and the
first letter is capitalized)
Answer: Edge
528.The scheduling algorithm used by the LPQ queue is ( ).

Answer: SP
529.The VxLAN network is connected to the external network through the ( ) node.
Answer: border
530.<rpc xm/ns="xxxx" message-id="1024" belongs to layer( ) in netconf.

Answer: message
531.( ) in SRv6 is the identifier of the network node, so in the SR domain, it is necessary to ensure that
this parameter of each node is unique. (The first letter is capitalized, spelled out)
Answer: Segment Identifier
532.There are two subscription methods for telemetry, of which the shorter subscription time is ( ). (full
name)
Answer: Dynamic subscription
533.NCE uses ( ) technology to collect network performance indicators and logs. (Capitalized)
Answer: Telemetry
534.According to different bearer technologies, the bearer modes of traditional wide area bearer networks
can be divided into MPLS bearer modes and ( ) bearer modes. (English terms are used with all capital
letters)
Answer: SDH
535.Ingress VTEP performs L2 and L3 table lookup and forwarding at the same time. The forwarding
mode is _( )_IRB forwarding.
Answer: symmetry
536.As shown in the figure, when PE1 receives an ARP request, PE1 will forward the ARP request to PE4
and carry two layers of label information, in which the label value 201 is defined by the EVPN type ( ).
(only fill in Arabic numerals)
127 / 149
Answer: 1
537.VxLAN tunnel has several contents that must be configured: ( ), tunnel source address, headend
replication list.
Answer: VNI
538.The Cost value of the loopback0 port from AR5 to AR1 is ( ).
Answer: 3
539.In OSPFv3, the LSA whose propagation range is one area has the ( ) class. (Fill in Arabic only)
Answer: 129
540.IS-IS is a link-state routing protocol that uses the SPF algorithm for route calculation. A campus
deploys both IPv4 and IPv6 and runs IS-IS to achieve network interconnection.
As shown in the figure, the network IPv4 and IPv6 have the same overhead, and R1 and R4 only support
IPv4.
128 / 149
By default, in the IPv6 shortest path tree formed by calculation, the next hop device for R2 to access R6 is
( ). (Note: The device name must be consistent with the picture, such as: R1)
Answer: R3
541.Please complete the configuration of the following static VXLAN tunnels and drag the corresponding
configuration to the corresponding area.
129 / 149
Answer:
542.Please match the classification related to the MPLS label of Huawei routers with the default method.
Answer:
543.When encountering network failures, engineers often use the hierarchical failure method. Because all
models follow the same basic premise, when all of a model's lower-level structures work properly, its
130 / 149
higher-level structures can only work properly. Please match the following check items to the
corresponding levels according to the hierarchical method.
Answer:
544.The network administrator needs to permit or deny some specific routes, but the network
administrator is not proficient in configuration, please help him sort the configuration reasonably so that
the device can permit or deny specific routes according to the requirements in the figure.
131 / 149
Answer:
545.As shown in the figure, to enable the traffic between Site1 and Site2 to pass through the Hub-CE,
VPN instances on two Spoke-PEs have been configured. Two VPN instances need to be created on the
Hub-PE. The instance VPN_in is used to receive routes from Spoke-PE, and the instance VPN_ut is used
to advertise routes to Spoke-PE. Please select Import RT of VPN_in and Export RT of VPN_ut
respectively.
132 / 149
Answer:
200：1 ——VPN_in imp rt RT
100：1 —— VPN_ut exp rt RT
546.Please arrange the development process of iMaster NCE business open and programmable in order
1HLD Design
2 Demand analysis
3 Business package development
4 Enter the production environment
5 Network element driver package development
Answer: 2-1-5-3-4
547.NETCONF defines a series of operations, please match NETCONF operations and functions
accordingly.
133 / 149
Answer:
548.In the network shown in the figure, user access authentication needs to be deployed. Please select
the appropriate authentication method at different authentication points.
134 / 149
Answer:
549.CE1 and CE2 belong to the same VPN, and the name of the VPN instance is vpna. Through option C
mode 1, CE1 and CE2 can communicate with each other.
To accomplish this, match the following command line with the device number.
135 / 149
Answer:
550.There is a certain order in the execution of QOS, please sort the following QOS function modules in
the correct order.
136 / 149
Answer:
551.There are three types of channels in the Huawei SD-WAN solution architecture. Please correspond
the channels and their names in the figure one by one.
137 / 149
Answer:
552.gRPC is a language-neutral, platform-neutral, open source remote procedure call (RPC) system. The
gRPC protocol stack has five layers, please arrange the gRPC protocol stack in order from the lower layer
to the upper layer.
Answer:
138 / 149
553.Authentication header AH (Authentication Header, packet authentication header protocol) in IPsec is

an IP-based transport layer protocol, and its IP protocol number is ( ). (fill in Arabic numerals).
Answer: 51
554.As shown in the figure, the entire network of a company uses OSPF to connect the network, but
Router S and Router E cannot establish an OSPF neighbor relationship. When network administrators
detect OSPF faults, they can run the display ospf 100 interface CE0/0/1 ( ) command on RouterS to
obtain error-related information. Users can diagnose OSPF faults based on the information. (Please use
English lowercase letters to complete the command, and the command cannot be abbreviated)
Answer: error
555.As shown in the figure, R1, R2, R3, and R4 are in the same MPLS domain, and LDP is used to
distribute MPLS labels between devices. R4 is the Egress LSR of the FEC 4.4.4.0/24. If R1 wants to
access 4.4.4.0/24, R4 does not need to query the label table but can know the forwarding priority of the
data, then the outgoing label of R3 for the FEC is ( ). (Please fill in the Arabic numerals directly without
symbols).
Answer: 0
556.By executing the ( ) command, users on different ports in the same VLAN can be completely isolated
at Layer 2 and Layer 3 and cannot communicate. (Please use English lowercase letters to complete the
Answer: port-isolate mode all
557.CE1 and CE2 belong to the same VPN, and the name of the VPN instance is vpna. Through Option C
mode 1, CE 1 and CE 2 can communicate with each other. To meet this requirement, ASBR-PE1 is
configured with two routing policies ( ) for [ASBR-PE1-bgp]peer route-policy policy2 export (only fill in the
IP address).
139 / 149
Answer:
10.0.34.4/10.0.4.4
558.NCE has five security groups are ( ). (separated with commas)

Answer:
Static security group, dynamic security group, Any security group, escape security group, unknown
security group
559.As shown in the figure, please associate the user authentication result with the corresponding access
authority. (Drag and drop)
Answer:
Before certification 1
Failed certification or failed security check2
Certification passed 3
140 / 149
560.Please match the following commands to their functions.
Answer:
561.The figure shows an enterprise WAN bearer network. Please plan appropriate metric values for the
four links in the figure.
Answer:
562.The Python script of the OPS (Open Programability System) function of Huawei network equipment
uses the HTTP method to access the management objects of the network equipment. Please drag the
HTTP method to correspond to its function.
141 / 149
Answer:
563.There are three levels of queues in HQoS: Level1l, Level2, and Level3. Please map the following
queue names to the queue levels one by one. (Drag and drop)
Answer:
564.For VXLAN-based virtualized campus network planning, three main module designs need to be
considered, including underlay network design, fabric design, and overlay network design. Please drag
the module on the left below to the corresponding current module on the right for specific considerations.
(Drag and drop)
142 / 149
Answer:
565.Please match the following authentication technologies to their applicable scenarios. (Drag and drop)
Answer:
566.As shown in the figure, there is a packet containing a three-layer label header. Please select the
values (decimal) corresponding to the X, Y, and Z fields in the figure.
143 / 149
Answer:
567.CE1 and CE2 belong to the same WPN, and the name of the VPN instance is vpna. CE1 and CE2
can communicate with each other through OptionC mode 1. To accomplish this, match the following
command line with the device number. (Drag and drop)
144 / 149
Answer:
568.The virtualized campus network deployed through the iMaster NCE-Campus is shown in the figure,
and the parameters and the positions where the parameters are deployed are in one-to-one
correspondence.
145 / 149
Answer:
123456
1. Export interconnect vlan
2. Loopback
3. Vxlan tunnel
4. BD
5. Transparent transmission of BPDUs
6. Access vlan
569.The configuration shown in the figure is executed on R2 to filter all the received routes. Suppose
there is a BGP route with the AS_Path attribute of [100 200 300 400] on R1 that needs to be sent to R2.
Please help the network administrator to adjust the route on R1. The order of AS in the AS_Path attribute
ensures that routing entries will not be filtered by R2's routing policy.
100 This space corresponds to the [A] space in the routing policy
200 This space corresponds to the [B] space in the routing policy
300 This space corresponds to the [C] space in the routing policy
400 This space corresponds to the [D] space in the routing policy
Answer:
200 400 100 300
570.As shown in the figure, if the packet describes an IPsec packet in tunnel mode, please insert the
corresponding packet header into the correct position. (Drag and drop)
Answer:
New IP Header 1
AH Header 2
ESP Header 3
Raw IP Header 4
571.During the SSH algorithm negotiation phase, the two parties send SSH packets to each other, and
the packets contain a list of multiple algorithms supported by them. For the composition of the algorithm
list. Please sort them in the order of negotiation (that is, which class algorithm is negotiated first, which
class algorithm is negotiated second, and so on).
146 / 149
Answer:
572.Please match the OSPFv3 LSA with its delivery range.
Answer:
573.The following is the main process for the controller to issue an SR-MPLS Policy. Please sort the
processes in order.
147 / 149
Answer:
574.VGMP defines multiple packet types. Please match the packet type and function.
Answer:
575.Please sort the traffic categories: marking, policing, shaping, congestion management, congestion
avoidance:
A. Policing
148 / 149
B. Marking
C. Congestion Avoidance
D. Congestion Management
E. Shaping
Answer: BACDE
149 / 149
KillTest Exam
Title : HCIE-Datacom
H12-891_V1.0-ENU
Q1
According to different network conditions, Layer 2 Portal authentication or Layer 3 Portal authentication can be
deployed in the network. Which of the following descriptions is wrong?
A. When there is a Layer 2 network between the client and the access device, that is, the client and the access
device are directly connected (or only Layer 2 devices exist between them), then Layer 2 Portal authentication
can be configured.
B. When using Layer 2 authentication, the access device can learn the MAC address of the client, and the access
device can only use the MAC address to identify the user
C. When there is a Layer 3 network between the client and the access device, that is, there is a Layer 3
forwarding device between the client and the access device, you need to configure Layer 3 Portal
authentication.
D. When using Layer 3 authentication, the access device can learn the IP address of the client and use the IP
address to identify the user
Answer: B
Q2
In the campus VXLAN network, which of the following equipment is used to connect the Fabric and the external
network of the Fabric?
A. Extended
B. Border
C. Transparent
D. Edge
Answer: B
Q3
In the scenario of establishing a VXLAN tunnel in the BGP EVPN state, which of the following descriptions about
the role of BGP EVPN Type 3 routes is wrong?
A. If the VTEP IP address carried by the received Type3 route is reachable by the Layer 3 route, a VXLAN tunnel
to the peer will be established.
B. Type3 routing will carry L3 VNI
C. Type3 routing transmits Layer 2 and VTEP IP address information
D. In the case where the VTEP IP address of the Type3 route is reachable at Layer 3, if the peer end is the same
as the local end, a headend replication table is created for subsequent BUM packet forwarding
Answer: B
Q4
The GRE tunnel supports the MPLS LDP function.
A. TRUE
B. FALSE
Answer: A
Q5
BIER, as a new forwarding technology, adopts the basic IGP routing protocol and unicast routing forwarding
mechanism, so that there is no need to run IGMP between the multicast receiver and the multicast router.
A. TRUE
B. FALSE
Answer: B
Q6
In the process of client SSH login to a server configured with username and password authentication only, it will
not go through the key exchange stage (no key will be generated).
A. TRUE
B. FALSE
Answer: B
Q7
As shown in the figure, which of the following descriptions is wrong? The packet information of VLAN
configuration delivered by NETCONF protocol is as follows:
A. The purpose of this NETCONF message is to create VLAN 10 on the device.

B. The <target> tag indicates the configuration library used by the NETCONF message. In this example, it is the
startup configuration library.
C. <edit-config> indicates that the function of the message is to modify, create or delete configuration data
D. <protocol Vlan xc: operation="merge"> means modify the existing or non-existing target data in the
configuration database, create if the target data does not exist, and modify if the target data exists
Answer: B
Q8
Which of the following descriptions about BGP/MPLS IP VPN routing interaction is wrong?
A. After receiving the VPNv4 route advertised by the ingress PE, the egress PE filters the VPNv4 routes according
to the RT attribute carried by the route.
B. The egress PE can send IPv4 routes to the remote CE through BGP, IGP or static routes
C. The exchange between PE and CE is IPv4 routing information
D. The ingress PE converts the IPv4 routes received from the CE into VNPv4 routes, and saves them according to
different VPP instances
Answer: A
Q9
Network slicing technology can divide exclusive network resources in the network to carry high-value service
traffic. Which of the following descriptions about network slicing is wrong?
A. The channelized sub-interface technology adopts single-layer scheduling to realize flexible and refined
management of interface resources and provide bandwidth guarantee
B. Generally, network slicing can be realized based on the channelized sub-interface FlexE technology
C. The layer used by the network slicing technology is different from that of the SR tunnel, and can be used at
the same time as the SR tunnel
D. FlexE technology divides resources according to TDM time slots, satisfies the requirements of exclusive
resource sharing and isolation, and realizes flexible and refined management of interface resources
Answer: A
Q10
Based on the information given in the figure, which of the following statements is correct?
A. Unable to determine the device type of R3
B. The device type of R3 must be Level-1-2
C. The device type of R3 must be Level-2
D. The device type of R3 must be Level-1
Answer: B
Q11
Which of the following regular expressions can match only the BGP route entries that pass through AS300 and
then AS200?
A. ^200|^300
B. 200$|300$
C. _200 (200 300) _
D. _200[200 300]_
Answer: C
Q12
As shown in the figure, the host implementing the 10.0.1.0/24 network segment accesses 10.0.4.0/25
unidirectionally through virtual system a (vsysa) and virtual system b (vsysb). Which of the following commands
need to be used to configure the route?
A. Configure the following command on virtual execution system b: ip router-static vpn-instance vsysb 10.0.1.0
255.255. 255.0 vpn-instance vsysa
B. Configure the following command on virtual system a: ip route-static 10.0.1.0 255.255.255.0 10.1.2.1
C. Configure the following command on virtual system a: ip route-static vpn-instance vsysa 10.0.4.0
255.255.255.0 vpn-instance vsysb
D. Configure the following command on virtual execution system b: ip route-static 10.0.4.0 255.255.255.0
10.0.34.4
Answer: C
Q13
Which of the following descriptions about the difference between SPFv2 and SPFv3 are correct?
A. Both SPFv2 and SPFv3 support interface authentication, and OSPFv3 authentication is still implemented based
on the fields in the SPF packet header
B. SPFv3 is similar to SPFv2 and uses the multicast address as the destination address of SPF packets
C. SPEv2 and OSPFv3 have the same type of packets: Hello, ODD, LSR, LSU, LSAack, and their packet formats are
the same
D. The protocol number of SPFv2 in the IPv4 header is 89, and the next header number of OSPFv3 in the IPv6
header is 89
Answer: B
Q14
When troubleshooting the BGP neighbor relationship, the network administrator finds that two directly
connected devices use the Loopack port to establish a connection, so run display current-configuration
configuration bgp to check the configuration of peer ebgp-mat-h p h p-c tnt. Which of the following descriptions
about the command is correct?
A. h p-c unt must be greater than 15

B. h p-c unt must be greater than 255
C. h p-c unt must be greater than 12
D. h p-c unt must be greater than 1
Answer: D
Q18
When there are multiple redundant links in the IS-IS network, there may be multiple equal-cost routes. Which of
the following descriptions about equal-cost routing in an IS-IS network is wrong?
A. When the number of equal-cost routes in the network is greater than the number configured by the
command, and these routes have the same priority, the route with the larger system ID of the next hop device is
preferred for load balancing
B. If load balancing is configured, the traffic will be evenly distributed to each link
C. After the equal-cost route priority is configured, when the IS-IS device forwards the traffic reaching the
destination network segment, it will not adopt the load balancing method, but forward the traffic to the next
hop with the highest priority
D. For each route in the equal-cost route, a priority can be specified, the route with the highest priority will be
preferred, and the rest will be used as backup routes
Answer: C
Q19
Which of the following descriptions about traffic policing is correct?
A. Traffic policing can only be used in the inbound direction

B. Traffic policing will cache traffic that exceeds the limit
C. Traffic policing can only be done in the outbound direction
D. Traffic policing will drop traffic that exceeds the limit
Answer: D
Q20
IS-IS is a link-state routing protocol that uses the SPF algorithm for route calculation. As shown in the figure, a
campus deploys both IPv4 and IPv6 and runs IS-IS to achieve network interconnection. R2 only supports IPv4.
Which of the following statements about the topology calculation of this network is correct?
A. If you want IPv4 and IPv6 network computation to form the same shortest path tree, you need to run the ipv6
enable topology ipv6 command to enable the IPv6 capability in the IS-IS process
B. By default, since R2 does not support IPv6, in the shortest path tree formed by IPv6 network calculation, the
path from R1 to R4 is: R1-R3-R4
C. By default, IPv4 and IFv6 networks will be calculated separately to form different shortest path trees
D. By default, in the shortest path tree formed by IFv6 network calculation, the path from R1 to R4 is R1-R2-R4.
Since R2 does not support IFv6, R2 will directly discard IPv6 packets after receiving them, causing traffic lost
Answer: D
Q18.
When the switch is deployed with DHCP option 148, which of the following information will not be provided by
the DHCP server to the switch to be deployed?
A. The IP address of the cloud management platform

B. The port number of the cloud management platform
C. The port number of the device to be deployed
D. The IP address of the device to be deployed
Answer: D
Q22
When the user encounters different events during the authentication process, the user is in an unsuccessful
authentication state. At this time, you can configure the authentication event authorization to meet the needs
of these users to access specific network resources. Which of the following descriptions about authentication
event authorization is wrong?
A. If the user's network access rights are not configured when the authentication fails or the authentication
server is Down, after the user authentication fails, the user remains in the pre-connected state and has the
network access rights of the pre-connected user
B. Authentication event authorization can support authorization parameters including VLAN, user group and
business scheme
C. Events that can trigger authentication event authorization include authentication server Down, authentication
server unresponsive, and pre-connection, etc. Authentication failure cannot trigger authentication event
authorization
D. Authorization of a non-authentication success state, also known as escape. For different authentication
methods, there are different escape schemes. Some escape schemes are shared, and some escape schemes are
only supported by specific authentication methods.
Answer: C
Q23
In the virtualized campus network deployed through iMaster NCE-Campus, some key parameters need to be
configured in the authorization rules for access authentication. Which of the following is not included? When
deploying virtual networks on iMaster NCE-Campus, you need to configure authentication and authorization
after creating user accounts? Which of the following does not need to be configured?
A. authentication rule or access method

B. authentication result
C. authorization result
D. Authorization Rule
Answer: A
Q24
Which of the following extended community attributes is used by BGP EVPN to advertise the migration of
connected VMs?
A. RT
B. EVPN Router's MAC Extend Community
C. MAC Mobility
D. RD
Answer: B
Q25
In the Huawei SD-WAN solution, which of the following routing protocols are used to transmit VPN routes
between CPEs?
A. BGP
B. RIP
C. OSPF
D. IS-IS
Answer: A
Q26
The OSPF-based SR-MPLS function is enabled on all routers in a network. The SREB of each router is shown in
the figure. By default, when R3 forwards a packet whose destination address is 10.0.4.4, which of the following
MPLS labels is carried item?
A. 3
B. 100
C. 40100
D. 50100
Answer: D
Q27
SR-MPLS Policy can use BGP extension to transmit tunnel information, as shown in the figure.
Among them, SR-MPLS Policy is optimized by which of the following parameters?
A. Priority
B. Preference
C. Weight
D. Binding SID
Answer: C
Q28
The network administrator enters display telemetry subscription on the device to view the Telemetry
subscription information, and the output is as follows. Which of the following descriptions is wrong?
A. The subscription name is Sub1
B. The device sends sampling data every second
C. The IP address of the device is 192.168.56.1
D. The subscription method is static subscription
Answer: C
Q29
Which of the following statements about the difference between NSR and NSF is correct? Regarding the
difference between NSR and NSF, which one is correct? Or Which of the following statements is true about the
differences between NSR and NSF?
A. NSF must rely on neighbor routers to complete

B. Both NSR and NSF require neighbor routers to complete
C. NSF can be done without neighbor routers
D. NSR must rely on neighbor routers to complete
Answer: A
Q30
The RF function of the BGP protocol can control the routing entries sent by the neighbors. Which of the
following tools does a BGP router need to use for this purpose?
A. Filter-Policy
B. IP Prefix List
C. ACL
D. Route-Policy
Answer: B
Q31
In the process of establishing an LDP session, the active party will first send Initialization information to
negotiate parameters. If the passive party does not accept the negotiated parameters, which of the following
messages will be sent?
A. Error Notification Message

B. Initialization Message
C. Hell Message
D. Keepalive Message
Answer: A
Q32
If the configuration of IS-IS can be found through the display current-configuration command, but the
configuration of IS-IS cannot be found through the display saved-configuration command, which of the following
is the possible reason?
A. The running IS-IS configuration in the memory is not saved to Flash
B. No IS-IS command entered
C. Flash running IS-IS configuration, not saved to memory
D. The running IS-IS configuration in memory has been saved to Flash
Answer: A
Q33
The IS-IS Level-1 neighbor relationship between R3 and R4 is not established.
[R3] display isis error
Hell packet errors
... ...
Repeated System ID0 Bad Circuit Type0
Bad TLV Length0 Zer Holding Time0
Unusable IP Addr0 Repeated IPV4 Addr0
Mismatched Area AddrL113 Mismatched Prot0
SNPA ConflictedLAN0 Mismatched Level0
Mismatched Max Area Addr0 Bad Authentication0
... ...
[R3]
Based on the information in this graph, which of the following is the likely cause?
A. The IIH authentication of R3 and R1 failed

B. The circuit-type of the interconnection interface of R3 and R4 does not match
C. The IS-Level of R3 and R4 do not match
D. The area numbers of R3 and R4 are different
Answer: D
Q34
Which of the following does not belong to the scope of dynamic data collection on the live network before
cutover?
A. Routing Protocol Status

B. ARP entry
C. Port Status
D. SNMP version
Answer: C
Q35
The network administrator uses ACL and only wants to match the four routing entries whose Num numbers are
1, 3, 5, and 7 in the figure. What are minimum numbers of ACL ruler need to be configured by the network
administrator?
A. 3
B. 3
C. 1
D. 2
Answer: C
Q36
As shown in the figure, the ARP broadcast suppression function is enabled in the BD20 domain on VTEP1, and
VTEP1 has learned the ARP information of PC2 through the BGP EVPN route. When the ARP request sent by PC1
for PC2 is forwarded by VIEP1 to VIEP2, which of the following is the destination MAC address of the inner data
frame?
A. MAC C
B. MAC A
C. MAC B
D. MAC D
Answer: D
Q37
Which of the following statements about choosing an authentication point location in a network is incorrect?
A. Deploying authentication at the access layer of the network is conducive to fine-grained management of
permissions and high network security
B. After the user authentication point is moved from the access layer to the aggregation layer, the user's MAC
authentication may fail
C. Setting the user authentication point at the access layer has advantages and disadvantages compared to
setting it at the aggregation layer or the core layer. Policy linkage can be used as a solution.
D. When the user authentication point is moved from the access layer to the aggregation layer and the core
layer, the number of authentication points is greatly reduced, which can effectively relieve the pressure on the
AAA server
Answer: B
Q38
Which of the following descriptions about "security group" and "resource group" is wrong in Business Travel?
A. The resource group supports static binding of IP addresses or address segments

B. On iMaster NCE-Campus, the UCL group is the security group
C. The any group can be used as both a source group and a destination group
D. The security group supports static binding of IP addresses or address segments
Answer: C
Q39
Compared with traditional networks, SD-WAN can better ensure application experience. Which of the following
is the main reason?
A. SD-WAN can use IPsec technology to realize encrypted transmission of packets

B. SD-WAN can provide different routing strategies and different QoS strategies for different applications
C. SD-WAN can build various networking types such as Full Mesh, Hub-Spoke, Partial Mesh, etc.
D. SD-WAN can realize multi-department business isolation based on VRF
Answer: B
Q40
Assuming that there are 5 segment IDs in the SRH of an SRv6 packet, when the packet reaches the third router
on the forwarding path, the node will set the segment ID numbered by which of the following as the IPv6
destination address?
A. 5
B. 2
C. Not sure
D. 3
Answer: D
Q41
Which of the following descriptions about Prefix Segmente is incorrect?
A. On Huawei devices, Prefix Segment ID supports manual configuration and automatic protocol configuration
B. Prefix Segment is identified by Prefix Segment ID (SID)
C. Prefix Segment is used to identify a destination address prefix in the network
D. Prefix Segment spreads to other network elements through IGP protocol, globally unique
Answer: D
Q42
The following is a part of the NETCONF protocol message, <rpc xmlns="urn:ietf:params:xml:ns:netc
nf:base:1.0" message-id="1024">Where is it located in the NETCONF architecture layer?
A. Transport layer
B. Message layer
C. Content Layer
D. Operation layer
Answer: B
Q43
There are multiple protocols that can change or obtain network device data. Which of the following protocols
cannot be used to change network device data?
A. SNMP
B. NETCONF
C. RESTC NF
D. IPsec
Answer: D
Q44
When the client calls the iMaster NCE-Campus login authentication RESTful interface, the method used is POST,
and the request message body format is {"userName": "xxx", "password": "xxx"}
A. TRUE
B. FALSE
Answer: B
Q45
BGP-LS (BGP Link State) carries information such as links, nodes and topology prefixes.
A. TRUE
B. FALSE
Answer: A
Q46
Enterprises can access the Internet through dial-up connection, xDSL, xPON, etc.
A. TRUE
B. FALSE
Answer: B
Q47
NVE is a network entity that realizes the function of network virtualization, and can only be a hardware switch.
A. TRUE
B. FALSE
Answer: B
Q48
Switch stacking and cross-device link aggregation can be deployed to achieve link reliability in small and
medium-sized campus scenarios.
A. TRUE
B. FALSE
Answer: A
Q49
Using BGP EVPN as the control plane of VXLAN can completely avoid traffic flooding in the VXLAN network, such
as ARP broadcast packets.
A. TRUE
B. FALSE
Answer: B
Q50
When MPLS is deployed in the network and the network layer protocol is IP, the route corresponding to the FEC
must exist in the IP routing table of the LSR, otherwise the label forwarding entry of the FEC will not take effect.
A. TRUE
B. FALSE
Answer: A
Q51
When there is a relay device between the DHCP client and the server, if the IP address in the global address pool
of the DHCP server is not in the same network segment as the IP address of the VLANIF interface connected to
the client on the relay device, it will cause a DHCP failure.
A. TRUE
B. FALSE
Answer: A
Q52
In order to speed up the sensing speed of link failure in IS-IS network, IS-IS can be linked with BFD.
A. TRUE
B. FALSE
Answer: A
Q53
In the dual-system hot backup scenario of the firewall, the heartbeat interface can be directly connected
physically, or it can be connected through an intermediate device such as a switch or router.
A. TRUE
B. FALSE
Answer: A
Q54
BGP/MPLS IP VPN can only use LDP to build public network tunnels.
A. TRUE
B. FALSE
Answer: B
Q55
YANG technology originated from netconf but is not only used for netconf.
A. TRUE
B. FALSE
Answer: A
Q56
For the telemetry side, both json and GPE are supported.
A. TRUE
B. FALSE
Answer: B
Q57
The SRP technology can flexibly select the egress link based on the link quality.
A. TRUE
B. FALSE
Answer: A
Q58
When the Next header is 43, it must be SRH.
A. TRUE
B. FALSE
Answer: B
Q59
protobus is a language-independent and platform-independent method of serializing structured data, which
pays more attention to efficiency, resulting in poor space, speed, and read and write speeds.
A. TRUE
B. FALSE
Answer: B
Q60
For telemetry data push, devices and collectors can be based on TLS. If GRPC is used, TLS must be used.or For
telemetry data push, data can be transferred between devices and collectors using the TLS protocol. TLS must be
configured for data encrption if data is pused based on gRPC.
A. TRUE
B. FALSE
Answer: B
Q61
Netconf uses SSL to achieve secure transmission, and uses the mechanism of RPC remote invocation to achieve
client to server communication.
A. TRUE
B. FALSE
Answer: B
Q62
In the Huawei SD-WAN networking solution, the RR must use an independent device and cannot be deployed on
the same device with the CPE.
A. TRUE
B. FALSE
Answer: B
Q63
iFIT supports the measurement of end-to-end service packets, so as to obtain performance indicators such as
packet loss rate and delay of real service packets in the IP network.
A. TRUE
B. FALSE
Answer: A
Q64
In SRv6, every time an SRv6 endpoint node passes through, the Segments Left field is decremented by 1, and the
IPv6 destination address information is converted once.
A. TRUE
B. FALSE
Answer: A
Q65
The MAC address learning of the static VXLAN channel depends on the exchange of packets between hosts (such
as the exchange of ARP packets).
A. TRUE
B. FALSE
Answer: A
Q66
The iMaster NCE-Campus controller connects to various applications through open APIs in the northbound
direction and delivers configurations to campus network devices through the Telemetry technology in the
southbound direction.
A. TRUE
B. FALSE
Answer: B
Q67
By default, LDP adjacencies will trigger the establishment of LSPs based on IP routes of 32-bit addresses.
A. TRUE
B. FALSE
Answer: B
Q68
IETF takes advantage of the strong scalability of OSPF to expand the functions of OSPF so that it can support IPv6
networks. The expanded protocol is called OSPFv3. OSPFv3 is compatible with OSPPv2.
A. TRUE
B. FALSE
Answer: B
Q69
Traffic shaping can only be used in the outgoing direction, and its function is to control the rate of outgoing
packets.
A. TRUE
B. FALSE
Answer: A
Q70
When configuring the DHCP Relay function on the device, the VLANIF interface of the relay connection client
must be bound to a DHCP server group, and the bound DHCP server group must be configured with the IP
address of the proxy DHCP server.
A. TRUE
B. FALSE
Answer: B
Q71
The following figure shows the MPLS VPN cross-domain Option B solution. In the scenario where an RR exists
within the domain, PE1 and ASBR-PE1 establish a VPNv4 neighbor relationship with RR1. By default, user traffic
must be forwarded through RR1.
A. TRUE
B. FALSE
Answer: B
Q72
When deploying BGP/MPLS IP VPN, when two VPNs have a common site, the common site must not use
overlapping address space with other sites of the two VPNs.
A. TRUE
B. FALSE
Answer: A
Q73
The OPS (Open Programmability System) function of Huawei network equipment provides the open
programmability of network equipment. To facilitate users to write scripts, Huawei provides a Python script
template for the OPS function. The OPSComnection class is created in the script template. Among them, the
member function of creating device resource operation is def post (self, uri, req_data).
A. TRUE
B. FALSE
Answer: B
Q74
In the virtualized campus network scenario deployed by iMaster INCE-Canrpus, to realize user mutual access
between different VNs, the administrator can deploy a policy control matrix on the controller.
A. TRUE
B. FALSE
Answer: B
Q75
During the process of establishing the SSH connection, the two communicating parties conduct version
negotiation. Which of the following data is not included in the version negotiation packet sent by both parties?
A. Client Device Type

B. Minor Protocol Version Number
C. Software version number
D. Main agreement version number
Answer: A
Q76
The NETCONF protocol provides a set of mechanisms for managing network devices, which can be divided into
the following layers? or NETCONF provides a set of mechanisms for managing network devices. What layers can
NETCONF be conceptually partitioned into?
A. Security transport layer, message layer, operation layer, content layer

B. Encrypted transport layer, message layer, configuration layer, content layer
C. Security transport layer, message layer, configuration layer, content layer
D. Encrypted transport layer, message layer, operation layer, content layer
Answer: A
Q77
The SSH server has been configured and correct. Which of the following Pythom codes can be run on the SSH
client to successfully establish an SSH connection (the private key file is id_rsa, which is in the same path as the
client Python script?
A. import paramiko
client.connect(hostname='192.168.1.1', username='huawei', key_filename='id_rsa')
B. import paramiko
client = paramiko.Transport(('192.168.1.1', 22))
client.connect(username='huawei', key_filename='id_rsa')
C. import paramiko
client.connect(hostname='192.168.1.1', username=1 huawei', pkey='idrsa')
D. import paramiko
key = paramiko.RSAKey.from_private_key_file('id_rsa')
client = paramiko.Transport((192.168.1.1', 22)
client.connect(username=huawei', pkey-key
Answer: B
Q78
YANG is the data modeling language of NETCONF. The client can compile RPC operations into XML-formatted
messages. XML follows the constraints of the YANG model for communication between the client and the
server.
Which of the following XML content is written against this data model?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Q79
Which of the following is the default port number for the northbound API of iMaster NCE-Campus?
A. 18000
B. 18002
C. 18008
D. 18006
Answer: B
Q80
In the request header field of the HTTP request message, which of the following fields is used to identify the
MIME type?
A. Content-Type
B. Data-Type
C. Referer
D. MIME-Type
Answer: A
Q81
The engineer wants to log in to the Huawei device remotely. When writing the SSH Python script, the Paramiko
library is used to write the following code:
Cli=ssh.invoke_shell
`screen-length 0 temporary\n'
Cli. send
Which of the following is the role of screen-length 0 temporary?
A. Cancel split screen display

B. Do word wrapping
C. Cancel word wrap
D. Perform split screen display
Answer: A
Q82
As shown in the figure, the gateway of the PC is located in the aggregation switch. If you want to realize the load
sharing of the gateway device, which of the following descriptions is wrong?
A. Set different gateway addresses on the PC so that traffic is sent to different gateways in a balanced manner
B. The VRID parameter only has local significance, so the VRIDs of the two aggregation switches about the same
virtual router can be different
C. It is necessary to configure the priority to make the aggregation switch become the master device of the two
virtual routers respectively
D. Multiple VRRP backup groups need to be configured on the aggregation switch
Answer: B
Q83
Or In BGP4+, what is the content of the next hop network address field carried in the MP_REACH_NLRI attribute
of an Update packet?
A. It must be a link-local address
B. It must be a global unicast address
C. It can be only a link-local address
D. The link-local address and global unicast address can be carried at the same time.
Ans: A
Q.
In BGP4+, which of the following descriptions is correct about the content of the next hop network address field
carried by the MP_REACH_NLRI attribute in the Update message?
A. Only link-local addresses

B. Can only be a global unicast address
C. Can carry link-local addresses and global unicast addresses at the same time
D. Can be just a link-local address
Answer: C
Q84
After the interface sticky MAC function is enabled on the device, what is the number of MAC addresses learned
by the interface by default?
A. 5
B. 15
C. 1
D. 10
Answer: C
Q85
Which of the following token bucket technologies is used in traffic shaping??
A. Double barrel single speed

B. Single barrel double speed
C. Single barrel single speed
D. Double barrel double speed
Answer: C
Q86
In the controller public cloud deployment scenario, if you use the Huawei Registration Query Center to deploy,
you do not need to configure DHCP Option148 on the campus DHCP server.
A. TRUE
B. FALSE
Answer: B
Q87
In free mobility, if the authentication point device and the policy enforcement point device belong to the same
device, you need to subscribe to the IP-Group entry to view the user IP-Group information.
A. TRUE
B. FALSE
Answer: B
Q88
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, BGP EVPN advertises the host's
MAC address information to the remote VTEP through Type 5 routes.
A. TRUE
B. FALSE
Answer: B
Q89
View the running configuration in memory through the "display current-configuration" command.
A. TRUE
B. FALSE
Answer: A
Q90
As long as FIT-AP is added in NCE, the AP can go online normally.
A. TRUE
B. FALSE
Answer: B
Q91
In the HUAWEI CLOUD WAN, the controller can plan paths in real time and deliver path information through
PCEP or BGPLS.
A. TRUE
B. FALSE
Answer: A
Q92
On the premise that the 32-bit host route of the remote host exists on the VXLAN L3 gateway, the L3 gateway
can enable the local ARP proxy under the VBDIF interface to reduce the broadcast of ARP packets. For packets
destined for the remote host, the L3 gateway will match the host route for Layer 3 forwarding.
A. TRUE
B. FALSE
Answer: A
Q93
The Huawei iMaster NCE-WAN controller delivers the configuration to the CPE through the NETCONF protocol.
A. TRUE
B. FALSE
Answer: A
Q94
In the virtualized campus network scenario deployed by iMaster NCE-Campus, which of the following
descriptions about configuring network service resources is correct?
A. Network service resources include DHCP server, RADIUS server, Portal server, and other servers, etc.
B. If the scene is selected as "Directly Connected Switch", it means that Border adds the interconnection port to
the interconnection VLAN in an untagged way
C. The interconnection address in the network service resource must belong to the "interconnection IP" in the
"Underlay Automation Resource Pool"
D. Configuring network service resources is to configure the global resource pool of Fabric
Answer: A
Q95
How many bits are there in the label field of MPLS?
A. 1
B. 8
C. 20
D. 3
Answer: C
Q96
In the description of DHCP Snooping, which one is wrong?
A. DHCP Snooping can prevent illegal attacks by setting trusted ports

B. When the DHCP snooping function is enabled in the interface view, the function of assigning all DHCP packets
on the interface will take effect.
C. If DHP Snooping is enabled in VLAN view, the command function of DHCP packets received by all interfaces of
the device belonging to the VLAN will take effect.
D. Enable DHCP Snooping globally, and the device only processes DHCPv4 packets by default without any post-
parameters
Answer: D
Q97
Which of the following routing types does EVPN use to achieve fast convergence and split horizon?
A. Inclusive Multicast Route

B. MAC/IP Advertisement Route
C. Ethernet Segment Route
D. Ethernet Auto-discovery Route
Answer: D
Q98
Which of the following is the meaning of the ipv6 enable topology ipv6 command in IS-IS protocol view?
A. has no meaning
B. SPF calculation is performed separately in the topology of IPv4 and IPv6
C. SFF calculation without IPv6 support
D. IPv4 and IPv6 use the same topology for SPF calculation
Answer: B
Q99
Which of the following descriptions about the principle of DHCP is wrong?
A. DHCP supports assigning a fixed IP address to a specified terminal. This assignment mechanism is called DHCP
static assignment.
B. When the DHCP client and the DHCP server are on different Layer 3 networks, a DHCP relay needs to be
configured to forward packets between the client and the server
C. The Options field in the DHCP packet adopts a TLV structure, which can carry parameter information such as
the NTP server address, AC address, and log server address.
D. If only the information of the gateway and DNS server needs to be delivered to the DHCP client, the DHCP
Offer packet sent by the DHCP server to the client will not carry the Options field
Answer: D
Q100
Which of the following descriptions about the VXLAN gateway is wrong?
A. VXLAN Layer 3 gateway is used for cross-subnet communication of VXLAN virtual network and access to
external network (non-VXLA network)
B. VBDIF is a logical interface created based on BD, similar to the concept of VLANIF in traditional networks
C. Both XLAN Layer 2 and Layer 3 gateways must maintain the VBDIF interface, otherwise users cannot
communicate normally through this interface
D. The XLAN Layer 2 gateway enables traffic to enter the VXLAN virtual network, and can also be used to
implement the same subnet communication within the same VXLAN virtual network
Answer: C
Q101
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, for the VTEP peer to generate
BGP EVPN Type 2 routes based on the local terminal ARP information, which of the following commands needs
to be enabled on the VBDIF interface?
A. arp collect host enable

B. arp-proxy enable
C. mac-address xxxx-xxxx-xxxx
D. arp distribute-gateway enable
Answer: A
Q102
When configuring access authentication, it is necessary to define the contents authorized to the user in the
authorization result, which one of the following is not included?
A. Security Group
B. ACL
C. VLAN
D. IP address
Answer: D
Q103
In the Huawei SD-WAN solution, which of the following protocols is used for the control channel?
A. Static routing
B. BGP4
C. BGP VPNv4
D. BGP EVPN
Answer: D
Q104
Which of the following descriptions about SR-MPLS BE and SR-MPLS TE is correct?
A. SR-MPLS BE supports creating a tunnel by specifying Node SID and Adjacency SID at the same time
B. Both SR-MPLS BE and SR-MPLS TE support tunnel creation by specifying the Adjacency SID
C. SR-MPLS TE supports creating a tunnel by specifying Node SID and Adjacency SID at the same time
D. When creating an SR-MPLS BE, you can specify the necessary routers
Answer: C
Q105
The network administrator enters display telemetry sensor Sensor1 on the device to view the related
information of the Telemetry sampling sensor Sensor1, and the output is as follows. Which of the following
descriptions is wrong?
A. Telemetry samples CPU information, memory information, and MAC address table
B. The device is configured with three Telemetry sampling paths
C. For the sampling path huawei-mac: mac/macAddrSurmarys/macAddrSurmary, when the capacity of the mac
address table does not reach 40000, the device will continue sampling
D. The device can continue to add Telemetry sampling paths
Answer: B
Q106
The <config> operation of the NETCONF protocol may contain an optional "operation" attribute, that is used to
specify the operation type "operation" for configuration data that does not include which of the following?
A. create
B. remove
C. update
D. merge
Answer: C
Q107
There are various types of northbound interfaces, ranging from SUMP, CORBA, SMP to REST, but nowadays the
northbound interfaces of various devices are gradually evolving to REST interfaces.
Which of the following is NOT a reason to use REST?
A. REST adopts a stateless design

B. REST standardizes URI naming
C. REST realizes front-end and back-end coupling
D. REST has good cross-platform compatibility
Answer: A
Q108
Which of the following protocols can be used by the iMaster NCE service open and programmable to complete
the device configuration?
A. BGP
B. CLI/SSH
C. NETCONF
D. SNMP
Answer: C
Q109
Which of the following descriptions about labels is wrong?
A. The principle to be followed when manually assigning labels is: the value of the outgoing label of the
upstream node is the value of the incoming label of the downstream node
B. Dynamic LSPs are dynamically established through label distribution protocols, such as MP-BGP, RSVP-TE, LDP
C. LSPs are classified into two types: static LSPs and dynamic LSPs: static LSPs are manually configured by the
administrator, and dynamic LSPs are dynamically established using label protocols.
D. LSPs established by statically assigning labels can also be dynamically adjusted according to network topology
changes without administrator intervention
Answer: D
Q110
In the data header, which of the following fields cannot be used for simple flow classification?
A. DSCP
B. Protocol
C. EXP
D. 802.1P
Answer: B
Q111
Which of the following descriptions about the functions of Ping and Tracert is correct?
A. Tracert has the same function as Ping, but the name is different
B. Tracert must be able to trace the IP address of each hop from the source to the destination
C. Ping verifies the reachability from the local end to the peer end, but it does not mean that the peer end to the
local end must be reachable
D. Ping detects the two-way reachability with the peer through the one-way icmp echo request message
Answer: C
Q112
Which of the following NPLS L3VPN cross-domain solutions does not need to run MPLS between ASBRs?
A. Option B
B. Option D
C. Option A
D. Option C
Answer: C
Q113
When the network administrator tried to access the internal network device through Telnet, it was found that it
could not be accessed.
Which of the following is impossible?
A. The protocol inbound all is configured on the VTY user interface

B. The route is unreachable, and the client and server cannot establish a TCP connection
C. ACL is bound in the VTY user interface
D. The number of users logged into the device has reached the upper limit
Answer: A
Q114
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, which of the following routes is
used by BGP EVPN for MAC address advertisement, ARP information advertisement and IRB route
advertisement?
A. Type1
B. Type3
C. Type4
D. Type2
Answer: D
Q115
A company's headquarters network and branch network are interconnected through the Internet. If VPN
technology is used to realize secure and reliable data transmission between headquarters users and branch
users, which of the following VPN technologies is most suitable? Or Assume that a company’s headquarters
network and branch networks are connected through the internet. Which of the following VPN technologies is
most capable of ensuring secure and relaible data transmission between headquarters and branches?
A. SSL VPN
B. MPLS VPN
C. L2TP VPN
D. IPsec VPN
Answer: D
Q116
Which of the following descriptions about access control for small and medium-sized campuses is wrong?
A. iMaster NCE supports directly as an authentication server

B. Cloud AP supports Portal local authentication
C. iMaster NCE supports connection to third-party RADIUS servers
D. iMaster NCE supports as a portal relay device
Answer: D
Q117
Which of the following descriptions about data encryption methods is wrong?
A. Data encryption methods are divided into symmetric encryption and asymmetric encryption
B. Symmetric encryption algorithms use the same key to encrypt and decrypt data
C. Asymmetric encryption uses public key encryption and private key decryption
D. The key used by the symmetric encryption algorithm must be exchanged by mail, otherwise there is a risk of
key leakage
Answer: D
Q118
IPsec SA (Security Association) triple does not include which of the following parameters?
A. Source IP address
B. Security protocol number (AH or ESP)
C. Destination IP address
D. Security Parameter Index SPI (Security Parameter Indez)
Answer: A
Q119
Which of the following descriptions about GRE tunnels is incorrect?
A. GRE can encapsulate IPv4 unicast packets

B. The implementation mechanism of GRE is simple, and the burden on the devices at both ends of the tunnel is
small.
C. GRE can encapsulate IPv6 unicast packets
D. GRE can encapsulate IPv6 broadcast packets
Answer: D
Q120
If there are multiple service packets on the same link, in order to give priority to the use of high-priority
applications when the link is congested, and low-priority applications to avoid high-priority applications when
congestion occurs, then you should choose Which of the following is an intelligent routing strategy?
A. Routing based on link priority

B. Routing based on application priority
C. Routing based on link bandwidth
D. Routing based on link quality
Answer: B
Q121
SR-MPLS TE distributes MPLS labels through which of the following protocols?
A. RSVP-TE
B. PCEP
C. IGP
D. LDP
Answer: C
Q122
The deployment of a virtualized campus network is shown in the figure. In this scenario, which method should
be used to interconnect the fabric with the external network?
A. Layer 2 shared egress

B. Layer 3 Shared Export Mode
C. Layer 2 exclusive export method
D. Layer 3 exclusive export method
Answer: A
Q123
Which of the following is not a principle that needs to be followed when designing an SR-MPLS Policy tunnel?
A. The traffic of a single tunnel should not be too large. To facilitate progress in bandwidth tuning
B. Business traffic and tunnel association. Achieve a certain level of path visibility
C. Consider possible future network expansion
D. Increase the number of tunnels as much as possible. The more the number of tunnels, the more refined the
high-level service can be separated and the service quality can be guaranteed
Answer: D
Q124
The OPS (Open Progrannability System. Open Programmable System) function of Huawei network equipment
uses the HTTP protocol method to access the management objects of network equipment. To facilitate users to
write scripts, Huawei provides Fython script templates for the OPS function. Which of the following is the
content of the header fields "Content-type" and "Ahccept" in the HTTP request message sent in the Pythorn
script template?
B. text/json, tcxt/xml
C. text/json. text/json
D. text/xml, text/xsml
Answer: D
Q125
Which of the following descriptions cannot be the cause of the dual-active failure of the VRRP backup group?
A. The master device sends 1 notification message per second

B. VRRP backup group IDs on both ends are different
C. The link that transmits VRRP advertisement packets is faulty
D. The low-priority VRRP backup group discards the received VRRP advertisement packets as illegal packets
Answer: A
Q126
MACsec can provide users with secure MAC layer data transmission and reception services. Which of the
following is not a service provided by MACsec?
A. Integrity Check
B. Controllability Check
C. User Data Encryption
D. Data source authenticity verification
Answer: B
Q127
Which of the following regular expressions can match only the EGP route entries that pass through AS300 and
then AS200?
A. 200$/300$
B. _[200 300]_
C. _(200 300)_
D. ^200l^300
Answer: B
Q128
Which of the following descriptions about TTL in MPLS Header is correct?
A. To control label distribution

B. Limiting LSR
C. Similar to the TTL in the IP header, it is used to prevent packet loops
D. Control of upstream equipment for label distribution
Answer: C
Q129
As shown in the figure, OSPF is enabled on all interfaces of the router. Which of the following statements is
correct?
A. The Type1 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
B. The Type5 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
C. The Type2 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/24
D. The Type3 LSA generated by R2 in area 0 contains the routing information of 10.0.2.2/32
Answer: A
Q130
During HTTP communication, the client only sends one request for each HTTP connection, and once the server
response data is sent, the connection will be released. To solve this problem, which header field extension is
used so that the HTTP session can be maintained without immediate disconnection?
A. Session
B. Cookie
C. Set-Cookie
D. Connection
Answer: D
Q131
As shown in the figure, if you want to realize that only legitimate users (users who obtain IP addresses through a
legitimate DHCP server or specific static IP users) are allowed to access the network in this network, which of the
following solutions can be used?
A. DAI +Port Security

C. DHCP Snooping+DAI
D. DAI+IPSG
Answer: B
Q132
In order to enable the VPN instance to advertise IP routes to the BGP-EVPN address family, which of the
following commands needs to be enabled in the BGP view?
A. advertise 12vpn evpn

B. advertise irb
C. advertise vpnv4
D. advertise irbv6
Answer: A
Q133
An enterprise wants to centrally and securely manage and control Internet traffic. Which of the following
Internet access methods is more appropriate? Which of the following internet access modes can be used to
implement centralized security control over intyernet access traffic?
A. Internet access by priority

B. Centralized Internet access
C. Hybrid Internet access
D. Local Internet access
Answer: B
Q134
In the MA network environment, all IS-IS routers enable the SR-MPLS function. Which of the following
descriptions is correct?
A. DIS will collect the SRGB of each device in the MA network and advertise it to other routers
B. If SR-MPLS is enabled, there is no need to elect DIS
C. The LSP generated by DIS will describe all IS-IS routers in the network
D. DIS will generate a special Node ID
Answer: A
Q135
As shown in the figure, PE1 has enabled the OSPF-based SR-MPLS function. Based on this, it is inferred that the
label when PE1 forwards data packets to 10.0.3.3 is which of the following?
A. 24003
B. 24004
C. 3
D. 24001
Answer: A
Q136
MPLS LDP can be used to build BGP/MPLS IP VPN bearer tunnels. Which of the following descriptions about
MPLS LDP is wrong?
A. The default label publishing and management methods adopted by Huawei devices are: downstream
autonomous mode (DU) + ordered label control mode (Ordered) + free label retention mode (Liberal)
B. MPLS LDP tunnels are established based on IP shortest paths, and tunnel forwarding path planning cannot be
performed
C. LDP, RSVP-TE, MP-BGP share the label space of 1024~1048575
D. Due to its relatively simple configuration and maintenance, BGP/MPLS IP VPNs are widely used in carrier WAN
bearer networks and enterprise WAN bearer networks
Answer: B
Q137
SR-MPLS Policy is one of the current mainstream ways to implement SR-MPLS. Which of the following
descriptions about SR-MPLS Policy is wrong?
A. Common SR-MPLS Policy application scenarios the controller collects information such as network topology,
network bandwidth, link delay, etc., calculates the SR-MPLS Policy tunnel according to service requirements, and
delivers the policy to the head node
B. A candidate path can contain multiple forwarding lists, load balancing based on weights
C. An SR-MPLS Policy is identified by the triplet <headend, color, endpoint>
D. Multiple candidate paths can be defined, and the candidate paths form a master-standby or load-sharing
relationship according to their priorities
Answer: D
Q138
The NETCONF protocol provides a mechanism for managing network devices. The operation object of NETCONF
is the configuration library of network devices. Which of the following descriptions of the configuration library is
wrong?
A. <delete-config> is an operation on the startup configuration library

B. The configuration library of network devices can be divided into candidate configuration library, running
configuration library, and startup configuration library
C. <validate> is the operation on the candidate configuration library
D. <commit> will submit the configuration in the startup configuration library as the configuration in the running
configuration library
Answer: D
Q139
The establishment of an SSH connection needs to go through multiple stages in turn. Which of the following
descriptions is correct?
A. Version negotiation stage, algorithm negotiation stage, key exchange stage, user authentication stage, session
interaction stage
B. Version negotiation phase, user authentication phase, key exchange phase, algorithm negotiation phase,
session interaction phase
C. Version negotiation stage, user authentication stage, algorithm negotiation stage, key exchange stage, session
interaction stage
D. Version negotiation stage, key exchange stage, algorithm negotiation stage, user authentication stage,
Answer: A
Q140
Which of the following descriptions about the purpose of configuring LSP fragmentation on IS-IS equipment is
correct?
A. Make the device unable to establish IS-IS neighbors

B. Enable the device to support more IS-IS routing entries
C. Have no practical purpose
D. Prevent the device from learning IS-IS routing information
Answer: B
Q141
Which of the following tools cannot be used to match BGP routing entries?
A. Community Filter
B. IP Prefix List
C. Basic ACL
D. Advanced ACL
Answer: D
Q142
Which of the following NAT64 prefixes do not require manual configuration by the administrator?
A. 64:FF9B::/16
B. 64:FF9B::/32
C. 64:FF9B::/64
D. 64:FF9B::/96
Answer: D
Q143
In order to advertise IPv6 routes in BGP4+, what fields are added to the Update message? Or which of the
following fields is added to BGP4+ update packets to advertise IPv6 routes?
A. A new path attribute: IPv6_REACH_NLRI

B. A new path attribute: MP_REACH_NLRI
C. A new path attribute: MP_UNREACH_NLRI
D. A new NLR type: IPv6_NLRI, which carries IPv6 NLRI prefix 1ength and IPv6 NLRI prefix
Answer: B
Q144
In the VXLAN network, which of the following is used to realize cross-subnet communication within the VXLAN
network and access to the external network (non-VXLAN network) from the VXLAN network? Or Which of the
following is used to implement inter-subnet communication on a VXLAN network and allow access from a VXLAN
network to an external non-VXLAN network?
A. VXLAN L2 Gateway
B. VLANIF interface
C. NVE interface
D. VXLAN L3 Gateway or Layer 3 VXLAN gateway
Answer: D
Q145
For scenarios that need to support advanced security functions such as URL filtering, IPS, security defense, and
AV anti-virus, and need to support multi-link uplinks, which one of the following can the export device choose?
A. AP
B. AR
C. AC
D. FW
Answer: D
Q146
In the VXLAN network, similar to the traditional network using VLAN to divide the broadcast domain, VXLAN
identifies the broadcast domain locally according to which of the following?
A. VRF
B. BD
C. VNI
D. NVE
Answer: B
Q147
EVPH supports multiple service modes. In which of the following service modes, an interface can only be used by
a single user?
A. VLAN Based
B. Port Based
C. VLAN Bundle
D. VLAN-Aware Bundle
Answer: A
Q148
During the implementation of the Wi-Fi-based location service of iMaster NCE-Campus, the terminal data is
reported to the location service platform by HTTP request. Which of the following HTTP methods is used for this
HTTP request?
A. PUI
B. POST
C. DELETE
D. GET
Answer: D
Q149
In Huawei's access control solution, which of the following user authentication methods is not supported by
portal authentication?
A. Based on Passcode
B. SMS-based verification code
C. Based on the user's MAC address
D. Username based password
Answer: C
Q150
Which of the following tunneling technologies is used in Huawei SD-WAN solution to establish data channels?
A. GRE over IPsec

B. MPLS
C. IPsec
D. Vxlan
Answer: A
Q151
NCE-campus has some key parameters when configuring access authentication and authorization, which one of
the following is not included?
A. Certification Rules
B. Result name
C. Site binding
D. Authorized Security Groups
Answer: C
Q152
Which AP is independent, can manage a small number of APs, has low cost, and does not require high
management skills?
A. Leader AP
B. FIT AP+AC
C. FAT AP
D. Agile distribution of AP
Answer: A
Q153
Before the SSH client uses public key authentication to connect to the SSH server, it needs to create a key pair in
advance. The client uses Git Bash to create a DSS key pair. Which of the following commands is used to create it?
A. ssh-keygen -t rsa
B. ssh-keygen -t dss
C. ssh-keygen -t ecc
D. ssh-keygen -t dsa
Answer: B
Q154
In SD-WAN, after deploying NAT in RR, what kind of features are required?
A. NAT SERVER
B. 1:1 NAT
C. NAT444
D. ALG
Answer: B
Q155
Which of the NCE-Campus descriptions about the access management configuration is wrong? Or Which of the
following statements is incorrect about configuring fabric access management on iMaster NCE-Campus?
A. A template can only have one authentication method or create a server template and then an authentication
template.
B. NCE device can be used as Radius server or portal server or iMaster NCE-Campus can function as a RADIUS
server or portal server
C. Fabric needs to specify wired or wireless templates or Authentication templetes need to be bound to wired
and wireless acceess point.
D. Before creating a user template, you must first create a server template
Answer: A
Q156
When configuring SR-MPLS, which of the following is not mandatory?
A. Enable MPLS
B. Enable SR
C. Configure LSR-ID
D. Link configuration Adj-Sid
Answer: D
Q157
Traffic monitoring does not include monitoring which of the following?
A. Management plane traffic

B. Control Plane Traffic
C. Monitor plane traffic
D. Data plane traffic
Answer: C
Q158
There are three roles in strategy linkage. Which of the following is not?
A. Authentication Control Point

B. Terminal
C. Policy enforcement point
D. Certification enforcement point
Answer: C
Q159
In SD-WAN, CPE is located in the private network area behind the NAT device. NAT technology is required
between CPE. Which technology in SD-WAN enables NAT between CPE?
A. STUN
B. IPSEC
C. NAT SERVER
D. ALG
Answer: A
Q160
Engineers often log in to the device remotely to check the status of the device. Now engineers want to realize
automatic remote login through Python script, they can use Python Paramiko library and telnetlib library to
achieve the above requirements. Using telnet lib to achieve remote login is more secure.
A. TRUE
B. FALSE
Answer: B
Q161
In an MPLS domain, LSR can be divided into Ingress LSR, Transit LSR and gross LSR according to the different
processing methods of LSR for data. For the same FEC, a certain LSR can be the Ingress LSR of the FEC or the
Transit LSR of the FEC? Or In an MPLS domain, depending on how the LSR handles the data, the LSR can be
divided into Ingress LSR, Transit LSR, and Transit LSR Egress LSR? For the same FEC An LSR can be an Ingress LSR
for that EC or a Transit for that FEC LSR?
A. TRUE
B. FALSE
Answer: A
Q162
The business package (Specific Service Plugin, SSP) implements the mapping by using the jinja2 template. The
jinja2 syntax {%...%} contains control structures (ControllStructures), such as for loops.
A. TRUE
B. FALSE
Answer: A
Q163
When OSPFv2 evolves to OSPFv3, the LSA format and function are exactly the same, but the network layer
address in the LSA is changed from IPv4 to IPv6.
A. TRUE
B. FALSE
Answer: B
Q164
Which of the following security protection actions can be performed by a secure MAC address does not include?
Or Which of the following security protection actions is not used to safeguard MAC addresses?
A. Remark
B. Shutdown
C. Restrict
D. Protect
Answer: A
Q165
In the SSH algorithm negotiation phase, the two parties exchange the list of algorithms they support. The
symmetric encryption algorithm list of the SSH server is: aes256-ctr, aes192-ctr, aes128-ctr, aes256-cbc.The list
of symmetric encryption algorithms of the SSH client is: aes128-c9-ctr, aes256-ctr, aes256-cbc. Which of the
following is the symmetric encryption algorithm that both parties will use? Or In the SSH algorithm negotiation
phase, the SSH server and client exchange the list of algorithms that they support. The list of symmetric
encryption algorithms of SSH server is as follows: aes256-ctr, aes 192-ctr, aes128-ctr, and aes256-cbc. The list of
symmetric encryption algorithms of the SSH client is as follows: aes128-ctr, aes192-ctr, aes256-ctr, and aes256-
cbs. Which of the folllowing symmetric encryption algorithms can be used by both the SSH server and client?
A. aes128-ctr
B. aes192-ctr
C. aes256-cbc
D. aes256-ctr
Answer: A
Q166
Huawei Open origramming system (OPS) provides openess and programmability capability for network devices
and enables users to perform secondary development to implement customized functions. Which of the
following commands can be used to view information about the OPS script installed on a network devices? Or
Huawei network equipment provides the OPS function. Which of the following commands can view the
information of the OPS script installed on the network equipment?
A. check ops script

B. display ops file
C. display ops script
D. check ops file
Answer: C
Q167
Which of the following descriptions about the application scenarios of the OPS function is wrong?
A. In the scenario of using the OPS function to automatically deploy devices with empty configuration, the
function of the Python script is to obtain the server addresses of software and configuration files, and to
download system software and configuration files
B. The user needs to realize the function of automatically sending the configuration file to the server after the
network device configuration is saved. This can be achieved by creating a timer type trigger condition through
the maintenance assistant and executing the Python script regularly.
C. Using the OPS function can reduce the impact of the network environment in some cases. For example, when
transmitting collected information to the server, the Python script can realize that when the network is
unavailable. The function of temporarily storing the execution result in the device and transferring it to the
server after the network is restored.
D. Using OPS can realize the function of automatically checking the health status of the device.
Answer: B
Q168
Which of the following protocols does not support SR-MPLS?
A. BGP
B. IS-IS
C. OSPF
D. RSVP-TE
Answer: D
Q169
Telemetry is a technology that collects data remotely from physical or virtual devices at high speed. Which of
the following is NOT a component of the data layer for a mode that uses gRPC push?
A. Notification message layer
B. Telmetry layer
C. RPC layer
D. Business data layer
Answer: A
Q170
In the virtualized campus network deployed through iMaster NCE-Campus, in the "network planning" stage,
which of the following is not an operation that the administrator needs to complete?
A. Deploy Overlay Access Resource Pool

B. Create an authentication template
C. Deploy the Fabric global resource pool
D. Deploy the Underlay automation resource pool
Answer: A
Q171
In the virtualized campus network design, which of the following descriptions about the Fabric networking
design is wrong?
A. Single/dual Border networking can be selected according to different scenarios, in which the VXLAN
centralized gateway supports single Border or dual Border deployment at the same time.
B. If users in multiple VNs want to access the same external network, and the security policies of each VN are
different, you can configure the VN to connect to the external network through Layer 3 exclusive egress.
C. If you want to use the original access switches (which do not support VXLAN), you can deploy VXLAN covering
the core layer to the aggregation layer
D. When the terminal scale is small, a centralized gateway network can be selected, in which Border acts as a
gateway to manage the network uniformly.
Answer: A
Q172
Both SNMP and NETCONF can be used for the management of network devices. Which of the following
descriptions about these two protocols is correct?
A. When Huawei switches need to be managed through NETCONF, the NETCONF parameters of each switch
must be manually configured by default.
B. Both protocols adopt the Client/Server architecture, with NMS as the server and the managed network device
as the client
C. When Huawei switches need to be managed through SNMP, the SNMP parameters of each switch must be
manually configured by default.
D. Both protocols manage different objects through MIB on network devices
Answer: C
Q173
Which of the following commands can be used to adjust the link cost of the IS-IS interface?
A. isis cost
B. isis timer hello
C. isis circuit-type
D. isis circuit-level
Answer: A
Q174
Execute the print(r.json()) command in the Python script, and the print output is as follows; The output contains
multiple elements, and now the value of token_id needs to be filtered out and assigned to the variable id. Which
of the following is the correct command? {'data': {'token_id': 'x-eonsfw', 'expirelate': '2020-07-07-07:30:00' },
'errcode': '0', 'errmsg': 'get token' successfully' }
A. id=r.json()['data']['token_id']
B. id=r.json(){'data'}{'token_id'}
C. id= r.json()('data')('token_id')
D. id = r.json()('token_id')
Answer: A
Q175
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when using BGP EVPN Type 2
routes for host MAC address advertisement, which of the following descriptions is correct?
A. Will carry specific L2 VNI and L3 VNI values at the same time
B. Will carry the specific L3 VNI value
C. The RT value carried is the Export RT in the IP VPN instance
D. IP Address and IP Address Length fields will not carry specific content
Answer: D
Q176
In the virtual campus network scenario deployed through iMaster NCE-Campus, after VN are created, VN
interworking needs to be configured.
Which of the following descriptions about configuring VN interworking is correct?
A. Actually, OSPF is deployed for the VPN-Instance corresponding to the VN

B. Actually, a static route is created for the VPN-Instance corresponding to the VN
C. Actually deploying routing strategies
D. Actually deploying traffic filtering
Answer: B
Q177
In a small and medium-sized cloud-managed campus network scenario based on the HUAWEI CLOUD campus
network solution, which of the following components provides query services for devices to automatically go
online?
A. WLAN Planner
B. Registration Inquiry Center
C. CloudCampus APP
D. iMaster NCE-campusInsight
Answer: C
Q178
A campus network deploys the Free Mobility function through iMaster NCE-campus, and the configured policy
control matrix is shown in the figure.
Policy Control Matrix:
Which of the following statements about the policy control matrix is wrong?
A. If the policy enforcement point does not find the security group corresponding to an IP address, the traffic of
the IP address can access the server group
B. The sales group cannot communicate with the guest group
C. The guest group can access the guest group
D. If the server group is a resource group, you can configure the policy source for the server group
Answer: D
Q179
Man-in-the-middle attacks or IP/MAC spoofing attacks can lead to information leakage and other hazards, and
are more common in intranets. Which of the following configuration methods can be taken to prevent man-in-
the-middle attacks or IP/MAC spoofing attacks? Or Man-in-the-middle attacks or IP/MAC spoofing attacks can
lead to information leakage and other hazards, and are more common in the intranet, in order to prevent man-
in-the-middle attacks or IP/MAC spoofing attacks, you can take the configuration method
A. Limit the maximum number of MAC addresses that can be learned on the switch interface
B. Enable DHCP Snooping to check the CHADDR field in the DHCP REQUEST message
C. Configure DHCP Snooping on the switch to associate with DAI or IPSG
D. Configure the Trusted/Untrusted interface
Answer: C
Q180
In the firewall dual-system hot backup scenario, which protocol is used between the active and standby devices
to implement session table backup?
A. VRRP
B. VCMP
C. HRP
D. BFD
Answer: C
Q181
When using EVPN to carry VPLS, which of the following descriptions about the advantages of EVPN is wrong?
A. PE does not need to learn the MAC address of CE

B. Support automatic discovery of PE members
C. EVPN supports CE multi-active access to PE
D. Loop avoidance without hard running STP
Answer: D
Q182
Which of the following descriptions about the BGP/MPLS IP VPN network architecture is wrong? Or Which of the
following statements is incorrect about the a BGP/MPLS IP VPN?
A. In general/In most cases, CE devices cannot perceive the existence of VPN, and CE devices do not need to
support MPLS, MP-BGP, etc.
B. The P device only needs to have basic MPLS forwarding capabilities and does not maintain VPN-related
information
C. The BGP/MPLS IP VPN network architecture consists of three parts: CE, PE and P. PE and P are operator
equipment, and CE is BGP/MPLS IP VPN user equipment
D. Sites can access each other through VPN, and a site can only belong to one VPN or inter-site communication
can be implemented through VPN. A site can only belong to only one VPN.
Answer: D
Q183
RESTCONF and NETCONF are both protocols used to manage the configuration of network devices. Which of the
following statements about RESTCONF and NETCONF is wrong?
A. The data encoding format of RESTCONF supports XML or JSON

B. RESTCONF uses HTTP operations, stateless, with transaction mechanism, with rollback
C. The operation methods of RESTCONF are GET, POST, PUT, PATCH, DELETE
D. NETCONF operates multiple configuration libraries for devices, with transaction mechanism and rollback
Answer: B
Q184
The role of Link-LSA in OSPFv3 does not include which of the following?
A. Advertise the IPv6 prefix list of this interface to other routers on the link
B. Advertise the options set in the Network-LSA originating from this link to other routers on the link
C. Advertise the link-local address of this interface to other routers on the link
D. Advertise the router's interface ID to other routers on the link
Answer: D
Q185
Which of the following is not part of the operation process in the intermediate stage of cutover?
A. Business testing
B. Cutover Preparation
C. Cutover Implementation
D. Field Defence
Answer: D
Q186
Which of the following descriptions about the OSPFv3 Router-ID is correct?
A. 100-bit value
B. 64-bit value
C. 128-bit value
D. 32-bit value
Answer: D
Q187
As shown in the figure, SW1 and SW2 use asymmetric IRB forwarding. When PC1 communicates with PC2, which
of the following is the destination MAC address of the original data frame in the message sent by VTEP1 to
VTEP2?
A. MAC A
B. MAC D
C. MAC C
D. MAC B
Answer: B
Q188
As shown in the figure, R1 and R4 establish a GRE tunnel to transmit data sent from PC1 to PC2. The TTL of the
inner header of the packet sent from the GEO/0/1 interface of R1 is 126. Which of the following is the inner TTL
of a packet sent by interface 0/3? Or In the following figure, a GRE tunnel is esatblished between R1 and R4 to
transmit data from PC1 and PC2. The TTL of the packet sent from GE0/0/1 of R1 is 126. What is the TTL of the
packet sent from GE0/0/3 of R3?
A. 124
B. 125
C. 127
D. 126
Answer: C
Q189
The figure shows the IPv6 SR-Policy routing information on a router. Which of the following does [10] mean?
A. distinguisher
B. policycolor
C. Turnnel ID
D. endpoint
Answer: A
Q190
The OPS (Open Progranmrability System) function of Huawei network equipment uses the HTTP protocol
method to access the management objects of network equipment. To facilitate users to write scripts, Huawei
provides Python script templates for the OPS function.
The following is the internal call method rest_call of the OPS Cornection class in the OPS script template.
Which of the following descriptions is correct?
A. The response.status in the rest_call method is the status code

B. The response.reason in the rest_call method is the reason phrase used to interpret the status code
C. The parameter method in rest_call (self, method, uri, req_data), the value can be DELETE, GET, SET, CREATE
D. The values of self.host and self.port in the rest_call method are "localhost".80 respectively
Answer: C
Q191
Based on the information given in the figure, which of the following statements is correct?
A. The IS-IS interface type of the GE0/0/0 interface on R1 is Leve1-1-2

B. IS-IS IPv6 is not enabled on the GE0/0/1 interface of R1
C. IS-IS IPv6 is enabled on the GE0/0/0 interface of R1
D. The IS-IS interface type of the GE0/0/1 interface of R1 is Level-1
Answer: A
Q192
SR-MPLS is enabled on all routers. The label information encapsulated by R1 into data packet is shown in the
figure. Which of the following MPLS labels is carried in the data packet when it is sent from R1 to R4? Or All
routers in a network enable SR-MPLS, and the label information encapsulated by R1 to a data packet is shown in
the figure. At this time, which of the following is the MPLS label carried when the data packet is sent from R2 to
R4?
A. 2046
B. 2024
C. Unlabeled/ No label
D. 2032
Answer: B
Q193
Huawei provides Python script templates for OPS functions.
The code of the Main method in the script template is as follows. Which item is wrong in the following
description?
A. ops_conn.close() means to close the HTTP connection

B. rsp_data = get_startup_info (ops_corn) means to call the get_startup_infc method, which will send an HTP
request to the device and store the device's response data in rsp_data
C. ops_conn = OPS Connecticn (host) means to create an instance of the OPS Connection class ops_cornn
D. When executing the Python script on the local PC, the value of host needs to be set to the IP address of the
network device
Answer: C
Q194
A user wrote the clear_start_info method. Use the oPS function to clear the configuration file of the current
network device, the code is as follows:
Which of the following descriptions is wrong?
A. ret is the HTIP status code

B. When ops_corn.create(uri, req_data) is executed, an HTTP request of the "TPUT" operation type is sent
C. rsp_data is the response data of the system after the request is executed, the format can refer to the RESTful
API of the network device
D. req_data data is stored in the body part of the HTTP request
Answer: C
Q195
How to deliver the results of topology arrangement in SD-WAN to RR?
A. Flow table
B. NSPF
C. BGP
D. SNMP
Answer: C
Q196
Which of the following descriptions about Multi-VPN-Instance CE (MCE) is wrong?
A. On the MCE device, you need to create their own routing and forwarding tables for different VPNs and bind
them to the corresponding interfaces
B. Users who are connected to the same MCE but do not belong to a VPN instance cannot access each other
C. There must be multiple physical links between MCE and PE to achieve isolation between different VPN
instances
D. Devices with MCE function can access multiple VPN instances in BGP/MPLS IP VPN applications, reducing the
investment in user network equipment
Answer: C
Q197
OSPFv2 is an IGP running on IPv4 networks, and OSPv3 is an IGP running on IPv6 networks. The basic working
mechanism of OSPFv3 is the same as that of OSFv2, such as the election of DR and BDR. An engineer uses three
routers to test IPv6 services. He wants to realize the interconnection of IPv6 networks by running OSPFv3.
Which of the following descriptions about the DR election for this network is correct?
A. After the network converges, R1 is the DR

B. After the network converges, the engineer changes the priority of R1 to 100, the priority of R2 to 10, and the
default value of R3. When the network converges again, R1 is DR and R2 is BDR
C. After the network converges, a new device R4 is added to the broadcast link, and the priority of R4 is 150.
When the network converges again, R4 is DR
D. After the network converges, R1 is powered off and restarted. When the network converges again. R3 is DR
Answer: B
Q199
Which of the following EVPN route types does not carry MPLS labels?
A. MAC/IP Advertisement Route

B. Ethernet Segment Route
C. Ethernet AD Route
D. Inclusive Multicast Route
Answer: B
Q200
Which of the following descriptions about configuring user access authentication is wrong?
A. Configure an 802.1X access profile, MAC access profile, Portal access profile or hybrid authentication profile
based on the authentication requirements of the actual networking
B. To implement network access control for users, it is necessary to determine the domain to which the user
belongs and the AAA scheme used
C. The access profile needs to be bound in the authentication profile to confirm the authentication method of
the user, and then the authentication profile needs to be applied to the interface to enable the network
admission control function
D. If authentication needs to be performed through a RADIUS or HWTACACS server, you need to configure the
relevant parameters for connecting with the authentication server in the AAA scheme
Answer: C
Q201
802.1X authentication is deployed in the network shown in the figure. Which of the following packets cannot
trigger 802.1X authentication?
A. DHCP
B. ICMP
C. EAPoL
D. ND
Answer: B
Q202
Which of the following descriptions about AH (Authentication Header, message authentication header protocol)
is wrong?
A. AH provides anti-message replay function

B. AH provides message encryption function
C. AH provides data source verification
D. AH provides data integrity verification
Answer: B
Q203
Which of the following protocols is used for the management of Huawei iMaster NCE-WAN controllers?
A. SNMP
B. HIIP/2
C. NETCONF over DTLS
D. NETCONF over SSH
Answer: D
Q205
If the SRH extension header is carried, the numbers filled in the next-header of IPv6 are:
A. 43
B. 49
C. 50
D. 16
Answer: A
Q206
Regarding the tunnel, which statement is wrong?
A. The tunnel is a GRE tunnel

B. The destination address of the tunnel is 10.3.3.3
C. The tunnel enables keepalive detection
D. Keyword detection is not enabled for this tunnel
Answer: C
Q207
Part of the configuration on the device is shown in the figure. In the following description of this configuration,
which one is wrong?
A. Configure the GigabitEthernet0/0/1 interface as a trusted interface

B. Enabling DHCP Snooping configuration can be used to prevent DHCP Server spoofing
C. Attacks Enabling DHCP Snooping configuration can be used to prevent ARP spoofing attacks
D. If there is no Sub0ptionl information of Option82 in the DHCP request packet received by the
GigabitEthernet0/0/1 interface, the device will generate Option82 and insert it into the packet
Answer: C
Q208
Which of the following descriptions about MPLS label space is wrong?
A. If the outgoing label value is 0, the router will directly discard the packet
B. Above 1024 is the label space shared by dynamic signaling protocols such as LDP, RSVP-TE, MP-BGP, etc.
C. When the penultimate LSR performs label switching, if the value of the label after the exchange is found to be
3, the label will be popped by default and the packet will be sent to the last hop
D. 16~1023 is the label space shared by static LSP and static CR-LSP
Answer: A
Q209
In free mobility, after the policy enforcement point device receives user traffic. According to which of the
following information carried by the traffic, find the corresponding policy and execute it, and then
forward/discard the traffic?
A. Source/Destination Security Group

B. Source/destination IP address
C. Source/destination port number
D. Source/destination MAC address
Answer: B
Q210
In the accompanying business travel, which of the following descriptions about "security group" and "resource
group" is correct?
A. When using resource groups, a policy will be generated based on each resource group on the policy
enforcement point device
B. The user IP address of the dynamic security group is not fixed, and the IP address is dynamically associated
with the security group after user authentication
C. When configuring the policy control matrix, the resource group can be used as the source group and
destination group of the policy
D. For service resources with overlapping IP address sets, they can be distinguished by static security groups
Answer: B
Q211
To achieve isolation between different users in the same VLAN, which of the following techniques can be
adopted?
A. IPSG
B. Port isolation
C. Ethernet Port Security
D. Super VLAN
Answer: B
Q212
A network means that all routers enable SR-MPLS, and the label information encapsulated by R1 for a data
packet is shown in the figure. At this time, which of the following is the forwarding path of the data packet?
A. R1-R3-R5-R6
B. R1-R2-R3-R5-R6
C. R1-R2-R4-R6
D. R1-R3-R2-R4-R6
Answer: D
Q213
OSPF supports SR-MPLS through which of the following types of LSA? Which of the following types of LSAs does
OSPF use to support SR-MPLS?
A. Type10 opaque LSA

B. Type1 Router L5A
C. Type7 NSSA External LSA
D. Type2 Network LSA
Answer: A
Q214
As shown in the figure, it is a typical network of "two places and three centers". Which device in the figure is
responsible for branch access to the WAN bearer network?
A. DC-PE
B. BR-PE
C. BR-CE
D. WAN-P
Answer: C
Q215
For the following Python code, which description is incorrect?
A. The HTTP request data (message body) is encoded in XML format

B. There are two header fields in the HTTP request, 'Content-Type': 'application/json' and 'Accept':
'application/json'
C. This code implements the sending of HTTP request messages, and the request method is POST
D. The Python code imports the requests library to implement the interaction process of the HTTP protocol
Answer: A
Q216
Which of the following is not a principle that needs to be followed when designing an SR-MPLS Policy tunnel?
A. The traffic of a single tunnel should not be too large to facilitate the progress of bandwidth tuning
B. The service traffic is associated with the tunnel to achieve a certain degree of path visibility
C. Increase the number of tunnels as much as possible. The more tunnels there are, the more refined the service
isolation and service quality can be guaranteed.
D. Consider possible future network expansion
Answer: B
Q217
The home broadband service requirements of an operator are as follows: the maximum downlink bandwidth of
the broadband is 100M when it is idle, and the guaranteed downlink available bandwidth is 50M when it is busy.
The home broadband service needs to bear the home IP telephone service in addition to the home Internet
service.
Which of the following configurations best matches the business requirement?
A. qos car inbound cir 100000

B. qos car inbound cir 100000 pir 50000
C. qos car inbound cir 50000 pir 100000
D. qos gts cir 100000
Answer: C
Q218
Assume that the neighbor relationship between BGP routers has been established successfully, and the
configuration on R1 is as shown in the figure.
Which router can the routing entry 10.10.10.0/24 advertised by R1 be delivered to the farthest?
A. R2
B. R1
C. R4
D. R3
Answer: D
Q219
The number of tunnels established in Huawei SD-WAN solution can be controlled through specific parameters.
A network topology is shown in the figure. How many trails can be established in this topology?
A. 3
B. 4
C. 2
D. 1
Answer: B
Q220
According to the configuration information shown in the figure, it can be inferred that how many interfaces on
R4 that are advertised into ISIS?
A. 3
B. 1
C. 0
D. 2
Answer: A
Q221
In the virtualized campus network scenario deployed by iMaster NCE-Campus, which of the following
descriptions about the access management configuration is wrong?
A. When creating a user authentication template, a template can only contain one authentication method
B. Before creating a user authentication template, you need to create a server template
C. iMaster NCE-Campus can be used as RADIUS server or Portal server
D. The authentication template bound to the wired and wireless access points needs to be specified in the
access management of the Fabric
Answer: A
Q222
An engineer uses two routers to test IPv6 services, and simulates the interconnection between the headquarters
and branches by running BGP4+.As shown in the figure, an engineer captures packets to view the Update
packets sent by R1. Which of the following descriptions about the message information is correct? Or On the
network shown, an engineer uses two routers to test IPv6 services by running BGP+4 to simulate the
communication between the enterprise headquarters and a branch. The engineer checks an update message
sent by R1. Which of the following statements about the messgae information is correct?
A. This packet describes the currently withdrawn IPv6 route

B. The next hop address of the route described in this packet is: 2001:db8:2345:1::1
C. The route described in this packet may be imported through import
D. The routing address prefix and prefix length described in this packet are: 2001:db8:2345:1::1/128
Answer: D
Q223
Which of the following descriptions about the SP scheduling algorithm is wrong?
A. SP scheduling algorithm prioritizes queues with high priority
B. When using the SP scheduling algorithm to schedule multiple low-priority queues, the packets that enter the
queue first will be forwarded first
C. In order to ensure the quality of key services, the service can be scheduled through the SP algorithm, and the
minimum bandwidth can be set
D. When using the SP scheduling algorithm, if the high priority occupies a lot of bandwidth, it may cause the low
priority queue to death
Answer: B
Q224
In the firewall dual-system hot backup scenario, each firewall has a VGMP group. By default, which of the
following working states is the VGMP group in?
A. Standy
B. Initialize
C. Active
D. Load Balance
Answer: C
Q225
In the design of small and medium-sized campus network, when mutual visits are required between branches
and the number of branches is large (over 100), which of the following interconnection networking models is
recommended?
A. Partial-Mesh networking
B. Hub-Spoke Networking
C. Direct networking
D. Full-Mesh networking
Answer: D
Q226
Which of the following descriptions about configuring authentication templates is correct?
A. Under the same interface of the same device, all authentications can only be configured with the same
default domain or mandatory domain
B. When multiple access profiles are bound to the authentication profile, the order of triggering authentication
is 802.1X-->Portal-->MAC
C. If the user's mandatory domain is configured, the user will be forced to authenticate in the mandatory
domain regardless of whether the user name carries the domain name or not.
D. The domain that the user accesses by default is the default domain, which cannot be modified by commands
Answer: C
Q227
In the VXLAN implementation, which of the following is the mapping relationship between VNI and BD?
A. 1:1
B. N: 1
C. 1: N
D. N: M
Answer: A
Q228
Configure ISIS IPv6 cost 50 under the interface, which of the following is the meaning of this command?
A. The IS-IS IPv6 Level-1 cost of the interface is 50

B. The IS-IS IPv6 Level-1 and Level-2 costs of the interface are both 50
C. The IS-IS IPv6 Level-2 cost of the interface is 50
D. The IS-IS IPv6 Level-1 and Level-2 costs of the interface are both 60
Answer: B
Q229
Which of the following MPLS L3VPN cross-domain solutions needs to transmit VPNv4 routes between ASBR?
A. Option D
B. Option B
C. Option A
D. Option C
Answer: B
Q230
After configuring the VLAN-based MAC address flapping detection function, if the MAC address flaps, you can
configure the actions of the interface as required. Which of the following is NOT a configurable action?
A. Interface blocking
B. Send an alert
C. Traffic filtering
D. MAC address blocking
Answer: C
Q231
The value range of DSCP is 0~63, some of which have proper names. Which of the following DSCP values
represent EF?
A. 46
B. 30
C. 22
D. 38
Answer: A
Q232
The network administrator executes the display current-configuration command to obtain the configuration file
of the device when troubleshooting MSTP faults. In the following description of the troubleshooting ideas, which
one is the wrong?
A. Check the port configuration to check whether the MSTP-enabled port is enabled with the protocol packet
sending command. Such as bpdu enable
B. Whether the MSTP port connected to the user terminal device is disabled or configured as an edge port
C. Check whether the device port is added to the correct VLAN
D. No matter whether BPDU Tunnel is configured on the device, it will not affect MSTP
Answer: D
Q233
All routers in a network enable the OSPF-based SR-MPLS function. The SRGB of each router is as shown in the
figure. By default, when R2 forwards a packet whose destination address is 10.0.4.4, which of the following
MPLS labels are carried?
A. 100
B. 40100
C. 30100
D. 3
Answer: B
Q234
Python Paramiko implements the SSH protocol. In the Python Paramiko module, which of the following classes is
used to create an SFTP session connection and perform remote file operations?
A. Channel class
B. SFTP Client class
C. Packetizer class
D. Transport class
Answer: B
Q235
Which of the following statements about MP-BGP is wrong?
A. When the PE and CE exchange routes through BGP, a BGP process needs to be created on the CE for each VPN
instance
B. MP-BGP advertises VPNv4 routes through MP_REACHNLRI and MP_UREACH NLRI attributes
C. MP-BGP needs to assign private network labels to VPNv4 routes
D. The packet types and VPNv4 route advertisement policies of MP-BGP are the same as those of BGP-4
Answer: A
Q236
As shown in the figure, the OSPF protocol is running between CE and PE. When CE1 advertises the route of this
site to CE2, which one of the following descriptions is wrong?
A. When PE2 receives the BGP route sent from PE1 with the same Domain ID as the local one, for neighbor
relationship and path status
B. The Domain ID configured on PE1 can be used as the BGP extension community attribute and sent to PE2
along with the route
C. When PE2 receives a BGP route from PE1 with a different Domain ID from the local one, PE2 will generate
Type5 LSA or Type7 LSA for all LSA
D. When PE2 receives the BGP route sent by PE1 and carries the same Domain ID as the local one, for Type1 LSA
and Type2 LSA, PE2 will generate Type3 LSA
Answer: A
Q237
As shown in the figure is the output information of a network engineer when troubleshooting OSPF faults. Based
on this, which of the following reasons may cause the adjacency relationship to fail to be established normally?
A. Inconsistency between Hello messages sent
B. Inconsistent authentication passwords
C. The IP address mask of the interface is inconsistent
D. Inconsistent area types
Answer: C
Q238
As shown in the figure, the OSPF protocol is enabled on all interfaces of the router, the cost value of the link is
marked in the figure, and the Loopback0 interface of R2 is advertised in area 1.
Based on this, which one of the following is the cost of R1 reaching 10.0.2.2/32?
A. 50
B. 150
C. 200
D. 100
Answer: C
Q239
In the large and medium-sized virtualized campus network scenario, which of the following descriptions about
the security design of the campus network egress is wrong?
A. Special security devices such as firewalls and intrusion prevention systems can be deployed, and routers with
security functions can also be deployed
B. The exit area can deploy security policies and intrusion prevention to prevent illegal access and attacks
C. Anti-virus and URL filtering can be deployed in the exit area to realize virus detection and URL access control
D. Security zone division is required, and the Trust zone is usually used to define the zone where the servers that
provide services are located.
Answer: D
Q240
Which of the following descriptions about Underlay in VXLAN virtualized campus applications is wrong?
A. The virtualized campus solution uses VXLAN technology and uses MAC in UDP encapsulation to virtualize a
layer of logical network on the traditional IP network
B. When using iMaster NCE-Campus to realize automatic arrangement of two routing domains underlay, only
OSPF routing protocol is supported
C. When using astor NCE-Campus to realize the automatic arrangement of the routing domain of the underlay
network, only the single-area deployment of the routing protocol is supported
D. Underlay achieves IP reachability with the same network, so that service packets encapsulated by VXLAN can
communicate with each other between VTEP nodes
Answer: C
Q241
Which of the following is the three-layer logical interface used to implement different VXLAN virtual network
communication on the VXLAN L3 Gateway?
A. VBDIF interface
B. Layer 2 sub-interface
C. VLANIF interface
D. NVE interface
Answer: A
Q242
In the virtual campus network scenario deployed through iMaster NCE-campus, which of the following
statements about "adding devices" is wrong?
A. iMaster NCE-campus supports adding devices in batches

B. iMaster NCE-campus supports adding devices through device roles
C. iMaster NCE-campus supports adding devices through device ESN
D. iMaster NCE-campus supports adding devices by device type
Answer: B
Q243
When a wireless user passes Portal authentication, which of the following parameters is not supported to
authorize the user?
A. free-rule
B. UCL
C. IP address
D. ACL
Answer: A
Q244
Which of the following descriptions about the GRE security mechanism is wrong?
A. A GRE tunnel can be established only when the identification keywords set at both ends of the tunnel are
exactly the same
B. If the checksum is configured on the local end but not on the peer end, the local end will not check the
checksum of the received packets, but will check the sent packets.
C. If the key word is configured on the local end of the tunnel but not on the opposite end, the tunnel can
normally forward user packets
D. If the local end is configured with a checksum and the opposite end is configured, the local end checks the
checksum of the packets sent from the opposite end, and does not check the checksum of the sent packets.
Answer: C
Q245
Network information collection is a prerequisite for network tuning, including network topology and interface
bandwidth collection, link delay collection, and traffic statistics collection. Which of the following technologies
cannot be used for volume statistics collection?
A. Telemetry
B. PCEP
C. Netstream
D. SNMP
Answer: B
Q246
Which of the following technologies does not support SR-MPLS?
A. BGP
B. IS-IS
C. LDP
D. OSPF
Answer: C
Q247
Which of the following is correct about the meaning of the display current-configuration | include vlan
command?
A. View all configurations that contain the "VLAN" keyword

B. View the IP address of the VLANIF interface
C. View information about physical interfaces bound to each VLAN
D. Check which VLANs are currently created
Answer: A
Q248
Which of the following statements about VXLAN capabilities is true?
A. VXLAN uses MAC in UDP encapsulation mode.

B. VXLAN is essentially a VPN technology that can be used to build a Layer 2 virtual network over any network
with reachable routes. The VXLAN gateway is used to implement communication within the VXLAN network and
between the VXLAN network and non-VXLAN network.
C. VXLAN is a Layer 2 tunneling technology and cannot implement Layer 3 communication.
D. When using VXLAN on the network, all intermediate devices on the VXLAN channel must support VXLAN.
Answer: A
Q249
In the Huawei CloudCampus solution, which of the following onboarding modes does APs support?
A. CloudCampus Application
B. Registration Center Inquiry
C. Network System
D. CLI
Answer: A
Q250
In a broadcast network, if the DR priority of the interconnecting interface of two routers is both set to 0, which
state will the OSPF neighbor stay in?
A. DOWN
B. Exchange
C. Full
D. 2-way
Answer: D
Q251
Assume that the SRH of an SRv6 packet has five segment IDs. When a packet is sent from the third endpoint,
which segment ID will the node use as the IPv6 destination address?
A. 5
B. 3
C. 2
D. 1
Answer: B
Q252
The Huawei Open Programmable System (OPS) uses HTTP methods to access managed objects to manage
network devices. To facilitate script compilation, Huawei OPS provides Python script templates. In a Python
script template, what are the contents of the Content type and Accept fields in the HTTP request packet header?
B. text/xml, text/xsml
C. text/json, text/json
D. text/json, text/xml
Answer: B
Q253
Which of the following fields represents the MIME type of the data in the HTTP request header?
A. MIME-Type
B. Content-Type
C. Data-Type
D. Referer
Answer: B
Q254
Huawei's Open Programmable System (OPS) provides openness and programmability for network equipment,
and users can carry out secondary development to realize customized functions. Which of the following
commands can be used to view information about OPS scripts installed on network devices?
A. display ops script

B. display ops file
C. check ops script
D. check ops file
Answer: A
Q255
During the implementation of iMaster NCE Campus Wi-Fi Location Service (LBS), terminal location data is sent to
the LBS platform through HTTP requests. Which of the following methods is used in this HTTP request?
A. GET
B. PUT
C. POST
D. DELETE
Answer: A
Q256
Which of the following scenarios is the SD-WAN solution suitable for?
A. Enterprise branch interconnection

B. Internal interconnection of enterprise data center network
C. Enterprise Campus Wireless Network Deployment
Answer: A
Q257
When running OSPFv3 on a Huawei router, the OSPFv3 process will automatically select an interface address as
the router ID of the process.
A. True
B. False
Answer: B
Q258
OSPFv3 adopts the same route advertisement method as OSPFv2: advertise through the network command in
the OSPFv3 area view
A. True
B. False
Answer: B
Q259
What are the key components of jointly building an IP WAN bearer network solution with Huawei NetEngine
smart routers?
A. iMaster NCE-Fabric
B. iMaster NCE-IP
C. iMaster NCE-Campus
D. iMaster NCE-WAN
Answer: D
Q260
As shown in the figure, a campus has deployed IPv6 for service testing, and there are 4 routers in the network.
Run OSPFV3 to realize network interconnection.
Which of the following statements is false about the LSA generated by this OSPFV3 network?
A. R1 will generate Router-LSA to describe the device interface information, and will also receive Router-LSA
generated by R2 and R3
B. There is a Network LSA generated by R3 in the LSDB of R1, indicating that R3 may be the DR of this link
C. R1 will receive 2 Link-LSAs generated by R2, describing the information of the two links connected by R2
respectively
D. As an ABR, R2 will generate an Inter-Area-Prefix-LSA describing the IPv6 address prefix of Area 1 and advertise
it to R1 and R3
Answer: C
Q261
Which of the following is not a preliminary preparation for the cutover plan?
A. Field Defence
B. Cutover target
C. Existing network root description
D. Risk Assessment
Answer: A
Q262
The dynamic IP address assigned to the client by the DHCP server. Usually there is a certain rental period, so
which is wrong description of the rental period?
A. The lease renewal timer is 50% of the total lease period. When the "lease renewal timer" expires, the DHCP
client must perform an HP-only renewal
B. The rebinding timer is 87.5% of the total lease period
C. If the "rebinding timer" expires but the client has not received a response from the server, it will always send
a DHCPREQUEST message to the DHCP server that has previously assigned an IP address until the total lease
expires
D. During the lease period, if the client receives an OHCP NAK message, the client will immediately stop using
this IP address and return to the initialization state, and Kangxin will apply for a new IP address
Answer: C
Q263
In a VXLAN campus network, which of the following resources can a virtual network call? (Multiple Choice)
A. External network
B. Wired Access Port and/or Wireless Access Point
C. End user IP address segment, VANL belonging to the VN
D. Web Services Resources
Answer: ABCD
Q264
If SRv6 is deployed in a wide area bearer network, which of the following technologies are required? (Multiple
Choice)
A. BGP
B. MPLS
C. IGP
D. BGP-LU
Answer: ACD
Q265
The naming of SRv6 instructions follows certain rules, and the function of the instruction can be quickly judged
from the naming combination.
Which of the following descriptions of keywords in SRv6 directive names are correct? (Multiple Choice)
A. M: Query the Layer 2 forwarding table for unicast forwarding

B. X: Specify one or a group of Layer 3 interfaces to forward packets
C. T: Query the routing table and forward the packet
D. V: Look-up table forwarding according to the VPN instance routing table
Answer: BC
Q266
The Telemetry network model is divided into two types: generalized and chivalrous. What horizontal blocks are
included in generalized Telemetry? (Multiple Choice)
A. Controller
B. Analyzer
C. Equipment
D. Collector
Answer: ABCD
Q267
The SSH connection protocol multiplexes encrypted session connections into several logical channels. What
types of logical channels can be created based on an SSH session connection? (Multiple Choice)
A. TCP/IP forwarding channel

B. X11 channel
C. SFTP channel
D. Session channel
Answer: ABD
Q268
Which of the following are commonly used techniques for the differentiated service model? (Multiple Choice)
A. Congestion management techniques

B. Flow rate limiting technology
C. WAN Acceleration Technology
D. Congestion Free Technology
Answer: ABD
Q269
In MPLS VPN, in order to distinguish IPv4 prefixes that use the same address space, the RD value is added to the
IPv4 address. Which of the following statements about RD is correct? (Multiple Choice)
A. On a PE device, each VPN instance corresponds to an RD value. On the same PE device, the RD value must be
unique.
B. RD is encapsulated in the Update message as the extended community attribute of BGP during the delivery
process
C. RD can be used to control the publication of VPN routing information
D. After the PE receives the IPv4 route from the CE, it adds RD to the IPv4 route to convert it into a globally
unique VPN-IPv4 route, and publishes it on the public network
Answer: AD
Q270
Which of the following statements about MPLS L3VPN cross-domain solutions are correct? (Multiple Choice)
A. In the cross-domain potion B solution, ASBR does not need to bind an interface for each VPN instance
B. In the cross-domain potion C solution, two layers of MPLS labels are carried when forwarding user data
between ASBR
C. In the cross-domain potion A solution, MPLS must be enabled on the interfaces interconnected between
ASBRs
D. In the cross-domain potion C solution, VPNv4 routes can be directly transmitted between PEs in different AS
Answer: ABD
Q271
Telemetry technology supports specific sampling sensor paths to collect specified data information. What
sampling paths does Telemetry currently support? (Multiple Choice)
A. CPU Information
B. Interface Statistics
C. Memory Information
D. Optical module information on the interface
Answer: ABCD
Q272
As shown in the figure, the MAC address table of a VXLAN L2 Gateway device is shown. Which of the following
description are correct? (Multiple Choice)
A. The outgoing interface of 5489-922d-77e2 is GE1/0/1.20 and its BD is 20. It can directly communicate with
5489-9893-48a3 at Layer 2
B. 0000-0000-0010 and 5489-9893-48a3 are both in BD10, they belong to the same Layer 2 broadcast domain
C. The MAC address entry with the outgoing interface 10.3.3.3 is learned from the remote VTEP through the
VXLAN tunnel
D. The outgoing interface of 5489-9893-48a3 is GE1/0/1.10, and its BD is 10
Answer: BD
Q273
The channelized sub-interface FlexE technology can be used to implement network slicing, but the application
scenarios of the two technologies are slightly different. Which of the following descriptions of these two
technologies is correct? (Multiple Choice)
A. It is recommended to use channelized interface technology for resource reservation for interfaces below
50GE
B. Only network slices based on channelized sub-interfaces can be deployed when cross-domain MSTP devices
are used in the network
C. Only network slicing based on FlexE technology can be deployed when TN devices are deployed in the
network
D. It is recommended to use FlexE technology for resource reservation on 50GE and above interfaces in the
network
Answer: ABD
Q274
As shown in the figure, R1 and R2 establish a GRE tunnel, and execute "Ping-a 10.1.1.1 10.3.1.1" on R1. At this
time, the description of the ICMP packet sent from the GE0/0/1 interface of R1, which is wrong? (Multiple
Choice)
A. The packet will be encapsulated with GRE, the source IP address of the inner IP header is 10.1.1.1, and the
destination IP address of the inner IP header is 10.0.12.2
B. The packet is not encapsulated by GRE, the source IP address is 10.0.12.1, and the destination IP address is
10.0.12.2
C. The packet is not encapsulated by GRE, the source IP address is 10.1.1.1, and the destination IP address is
10.3.1.1
D. The packet will be encapsulated with GRE, the source IP address of the outer IP header is 10.1.12.1, and the
destination IP address of the outer IP header is 10.3.1.1
Answer: ABCD
Q275
The following descriptions about IKEv1 are summarized, which items are correct? (Multiple Choice)
A. There are two negotiation modes in the first phase of IKE: Main Mode and Aggressive Mode
B. IKE Phase 2 negotiation to establish IPSec SA
C. The first phase of IKE negotiation to establish an IKE SA
D. There are two negotiation modes in the second phase of IKE, fast mode (Quick M de) and slow mode
Answer: AB
Q276
Which of the following descriptions about the Portal protocol are correct? (Multiple Choice)
A. This protocol describes the protocol interaction between the Portal server and the access device, and can be
used to pass parameters such as username and password
B. The protocol adopts a client/server structure and operates based on UDP
C. The protocol supports CHAP and PAP authentication methods. Compared with PAP, CHAP has higher security
D. The protocol packet uses TLV format to carry attribute information such as username, password, and user
MAC.
Answer: ABCD
Q277
View the information as shown in the figure through the command on VTEP1, which one of the following
descriptions is correct? (Multiple Choice)
A. The route must carry L3 VNI information when it is advertised to the outside world
B. This is an EVPN Type 5 route
C. This is an EVPN Type 3 route
D. The route carries both MAC information and host IP information
Answer: ACD
Q278
As shown in the figure, the network has a loop because STP is not enabled. Which of the following phenomena
may be caused? (Multiple Choice)
A. MAC address table flapping
B. Host E can receive a large number of broadcast packets
C. Device CPU usage is too high
D. The device will have a loop alarm
Answer: ABCD
Q279
After completing the project investigation, in order to clarify the project cutover plan, what needs of the
customer for the network need to be understood? (Multiple Choice)
A. Packet Loss Rate

C. New business carrying capacity
D. QS
Answer: BC
Q280
In the VXLAN scenario, in order to reduce the flooding of ARP packets between VTEP, which of the following
features can be enabled? (Multiple Choice)
A. Port isolation
C. APR broadcast suppression
D. Local APR Proxy
Answer: ACD
Q281
In a virtualized campus network scenario deployed through iMaster NCE-Campus, when creating a Fabric
network service resource, the parameter information that needs to be configured, including which of the
following? (Multiple Choice)
A. Interconnected Information
B. Server Type
C. Scene Selection
D. Server address
Answer: ACD
Q282
A campus network deploys the Free Mobility function through iMaster NCE-Campu. Which of the following
information should the administrator pay attention to? (Multiple Choice)
A. Distribution of policies between groups

B. Definition of Security Groups
C. Selection of Policy Enforcement Points
D. Deployment of the Policy Control Matrix
Answer: ABCD
Q283
A router has the SRv6 function enabled and is configured as shown in the figure. Which of the following
descriptions about the configuration are correct? (Multiple Choice) [Router-segment-routing ipv6] locator
srv6_locator1 ipv6-prefix 2001:DB8:ABCD::64 static 32
A. The locator of this node is 2001:DB8:ABCD::

B. The static segment of the node occupies 32 bits
C. The dynamic segment of the node occupies 32 bits
D. The args field of the node occupies 32 bits
Answer: AD
Q284
The NETC NE content layer is the device configuration data. For the following NETC NEF information, which
description are correct? (Multiple Choice)
A. The configuration adopts the Huawei-YANG method
B. The configuration is to create VLAN 10 on the device
C. The configuration uses the NETCONF <edit-config> operation to load the configuration data into the startup
configuration library
D. <config> contains the "peration" attribute, which is a merge operation
Answer: ABCD
Q285
The SSH server has been configured and correct. Which of the following Python codes can be run on the SSH
client to successfully establish an SSH connection (the private key file is id_rsa, which is in the same path as the
client station Python script)? (Multiple Choice)
A. import paramiko
Client-paramiko.client.SSHClient()
Client.connect(hostname='192.168.1.1', username='huawei', key filename='id_rsa')
B. import paramiko
Client-paramiko.client.SSHclient()
Client.connect(hostname='192.168.1.1', username='huawei', pkey='id_rsa)
C. import paramik
Client = paramik.Transp rt(('192.168.1.1', 22))
Client.connect(username='huawei', key_filename='id_rsa')
D. import paramiko
Key=paramiko.RSAKey.from_private_key_file('id_rsa')
Client = paramiko.Transport(('192.168.1.1', 22))
Client.connect(username='huawei', pkey=key))
Answer: BD
Q286
Engineers need to collect the running status of existing network equipment. Currently, there is a Huawei
CE12800 switch with an SSH server configured on the live network. The authentication method is username and
password authentication. The device information is IP address: 192.168.1.1, SSH username: huawei, SSH
password: 123456, and SSH slogan: 22. Engineers need SSH to log in to the switch to check the memory usage of
the device. Which of the following Python codes can implement this function? (Multiple Choice)
A. import paramiko
Client.connect(hostname='192.168.1.1', username='huawei', password='123456') stdin, stdout, stderr =
client.exec_command('display memory') print(stdout)
Client.close()
B. import paramiko
Client = paramiko.Transport(('192.168, 1.1', 22)
Client.connect(username='huawei', password='123456')
Cli.cl se()
C. imp rt paramiko
Client = paramiko.Transp rt(('192.168.1.1', 22)
Client.connect(username='huawei', passw rd='123456')
stdin, stdout, stderr = client.exec_command('display memory') Result=std ut.resd()
For line in result:
Print(line)
Ssh.close()
D. import paramiko
Client.connect(h stname='192.168.1.1', username='huawei', password='123456') Cli = client.inv ker_she11()
Print(dis)
Cli.close()
Answer: CD
Q287
There is a Linux SSH server on the existing network. The network administrator uses his own PC SSH to log in to
the server for the first time and receives the following information. Which of the following descriptions are
correct?
The authenticity of host'server (192.168.1.1) can't ba establfished.ECDSA key fingerprint is
53:b9:f9:30:67:ec:34:88:e8:bc:2a:a4:6f:3e :97:95.
Are you sure you want to continue conneacting? (Multiple Choice)
A. The client does not save the public key of the Linuk server
B. The prompt information can be skipped through the SSH method in the Python Paramik library,
set_missing_host_key_policy (WarningPolicy()
C. This prompt can be skipped by the SSH method in the Python Paramik library,
set_missing_host_key_policy(Aut AddPolicy())
D. The client does not save the private key of the Linux server
Answer: AC
Q288
Which of the following reasons may cause BGP neighbor relationship failure? (Multiple Choice)
A. The loopback interface is used to establish an EBGP neighbor without peer ebgp-max-hop configured
B. ACL filters TCP port 179
C. The peer connect-interface is not configured when establishing neighbors through the loopback port
D. Conflict of router ID of neighbors
Answer: ABCD
Q289
The network administrator wants to use AS-Path Filter to match the routing entries of BGP routing
ASP_PATH[100 200 300]. The network administrator sorts out the four configurations in the figure, which
configurations in the figure can meet the requirements of the network administrator? (Multiple Choice)
A. Method D
B. Method C
C. Method A
D. Method B
Answer: ACD
Q290
Please judge according to the information given in the figure, which of the following descriptions are correct?
(Multiple Choice)
A. There is no IS-IS routing entry in R1's IP routing table
B. There are 6 routing entries generated by IS-IS in the IP routing table of R1
C. A route entry with prefix 172.16.1.4/32 exists on R1
D. R1 has no route entry to 172.16.1.4/32
Answer: BC
Q291
After the client passes 802.1X authentication, which of the following authorization information does the RADIUS
server support? Or Which of the following types of authentication cab be delivered by a Radius server after a
client passes 802.1x authentication? (Multiple Choice)
A. VLAN
B. MAC address
C. UCL group
D. ACL
Answer: ACD
Q292
Which of the following are the intelligent operation and maintenance functions supported by the Huawei Cloud
Campus Network Solution? (Multiple choice)
A. Based on big data + AI, providing predictive intelligent tuning capabilities

B. Based on Telemetry technology, monitor the network quality on the wireless side from three dimensions: AP,
radio, and user
C. Ability to analyze network failures based on individual and group problems
D. Visually monitor network quality through network health
Answer: ABCD
Q293
IPsec is not a separate protocol, but an open standard technical solution. Which of the following protocols are
included in the IPsec protocol framework? (Multiple choice)
A. PKI
B. AH
C. SSL
D. ESP
Answer: ABD
Q294
All routers in a network enable the OSPF-based SR-MPLS TE function, as shown in the figure for the network
diagram of adjacency label assignment. Which of the following adjacency labels are assigned by router P3?
(Multiple choice)
A. 9003
B. 9005
C. 9006
D. 9002
Answer: CD
Q295
Which of the following descriptions about Prefix Segment and Adjacency Segment are correct? (Multiple choice)
A. Prefix Segment is used to identify a destination address prefix in the network

B. Adjacency Segment is used to identify an adjacency in the network
C. Prefix SID is a local SID outside the SRGB range
D. Adjacency SID is the offset value within the SRGB range published by the source
Answer: AB
Q296
Taking the typical networking of "two places and three centers" as an example, which of the following levels are
generally divided into the WAN bearer network? (Multiple choice)
A. Control layer
B. Core layer
C. Aggregation layer
D. Access layer
Answer: BCD
Q297
What information carried in the packet does simple flow classification support setting the internal priority of a
packet based on? (Multiple choice)
A. Traffic Class
B. Source or destination IP address
C. MPLS EXP
D. DSCP
Answer: CD
Q298
Which of the following functional parameter configuration errors will affect the establishment of BGP
neighbors? (Multiple choice)
A. BGP Certification
B. BGP GTSM
C. ebgp max hop
D. BGP route filtering
Answer: ABC
Q299
Which of the following descriptions about internal priority is wrong? (Multiple choice)
A. The highest internal priority level is EF

B. The highest internal priority level is CS7
C. All external priority garbage can be mapped one-to-one to internal priority
D. There are 8 levels of internal priority
Answer: AC
Q300
SR MPLS directly uses the forwarding plane of MPLS. Therefore, the MPLS function needs to be enabled when
deploying SR MPLS. When which of the following conditions are met, the interface will automatically enable the
MPLS function? (Multiple choice)
A. Enable Segment Routing in the global view

B. Configure the static adjacency label of the corresponding interface in the Segment Routing view
C. Enable Segment Routing on IGP and enable IGP on the interface
D. Configure SRGB under the IGP process
Answer: AD
Q301
An enterprise's wide-area bearer network needs to support IPv4 and IPv6 networks, and needs to deploy SRv6,
which of the following parameters need to be planned when planning the IP address of the network? (Multiple
choice)
A. IPv6 address
B. IPv4 address
C. SRv6 Locator
D. SRv6 Function
Answer: ABCD
Q302
In order to ensure the reliability of Huawei iMlater NCE-WAN controllers, active and standby controllers can be
deployed.
In order to ensure the access of the active and standby controllers, some IP addresses need to be configured as
the same IP. Which of the following addresses need to be configured as the same IP? (Multiple choice)
A. Southbound private address

B. Northbound address
C. The controller's southbound public network address
D. The Controller's internal interconnection address
Answer: BC
Q303
RR rules for advertising routes violate the rules of IBGP split horizon, so it may cause loops in the AS. What
routing attributes does RR use to prevent loops? (Multiple choice) or The rules for RR to publish routes break the
rules for horizontal segmentation of IBGP, so it is possible to cause loops within the AS. What routing attributes
does RR use to prevent loops?
A. Cluster List
B. Originator ID
C. Nexthop
D. AS-PATH
Answer: AB
Q304
In a small and medium-sized cloud management campus network scenario based on HUAWEI CLOUD campus
network solution, which of the following devices are supported as Portal authentication point devices? (Multiple
choice)
A. FW
B. SW
C. AR
D. AP
Answer: ABCD
Q305
NETCONF can flexibly read and edit the configuration library, and realize the distribution, verification and
rollback of the overall configuration. Which of the following configuration libraries does NETCONF support?
(Multiple choice)
A. Startup configuration library <startup>

B. Running Configuration library <running>
C. Candidate configuration library <candidate>
D. Backup configuration library <backup>
Answer: ABC
Q306
A network runs SR-MPLS, and now R1 wants to access R7, and its label stack is as shown in the figure.
Which of the following may be the path for R1 to access R7? (Multiple choice)
A. R1-R3-R5-R7
B. R1-R2-R4-R6-R7
C. R1-R3-R5-R4-R7
D. R1-R2-R4-R5-R7
Answer: BD
Q307
In an SR-MPLS network, the manually configured Prefix SIDs on different devices may conflict with labels.
If there are four routes (prefix/mask SID) as shown in the options, which of the following routes will be preferred
in the end according to the conflict handling principle? (Multiple choice)
A. 3.3.3.3/32 1
B. 1.1.1.1/32 2
C. 1.1.1.1/32 1
D. 2.2.2.2/32 3
Answer: CD
Q308
As shown in the figure, R1 and R2 establish a GRE tunnel. If it is required that the R1 device "Ping -a
1.1.1 10.3.1.1" can be successfully pinged, which of the following commands needs to be configured on R1 or
R2? (Multiple choice)
A. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2"; Configure the
following command on R2, "ip route-static 10.1.1.1 255.255.255.255 Tunnel0/0/0"
B. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.25.255 Tunnel0/0/0"; Configure
the following command on R2, "ip route-static 10.1.1.1 255.255.255.255 Tunnel0/0/0"
C. Configure the following command on R1, "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2"; Configure the
following command on R2, "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
D. Configure the following command on R1, "ip route-static 10.3.1.1 25.255.255.255 Turnel0/0/0"; Configure the
following command on R2, "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
Answer: ABCD
Q310
According to the information given in the figure, which of the following descriptions are correct? (Multiple
choice)
A. R1 does not have routes for 3002::3/128 and 3002::4/128

B. If no routing policy about AS_Path is configured, then 3002::4/128 must not originate from AS 65001
C. If no routing policy about AS_Path is configured, then 3002::4/128 must originate from AS 65001
D. R1 has routes for 3002::3/128 and 3002::4/128
Answer: CD
Q311
ping -a X -c Y -s Z -vpn-instance M 10.5.16.2, which of the following descriptions of this command is correct?
(Multiple choice)
A. The ping packet belongs to VPN instance M

B. The ping sends Y ICMP requests
C. The source IP address of the ping packet is X
D. The ICMP request of the ping, the packet size is Z (excluding IP and ICMP headers)
Answer: ABCD
Q312
Which LSAs in OSPFv3 can be flooded within an area? (Multiple choice)
A. Link-LSA
B. Intra-Area-Prefix-LSA
C. Inter-Area-Router-LSA
D. Inter-Area-Prefix-LSA
Answer: BCD
Q313
Which of the following key technologies need to be used to implement SRv6 Policy based on the HUAWEI
CLOUD WAN solution architecture? Or Which of the following are key technologies used to implement SRv6
Policy based on HUAWEI CLOUD WAN solution architecture (Multiple choice)
A. PCEP
B. NETCONF
C. BGP-LS
D. BGP IPv6 SR Policy
Answer: ACD
Q314
Which of the following stages of the SSH session is encrypted transmission? (Multiple choice)
A. Version Negotiation Phase

B. User Authentication Phase
C. Key Exchange Phase
D. Session Interaction Phase
Answer: BCD
Q315
What are the risks in the communication process of the HTTP protocol? (Multiple choice)
A. Tampering: The third party can modify the content of communications

B. Eavesdropping: The third party can learn the content of communications
C. Losting: communication content may be lost with a small probability during transmission
D. Pretending: the third party can impersonate another person to participate in the communication
Answer: ABD
Q316
A campus has deployed IPv6 for service testing. There are 4 routers in the network, running OSFv3 to realize the
interconnection of IPv6 networks. As shown in the figure, an engineer checked the LSDB of R2 and intercepted
one of the Link-LSAs.
Which of the following statements about the LSA is correct? (Multiple choice)
A. The LSA shows that R2 does not support external routing, but participates in IPv6 routing calculation
B. The link-local address of the R2 interface GE0/0/0 is: FE80::2E0:FCFF:FECD:4F79
C. The router that generated the LSA is R2
D. The IPv6 address prefix of the R2 interface GE0/0/0: 2001:DB8:2345:23::/64
Answer: BCD
Q317
Which of the following descriptions about the OSPFv3 packet format are correct? (Multiple choice)
A. There is no change in the option field of the Hello message

B. Removed Authentication, Auth Type fields
C. OSPF version number changed from 2 to 3
D. Hello packets no longer contain address information and carry Interface ID
Answer: BCD
Q318
In the HUAWEI CLOUD campus network solution, which of the following are the deployment methods supported
by HUAWEI switches? (Multiple choice)
A. WEB interface
B. Based on DHCP Option148
C. Command Line Interface (CLI)
D. Huawei Registration and Inquiry Center
Answer: ABCD
Q319
choice)
A. R1 is IBGP neighbor with 3000:FDEA::3

B. The optimal outgoing interface for R1 to access 3000:FDEA::3 is GigabitEthernet0/0/1
C. R1 has a TCP connection with 3000:FDEA::3
D. R1 learned route 3002::3/128 through IBGP
Answer: ACD
Q320
Which of the following descriptions about 802.1X authentication are correct? (Multiple choice)
A. 802.1X authentication uses EAPoL (Extensible Authentication Protocol over LAN) to realize the exchange of
authentication information between the client, the device and the authentication server
B. EAPoL defines EAP encapsulation on a network using the IEEE 802.3 protocol, and EAPoW is required to
implement EAP encapsulation on a network using the IEEE 802.11 protocol
C. When using EAP relay mode, EAP packets are directly encapsulated into RADIUS packets (EAP over RADIUS,
referred to as EAPoR) by the network access device, and the network access device uses EAPoR to perform
authentication, authorization and accounting with the AAA server. fee
D. When the EAP termination method is used, the EAP packets are terminated at the network access device and
re-encapsulated into RADIUS packets. The standard RADIUS protocol is used to complete authentication,
authorization and accounting between the network access device and the AAA server.
Answer: ABC
Q321
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, run the command on the VTEP to
view the BGP EVPN route, and see the route entry as shown in the figure. Which of the following descriptions of
these route entries are correct? (Multiple choice)
A. These route entries are all Type3 routes. which carries the VTEP IP address
B. These route entries are all Type2 routes. It carries the host IP information
C. These routing entries are all Type 3 routes. If the VTEP IP address carried in them is reachable with a Layer 3
route, a VXLAN tunnel to the peer will be established.
D. These route entries are all Type3 routes. The local end will create a headend replication list after receiving it
Answer: ACD
Q322
Which of the following descriptions about the security protocols used by IPsec are correct? (Multiple choice)
A. The encryption range of ESP is the entire IP packet

B. ESP is an IP-based transport layer protocol with protocol number 50
C. Both AH and ESP support tunnel mode encapsulation
D. The integrity verification scope of AH is the entire IP packet
Answer: BCD
Q323
Network traffic optimization solves network congestion through a series of behaviors, which of the following
stages are mainly included? (Multiple choice)
A. Network bandwidth reservation

B. Network Information Collection
C. Network Traffic Tuning Calculations
D. Delivery of tuning results
Answer: ABCD
Q324
Which of the following descriptions about HTTP messages are correct? (Multiple choice)
A. The body of the HTTP response message is the data that the web server wants to return to the client
B. Header fields are used to supplement additional information about HTTP requests and responses
C. The start line is used to describe the execution result in the HTTP request message, and the operation to be
performed is described in the response message
D. The body of the HTTP request message is the data that the client wants to send to the Web server
Answer: ABCD
Q325
Which of the following descriptions about the forwarding of the Ingress node in the MPLS forwarding process
are correct? (Multiple choice)
A. Find the corresponding NHLFE entry according to the Turn1 ID of the ILM table, and associate the LFIB entry
with the NHLFE entry
B. View the NELFE entry, you can get the outgoing interface, next hop, outgoing label and label operation type,
the label operation type is Push
C. After the Ingress node receives the data packet, it will first check the ILM table to find the Tunnel ID
D. Press the obtained label into the IP packet, process EXP according to the QoS policy, and process the TTL at
the same time, and then send the encapsulated MPLS packet to the next hop
Answer: BD
Q326
Which of the following descriptions about the REST software architecture design concepts and principles are
A. Each resource has a unique resource identifier, and operations on the resource will not change these
identifiers
B. All operations are stateless
C. Everything on the web can be abstracted as resources
D. Use standard methods to operate resources, the core operations are GET, PUI, POST, DELETE defined by the
HTTP specification
Answer: CD
Q327
Configuring DHCP Snooping can be used to prevent spoofing attacks. Which of the following steps should be
included in the configuration process? (Multiple choice)
A. Enable the global DAI Snooping function

B. Enable the global DHCP function
C. Enable DHCP Snooping on an interface or VLAN
D. Configure the interface trust state
Answer: ABCD
Q328
Which of the following descriptions about the multicast addresses used by OSFFv3 are correct? (Multiple choice)
A. The DR router uses FF08::6
B. The DR router uses FF2::6
C. All OSFF Routers use FF02::5
D. All OSPF Routers use FF08:5
Answer: BC
Q329
A network administrator wants to use ACLs to match specific routing entries. Which of the following routing
entries will be matched by the ACL rules in the figure? (Multiple choice)
A. 10.0.0.0/24
B. 10.0.2.0/24
C. 10.0.0.1/32
D. 10.0.1.0/24
Answer: AB
Q330
The following figure shows the MPLS VPN cross-domain Option C solution. In the scenario where RR exists within
the domain, if Option C mode 1 is used, which of the following descriptions about the neighbor relationship
between devices are correct? (Multiple choice)
A. Establish a unicast BGP neighbor relationship between RR1 and RR2

B. Establish a VPNv4 neighbor relationship and a unicast BGP neighbor relationship simultaneously between PE1
and RR1
C. Establish a VPNv4 neighbor relationship between RR1 and RR2
D. Establish a VPNv4 neighbor relationship and a unicast BGP neighbor relationship between ASBR1 and ASBR2
at the same time
Answer: BC
Q331
The Discovery message of LDP is used for neighbor discovery, and LDP has different discovery mechanisms when
discovering neighbors, so which of the following descriptions of the Discovery message in the discovery
mechanism are correct? (Multiple choice)
A. This message is encapsulated in a UDP packet, and the destination port number is 646
B. The destination IP address of the message is the multicast IP address 224.0.0.2
C. After the TCP connection is established, the LSR does not continue to send Hello Message
D. The message is sent to the specified LDP Peer
Answer: AB
Q332
A campus deploys the OSPF protocol to achieve network interoperability, and the LSDB information of R2 is
shown in the figure.
Which of the following information from this LSDB is correct? (Multiple choice)
A. R2 delivers the default route in the OSPF process

B. R2 converts the default route of Type7 LSA to the default route of Type5 LSA
C. There is no Type3 LSA in Area1, it may be that R2 has filtered the Type3 LSA in the outbound direction of
Area1
D. Area1 is the NSSA area
Answer: AD
Q333
In the VXLAN scenario, in order to reduce the flooding of ARP packets between VTEPs. Which of the following
features can be enabled? (Multiple choice)
A. ARP broadcast suppression

C. Local ARP proxy
D. Port isolation
Answer: ABC
Q334
Which of the following reasons may cause OSPF neighbors to fail to reach the Full state? (Multiple choice)
A. The router IDs of the neighbors are the same

B. The link works abnormally
C. The OSPF network types at both ends of the link are inconsistent
D. Interface OSPF MTU configuration are different
Answer: ABCD
Q335
Which of the following reasons may cause IS-IS neighbor relationship failure? (Multiple choice)
A. The IP addresses of the interfaces at both ends of the storage route are not in the same network segment
B. The devices on both ends of the link are configured with the same System ID
C. The IS-IS Levels at both ends of the link do not match
D. When an interface establishes an IS-IS Level-1 neighbor relationship, the area numbers of the devices at both
ends of the link do not match.
Answer: BCD
Q336
Which of the following Commmity attributes can ensure that the propagation scope of EGP routing entries is
only within the AS? (Multiple choice)
A. No_Export_Subconfed
B. No_Export
C. Internet
D. No_Advertise
Answer: AB
Q337
In an intra-domain MPLS VPN network, when a data packet enters the public network and is forwarded, it will be
encapsulated with two layers of MPLS labels. Which of the following descriptions about the two-layer label is
wrong? (Multiple choice)
A. The outer label is used to correctly send the data packet to the corresponding VPN on the PE device
B. The outer label of MPLS VPN is assigned by LDP or statically, and the inner label is assigned by the MP-BGP
neighbor of the opposite end
C. By default, the outer label is popped before the packet is forwarded to the last hop device
D. The outer label of MPLS VPN is called the private network label, and the inner label is called the public
network label
Answer: AD
Q338
When configuring an SFTP server on Huawei devices, which of the following commands are not required (the
server uses user Name and password authentication, user name: huawei, password:
123456)? (Multiple choice)
A. [Server] ssh user huawei authentication-type rsa

B. [Server] ssh server enable
C. [Server] aaa
[Server-aaa] local-user huawei password irreversible-cipher 123456 [Server-aaa] 1ocal-user huawei user-group
manage-ug
[Server-aaa] 1ocal-user huawei service-type ssh
[Server-aaa] quit
D. [Server] sftp server enable
Answer: AB
Q339
Which of the following technologies may be used to improve the reliability of the bearer network? (Multiple
choice)
A. BFD/SBFD
B. PIM-SM
C. Anycast FRR
D. Mirror SID
Answer: ACD
Q340
In which of the following ways can traffic be introduced into the SR-MPLS TE tunnel? (Multiple choice)
A. In the execution statement of policy routing, use the SR-MPLS TE tunnel interface as the outgoing interface
B. Use the SR-MPLS TE tunnel as a logical link to participate in IGP routing calculation
C. By configuring the tunnel policy
D. By configuring a static route, specify the outgoing interface of the static route as the tunnel interface of SR-
MPLS TE
Answer: ABCD
Q341
In the Huawei SD-WAN solution, which of the following items are included in the information transmitted using
EVPN? (Multiple choice)
A. IPsec SA Information
B. NAT Configuration information
C. TNP routing
D. Business Routing
Answer: ACD
Q342
A company consists of a head office and two branch offices, and uses MPLS VPN technology to transmit private
network routes. In the Hub&Spoke networking mode, branch offices can only send and receive routes to and
from the head office, and branch offices cannot directly send and receive routes to each other.
Which of the following RT setup schemes can achieve the above requirements? (Multiple choice)
A. Head Office
B. Head Office:
Import Target: 1:1, 2:2 Export Target: 3:3
Branch 1:Import Target: 3:3 Export Target: 1:1
Branch 2:Import Target: 3:3 Export Target: 2:2
C. head office
D. Head Office:
Answer: AB
Q343
As shown in the figure, if you want to realize that the network does not allow users to access the network
through statically configured IP addresses, which of the following solutions can be used? (Multiple choice)
A. DAI+IPSG
C. DAI+Port Security
D. DHCP Snooping+DAI
Answer: BC
Q344
A campus network deploys two virtual networks through iMaster NCE-Campus: the R&D VN and the market VN.
The R&D personnel belong to the R&D security group and access the R&D VN, and the sales personnel belong to
the sales security group and access the market VN.
Now the campus network requires R&D personnel and sales personnel to be able to achieve mutual visits. For
the realization of mutual visit requirements, which of the following tasks should network administrators
complete? (Multiple choice)
A. Deploying an external network

B. Configuring VN Interworking
C. Deployment Policy Control Matrix
D. Configure network service resources
Answer: BC
Q345
In the accompanying business, which of the following descriptions of authentication points and policy
enforcement points are correct? (Multiple choice)
A. The authentication point device will execute the policy according to the source/destination security group
corresponding to the source/destination IP address of the traffic
B. Authentication point and policy enforcement point can be different devices
C. Authentication point and policy enforcement point must be unified
D. The policy enforcement point is responsible for enforcing inter-group policies based on security groups
Answer: BD
Q346
As shown in the figure, a VP-BCP neighbor relationship is established between PE1 and PE2 through the
Loopback0 interface. After the configuration is complete, it is found that CE1 and CE2 cannot learn routes from
each other. Which of the following items will cause this problem? (Multiple choice)
A. The PH instance parameters on PE1 or PE2 are incorrectly configured

B. Misconfiguration of routing protocols between PE1 or PE2 and their respective CEs
C. The LSP tunnel between PE1 and PE2 is not established
D. PE1 or PE2 does not have neighbors enabled in the BGP-VPv4 unicast address family view
Answer: ABC
Q347
As shown in the figure, RI, R, R3, and R4 all belong to OSP area 0, and the cost value of the link is listed in the
figure. The LoopbackO interfaces of R1, R2, R3, and R4 have been advertised into OSPF. R1, R2, R3, and R4 use
Loopback0 as the connection interface to establish an IBGP peer relationship. R1, R2, and R3 are clients of R4.
The directly connected network segment 172.20.1.4/32 of R4 has been advertised into the BGP protocol.
Judging from the above information, regarding the traffic trend of R1 accessing 172.20.1.4/32, which of the
following descriptions are correct? (Multiple choice)
A. If R3 is configured with Stub router on-startup, packets will be lost when R3 is powered off, and no packets
will be lost during R3 startup.
B. The preferred route is R1-R2-R4
C. During the two processes of power failure and startup of R3, there will be packet loss
D. The preferred route is R1-R3-R4
Answer: AD
Q348
A campus has deployed IPv6 for service testing. There are 4 routers (R1, R2, R3, and R4) in the network, running
OSPFv3 to realize the interconnection of IPv6 networks. A new router R5 needs to be connected to the network
for testing. An engineer introduces a direct route into the OSPFv3 process of R4 to enable devices in the campus
network to access the CE0/0/1 port address of R5.
Which of the following statements about the scene is correct? (Multiple choice)
A. R2 will generate a Type4 LSA and only flood in Area 0

B. R4 will generate a Type5 LSA and only flood in Area 1
C. R2 will generate a Type4 LSA describing the Router ID of R4
D. R4 will generate a Type5 LSA describing the imported IPv6 routing prefix
Answer: ACD
Q349
Which of the following items does the Huawei Cloud Campus Network Solution include? (Multiple choice)
A. NetEngine AR series routers

B. iMaster NCE-Carpus
C. CloudEngine S-Series Switches
D. iMaster NCE-CampusInsight
Answer: ABCD
Q350
In the campus network, which of the following problems exist when creating static VXLAN tunnels manually?
(Multiple choice)
A. Static VXLAN tunnels also use related protocols on the control plane. Will cause equipment resource
consumption
B. N devices establish static VXLAN tunnels. Then, at most N (N-1)/2 tunnels need to be manually configured,
and the amount of configuration is large.
C. VTEP can only rely on data flooding to learn the remote MAC address
D. Although the static VXLAN tunnel mode can support distributed gateway application scenarios, the
configuration workload is large and the configuration adjustment is complicated
Answer: BC
Q351
As shown in the figure, 802.1X authentication is deployed on GE0/0/1 of SW2. Which of the following
descriptions are correct? Or On the netwrok shown in the following figure, 802.1X authentication is deployed on
GE0/0/01 of SW2. Which of the following statements are correct? (Multiple choice)
A. Assuming that SW2 adopts interface-based access control and 802.1x client A passes the authentication first,
if 802.1x client A goes down first, then 802.1x client B will lose the corresponding network access permissions
B. When using interface-based access control, assuming that 802.1X client A is successfully authenticated, then
802.1X client B can use network resources without authentication
C. When MAC address-based access control is used, both 802.1.x authentication client A and 802.1.x
authentication client B need to be authenticated separately to obtain the corresponding network access rights
D. Assuming that SW2 adopts MAC-based access control and 802.1X client A passes the authentication first, if
802.1X client A goes offline first, since the port status has not changed, 802.1X client B will continue Retain
appropriate network access permissions
Answer: BCD
Q352
Which of the following descriptions about the authentication protocol used in the Portal authentication process
A. When the HTTP/HTTPS protocol is used as the authentication protocol, all devices involved in the
authentication process do not need to support the Portal protocol
B. When the Portal protocol is used as the authentication protocol, the Portal server and access device only
need to support the Portal protocol, and do not need to support the HTTP/HTTPS protocol
C. When the Portal protocol is used as the authentication protocol, the Portal server needs to exchange
authentication information with the access device, and then the access device sends this part of the information
to the authentication server for identity authentication
D. When using HTTP/HTTPS to access the device, the access device sends this part of the information to the
authentication server for identity authentication
Answer: BC
Q353
Network tuning calculation is to select an appropriate tuning purpose, apply a corresponding algorithm, and
globally or locally compute an optimized path. Which of the following constraints can the controller take when
calculating the path? (Multiple choice)
A. Explicit path
B. Hop count
C. Priority
D. Bandwidth
Answer: ACD
Q354
Considering the dimensions of transformation cost, technological advancement and the scope of impact of
transformation, which of the following principles should be followed during IPv6 transformation? (Multiple
choice)
A. Select an appropriate IPv6 upgrade and evolution plan from a global perspective, make reasonable use of the
old, and avoid wasting assets
B. Deploy a dual-stack network to achieve long-term coexistence of IPv4 and IPv6 networks
C. Ensure that existing users are unaware and service migration is smooth
D. Build an advanced next-generation enterprise IPv6 network system architecture to fully support the long-
term development and stable operation of enterprise business systems, and avoid network re-engineering and
repeated investment
Answer: ABCD
Q355
During the SSH public key authentication process, the server decrypts the digital signature generated by the
client through the public key to complete user authentication. Which of the following objects need to be
involved in the generation of SSH digital signatures? (Multiple choice)
A. Username
B. Public key
C. Public key algorithm
D. Private key
Answer: ABCD
Q356
What are the parts of the response message of the HTTP/1.1 protocol? (Multiple choice)
A. Response body
B. Response headers
C. Status line
D. Blank line
Answer: ABCD
Q357
Which of the following are the deployment methods of iMaster NCE-CampusInsight? (Multiple choice)
A. MSP self-built cloud CloudCampus deployment

B. Local Standalone Deployment
C. Local CloudCampus Deployment
D. Huawei Public Cloud CloudCampus Deployment
Answer: ABCD
Q358
From the perspective of architecture, Huawei SD-WAN solution can be divided into management layer, control
layer and network layer.
Which of the following devices belong to the network layer? (Multiple choice)
A. FW
B. EDGE
C. GW
D. RR
Answer: BC
Q359
SRv6 has strong network programming ability, which is reflected in those fields of SRH? (Multiple choice)
A. Each SRv6 SID
B. Flags
C. Segment List
D. Optional TLV
Answer: ACD
Q360
IFIT implements end-to-end delay and packet loss statistics by inserting packet headers into service flows to
make color markings. Which of the following is correct? (Multiple choice)
A. Whether in MPLS or SRv6 scenarios, IFIT is in-band detection, so it can sense the service flow status Flags in
real time
B. In the IFIT for SRv6 scenario, the Option TLV in the SRH extension header carries the IFIT-related information
Optional TLV
C. The network device reports information to the controller through Telemetry. The controller obtains
information such as delay and packet loss through calculation
D. In the IFIT for SR/MPLS scenario, the IFIT header is indicated by label 12
Answer: BCD
Q361
Yangon is the data modeling language of NETCONF. Which of the following belongs to the basic data model of
yangon? (Multiple choice)
A. LEAF node
B. LIST node
C. SER node
D. TREE node
Answer: AB
Q362
Which of the following is not a function provided by MACsec? (Multiple choice)
A. Controllability
B. Authenticity
C. Encryption
D. Integrity
Answer: BCD
Q363
In the small and medium-sized campus network, which of the following devices support the registration center
method? (Multiple choice)
A. AP
B. FW
C. AR
D. SW
Answer: ABCD
Q364
Which of the following protocols does IPsec include? (Multiple choice)
A. PKI
B. SSL
C. AH
D. ESP
Answer: CD
Q365
Which of the following source node behaviors allow devices to be inserted into the SRH? (Multiple choice)
A. Insert
B. insert.red
C. encaps
D. encaps.red
Answer: AB
Q366
In SR-MPLS, the manually configured prefix sid of different devices may conflict, so according to the conflict
handling principle, which of the following will be selected in the end? (Multiple choice)
A. 1.1.1.1/32 1
B. 1.1.1.1/32 2
C. 3.3.3.3/32 1
D. 2.2.2.2/32 3
Answer: AD
Q367
Which of the following types of SIDs does BGP EPE assign to inter-domain paths? (Multiple choice)
A. peer-prefix
B. peer-set
C. peer-adj
D. peer-node
Answer: BCD
Q368
Which of the following about IKEv1 is correct? (Multiple choice)
A. Phase 2 Negotiation of IPSec SA

B. The first phase of negotiation to establish an IKE SA
C. Two modes in the first stage: main mode, brutal mode
D. Two modes in the second stage: fast and slow
Answer: ABC
Q369
Which of the following descriptions about the label encapsulation format in MPLS is correct? (Multiple choice)
A. For Ethernet and PPP packets, the label stack is like a "shim" between the Layer 2 header and the data.
When there is a VLAN tag, the MPLS header is placed between the Ethernet header and the VLAN tag
B. The total length of a single MPLS label is 4 bytes
C. The TTL field in the label is similar to the TTL (Time To Live) in the IP packet, and it also has the effect of
preventing loops.
D. The length of the S field in the label is 1 bit, which is used to identify whether the label is the bottom label of
the stack. When the value is 1, it indicates the second-to-last layer label.
Answer: BC
Q370
For which packets can Huawei equipment perform traffic suppression? (Multiple choice)
A. Broadcast
B. Multicast
C. Unknown Unicast
D. Known Unicast
Answer: BCD
Q371
Which of the following descriptions about the MPLS header TTL is correct? (Multiple choice)
A. MPLS handles TTL in two ways. One is to copy the IP TTL value of the TTL of the MPLS header when the IP
packet enters the MPLS network; the other is to set the TIL of the MPLS header to 255 at the ingress LER.
B. It can prevent infinite loop forwarding of messages
D. The processing method of copying the IP TTL value hides the LSR of the MPLS domain and plays a certain
security role
Answer: AB
Q372
DHCP Snooping is a DHCP security feature that can be used to defend against various attacks. Which of the
following about the types of attacks that DHCP Snooping can defend against are correct? (Multiple choice)
A. A starvation attack where the defense department changes the CHADDR value
B. Defense against man-in-the-middle attacks and IP/MAC spoofing attacks
C. Defense Against DHCP Bogus Attacks
D. Anti-TCP flag attack
Answer: AC
Q373
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, which of the following
descriptions about symmetric IRB forwarding are correct? (Multiple choice)
A. Ingress VTEP only performs L2 table lookup

B. The VNI carried in the VXLAN header is L3 VNI when forwarding cross-network segment user communication
packets between VTEPs
C. Egress VTEP only performs L2 table lookup and forwarding
D. Ingress VTEP and Egress VIEP will perform L3 table lookup and forwarding
Answer: BD
Q374
Port Security enhances the security of the device by converting part of the MAC address into a secure MAC
address and preventing hosts other than the secure MAC from communicating with the device through this
interface.
Which of the following is a secure MAC? (Multiple choice)
A. Secure Static MAC Address

B. Protected MAC address
C. Sticky MAC address
D. Secure Dynamic MAC Address
Answer: ACD
Q375
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when BGP EVPN Type 2 routes
are used to transmit IRB type routes, which of the following information is carried? (Multiple choice)
A. Layer 2 VNI
B. Layer 3 VNI
C. Host MAC address
D. Host IP address
Answer: ABCD
Q376
In the Huawei SD-WAN solution, which of the following routing protocols can be used on the LAN side to
connect to the Layer 3 network? (Multiple choice)
A. RIP
B. IS-IS
C. OSPF
D. BGP
Answer: CD
Q377
MPLS supports the establishment of LSPs in a static or dynamic manner. In the MPLS TE scenario, which of the
following protocols can establish dynamic LSPs? Or MPLS supports both static and dynamic LSP establishment.
Which of the following protocols cannot dynamically establish LSPs in MPLS-TE scenarios? (Multiple choice)
A. OSPF
B. RSVP-TE
C. BGP
D. IS-IS
Answer: ABD
Q378
SR-MPLS can use the IGP protocol to advertise topology information, prefix information, SRGB and label
information. In order to complete the above functions, OSPF defines TLVs for SIDs and SR-MPLS capabilities of
network elements.
Which of the following TLVs does OSPF use to advertise the Prefix SID and Adjacency SID of SR-MPLS? (Multiple
choice)
A. LAN Aaj-SID Sub-TLV

B. SID/Label Sub-TLV
C. Prefix SID Sub-TLV
D. Adj-SID Sub-TLV
Answer: CD
Q379
Which of the following is included in the SR Policy triple? (Multiple choice)
A. color
B. dscp
C. endpoint
D. headend
Answer: ACD
Q380
XML is the encoding format of the NETCONF protocol. NETCONF uses text files to represent complex hierarchical
data.
8"?>
<?xml version="1.0" encoding="UTF-
<note>
<to>Learners</to>
<from>Huawei</from>
<heading>Reminder</heading>
<body>Don't forget Reading!</body>
</note>
For the following XML file, which of the following descriptions are correct? (Multiple choice)
A. encoding: Indicates the character set encoding format, currently only UTF-8 encoding is supported
B. <?: Indicates the start of an instruction
C. /: Indicates the end of the current label
D. ?>: Indicates the end of an instruction
Answer: ABCD
Q381
The enterprise wide-area bearer network needs to provide different quality of service guarantees for various
services. At this time, QoS planning can be used to ensure that various services are reasonably forwarded on the
bearer network. Which of the following descriptions about QoS planning principles are correct? (Multiple
choice)
A. Reasonable: Allocate reasonable resources based on the importance of the business

B. Maintainability: Actual business changes rapidly, and QoS policy may need to be adjusted frequently during
routine maintenance. It needs to be easily adjusted and maintained.
C. Scalability: the current QoS policy needs to consider subsequent business expansion
D. Consistency: QoS planning involves business classification, marking, scheduling, speed limiting and other
behaviors, and the entire network needs to be consistent
Answer: ABCD
Q382
Which of the following location reporting methods does the iMaster NCE-Campus support to implement Wi-Fi-
based location services? (Multiple choice)
A. After the network device is transferred, it is reported to the LBS Server

B. WLAN AP reports terminal location data through Bluetooth Beacon packets
C. WLAN AP directly reports terminal location data
D. iMaster NCE-Campus relay reports terminal location data
Answer: ABCD
Q383
Which of the following statement about LDP is correct? (Multiple choice)
A. Relying on hello packets to establish LDP session

B. After receiving the label mapping relationship sent by the other party, the establishment of the LDP session is
completed
C. Maintain LDP sessions by keepalive packets.
D. Negotiate parameters by init message.
Answer: ACD
Q384
Which of the following sequences can be represented by the regular expression [100200]$? (Multiple choice)
A. 300 200 100

B. 100 300 200
C. 200 100 300
D. 100 200 300
Answer: CD
Q385
Part of the configuration of the switch is shown in the figure.
Which of the following descriptions about the configuration on this switch is correct? (Multiple choice)
A. First you need to create a DHCP server group and add a DHCP server to the server group
B. The VLANIF 100 interface will send the received DHCP packets to the external DHCP Server through the relay
C. Both DHCP server and DHCP Delay must be configured with DHCP enabled globally
D. Specify the DHCP server group for the VLANIF100 interface as dhcp group1
Answer: ABCD
Q386
choice)
A. There are 2 equivalent paths for R1 to access 172.16.1.4

B. There are 4 equivalent paths for R1 to access 172.16.1.4
C. R1 needs to go through a 4-hop router to access 172.16.1.4
D. R1 needs to go through a 2-hop router to access 172.16.1.4
Answer: AD
Q387
Which of the following description of the MPLS header TTL are correct? (Multiple choice)
A. The processing method of copying the IP TTL value hides the LSR of the MPLS domain and plays a certain
security role
B. MPLS handles TTL in two ways. One is to copy the IP TTL value of the TTL of the MPLS header when the IP
packet enters the MPLS network, and the other is to uniformly set the TTL of the MPLS header to 255 in the
ingress LER.
D. It can prevent infinite loop forwarding of messages
Answer: BD
Q388
According to the information given in the figure, which of the following statements are correct? (Multiple
choice)
A. There is a loop when R1 accesses 172.17.1.5

B. R1 has a route between 172.17.1.5
C. R1 has no problem accessing the path of 172.17.1.5
D. R1 has no route to access 172.17.1.5
Answer: AB
Q389
In a virtualized network scenario deployed through iMaster NCE-Campus, when creating a fabric, it is necessary
to configure the fabric global resource pool, which of the following items are included? (Multiple choice)
A. Bridged Broadcast Domain (BD)

B. Interconnecting IP Address Resources
C. XLAN Network Identity (VNI)
D. VLAN resources
Answer: ACD
Q390
In the Huawei SD-WAN solution, which of the following descriptions of the Hub-Spoke topology are correct?
(Multiple choice)
A. Hub-Spoke topology mode supports dual-Hub site networking

B. Hub-Spoke topology mode supports network-segment-based hub site active-active
C. Hub-Spoke topology mode supports active-active hub site based on Spoke site
D. Hub-Spoke topology mode supports four-Hub site networking
Answer: ABC
Q391
As shown in the figure, R1 and R2 establish a GRE tunnel. If it is required to successfully ping when R1 "Ping
10.3.1.1", which of the following commands needs to be configured on R1 or R2? (Multiple choice)
A. Configure the following command on R2: "ip route-static 10.1.1.1 255.255.255.255 Turnnel0/0/0"
B. Configure the following command on R1: "ip route-static 10.3.1.1 255.255.255.255 10.0.12.2"
C. Configure the following command on R2: "ip route-static 10.1.1.1 255.255.255.255 10.0.12.1"
D. Configure the following command on R1: "ip route-static 10.3.1.1 255.255.255.255 Turnnel0/0/0"
Answer: AD
Q392
Which of the following descriptions about the SD-WAN resale scenario by operators are correct? (Multiple
choice)
A. Enterprises can realize the connection between SD-WAN network and traditional operator backbone network
through SD-WAN GW
B. Operators provide a unified SD-WAN controller to provide SD-WAN services for multiple enterprises
C. Enterprises can manage and control their own SD-WAN services through the tenant rights assigned by the
operators, or they can be hosted by the operators, and the operators can manage and control the SD-WAN
services of the enterprises
D. Enterprises can act as tenants and rent SD-WAN services provided by operators. Enterprise tenants can
control SD-WAN services of all sites within the enterprise, but cannot see SD-WAN services of other tenants
Answer: ABCD
Q393
In the scenario of dynamically establishing a VLAN tunnel through BGP EVPN, run commands on the VTEP to
view the detailed information of the BGP EVPN route and see the route information as shown in the figure.
Which of the following descriptions are correct? (Multiple choice)
A. This is an IRB type Type2 route

B. This route contains RT and EVPN Router's MAC Extended Community extended community attributes
C. This is a Type5 route
D. Import RT contains 0:2 or 0:3 VPN instances can learn the host routing information contained in this route
Answer: AD
Q394
As shown in the figure, in the scenario of dynamically establishing a VLAN tunnel through BGP EVPN, VTEP1
transmits a BGP EVPN Type2 route to VTEP2, where the EVPN RT value is 20:1, then which of the following
description about this scenario are wrong? (Multiple choice)
A. VTEP2 will drop the route directly

B. VTEP2 compares the RT value carried by the route, which is different from the IRT value of the EVPN instance
bound to BD20, so VTEP2 will discard the route
C. VTEP2 compares the RT value carried by the route, which is the same as the IRT value bound to the IP VPN
instance VTEP_VBDIF20, so VTBP2 will learn the IP routing entry carried in the route advertisement packet into
the IP routing table corresponding to the IP VPN instance
D. VTEP2 compares the RT value carried by the route, which is different from the IRT value of the EVPIt instance
bound to R20, so TEP2 will not learn the MAC address entry carried by the route into the MAC address table of
BD20
Answer: BD
Q395
As shown in the figure, if 802.1x authentication needs to be enabled on the GE0/0/2 and GE0/0/3 interfaces of
SW3, the RADIUS server needs to be used for user authentication and authorization delivery.
Which of the following configuration steps are required? (Multiple choice)
A. Configure the 802.1X access profile

B. Configure certificate horizontal pole
C. Configure the AAA scheme
D. Configure the authentication domain
Answer: ABCD
Q396
The topology shown in the figure adopts VXLAN distributed gateway, VBDIF10 on SW1 is configured, and the
arp-proxy local enable command is used, which of the following descriptions are correct? (Multiple choice)
A. The ARP entry on PC1 is, 172.16.1.2 MAC B

B. The ARP entry on PC1 is, 172.16.1.2 MAC D
C. SW1 receives the message sent from PC1 to PC2, and will perform L2 table lookup and forwarding
D. SW1 receives the message sent by PC1 to PC2, and will perform L3 table lookup and forwarding
Answer: BD
Q397
As shown in the figure, in the scenario of dynamically establishing a BXLAN tunnel through BGP EVPN, VTEP1
transmits a BGP EVPN Type2 route about PC1 to VTEP2. Which of the following descriptions about this scenario
are correct? (Multiple Choice)
A. The route is an IRB type route

B. The RT value carried by this route is 10:1
C. The RT value carried by this route is 100:1
D. The RD value carried by the route is 103:1
Answer: ABD
Q398
Ethernet is a broadcast-enabled network, and once there are loops in the network, this simple broadcast
mechanism can have catastrophic consequences. Which of the following phenomena may be caused by loops?
(Multiple choice)
A. Serious packet loss during network test via ping command

B. CPU usage exceeds 70%
C. Use the display interfacet command on the device to view interface statistics and find that the interface
receives a large number of broadcast packets
D. The device cannot record remotely
Answer: ABCD
Q399
In the following description of OSPF Router LSA and Network LSA, which items are wrong? (Multiple choice)
A. Routers running OSPF must generate Router LSAs

B. There must be both Router LSA and Network LSA in the NSPF network
C. A router running OSPF must generate a Network LSA
D. Network LSA carries both topology and routing information
Answer: BC
Q400
In the virtualized campus network deployed through iMaster NCE-campus, administrators should configure the
parameters as shown in the figure.
Which of the following statements about this operation is correct? (Multiple choice)
A. The administrator is configuring VN interworking

B. After this step is completed, the controller will deliver the static route corresponding to the VPN-Instance to
the device
C. After this step is completed, the controller will deploy OSPF on the device
D. The administrator is creating the VN
Answer: AB
Q401
Overlay network topology in Huawei SD-WAN solution system, which of the following items are included? Or
which of the following topologies does the overlay network support in the Huawei SD-WAN solution? (Multiple
choice)
A. Full-Mesh
B. Hierarchical Topology
C. Partial-Mesh
D. Hub- Spoke
Answer: ABCD
Q402
In Huawei SD-WAN solution, which of the following items are mainly included in the application optimization
function? (Multiple choice)
A. Application Identification
B. Intelligent routing
C. QoS
D. Wide-area optimization
Answer: ABCD
Q403
The NETCONF content layer configures data for the device. Configuration data requires a modeling language.
Which of the following are the content layers currently supported by Huawei devices? (Multiple choice)
A. ONF-YANG
B. OpenConfig-YANG
C. Huawei-YANG
D. IETF-YAG
Answer: BCD
Q404
HTTP/1.1 is the mainstream standard today. Regarding the HTTP/1.1 request message, which of the following
request methods are included? (Multiple choice)
A. GET
B. POST
C. PATCH
D. DELETE
Answer: ABCD
Q405
The unified monitoring and performance management of network equipment is an important function of the
operation and maintenance platform. Which of the following protocols or technologies does the operation and
maintenance platform obtain equipment monitoring data? (Multiple choice)
A. Telemetry
B. Netstream
C. Syslog
D. SNMP
Answer: ABCD
Q406
Which of the following description about configuring static VXLAN access are correct? (Multiple choice)
A. An NVE interface can be associated with multiple VNIs. So when there are multiple BDs, only one NVE
interface can be created
B. For a VXLAN tunnel, a corresponding NVE interface needs to be created, in which the source IP address and
destination IP address are clearly specified. Therefore, if there are multiple VXLAN tunnels on the VIEP, the
corresponding number of NVE interfaces must be configured.
C. In the NVE interface, the destination address of the VXLAN tunnel is specified by the address in the headend
replication list. Multiple VXLAN tunnels can create only one NVE interface
D. A BD needs to create an NVE interface when there are multiple BDs. Multiple NVE interfaces must be created
Answer: AC
Q407
In the firewall dual-system hot backup scenario, which of the following situations will cause the local device to
actively send VGMP packets? (Multiple choice)
A. The dual-system hot backup function is enabled

B. Link Detection Packet Timeout
C. Priority increase
D. The dual-system hot-standby function is turned off
Answer: ACD
Q408
Which of the following are the Features of HTTP? (Multiple choice)
A. Using UDP encapsulation

B. Media independence
C. Stateless
D. No connection
Answer: BCD
Q409
Which of the following information needs to be planned for network cutover? (Multiple choice)
A. QoS
C. Packet Loss Rate
D. Business situation
Answer: BD
Q410
After the port security function is enabled, if the number of MAC addresses learned on the interface reaches the
upper limit, which of the following processing methods may be taken by the port? (Multiple choice)
A. Discard the message with the new MAC address and report an alarm
B. Discard the message with the new MAC address and do not report an alarm
C. The interface is error-down, and the alarm is reported.
D. The interface is error-down, and the alarm is not reported.
Answer: ABC
Q411
Which of the following statements about MPLS VPN cross-domain solutions are correct? (Multiple choice)
A. In the OPTION C scheme, when transferring between ASBRs, carry two layers of labels
B. In the OPTION A scheme, ASBR cannot open MPLS
C. In the OPTION C scheme, PEs can directly exchange VPNv4 routing information
D. In the OPTION B scheme, the intermediate link does not need to process the label information.
Answer: ACD
Q412
Which of the following statement is correct? (Multiple choice)
A. The next hop of this packet is 2001::xxxxxx

B. This packet only carries one attribute, and multi-protocol cannot reach NLRI
C. The prefix carried by this packet is 2001::xxxxxx
D. This message is used to revoke the relevant routing information.
Answer: BCD
Q413
Regarding ISIS equivalent routing, which of the following statements is correct? (Multiple choice)
A. If load balancing is used, the data packets are evenly distributed on each link
B. The priority of an equal-cost route can be adjusted, the route with higher priority is forwarded first, and the
rest of the links are backed up
C. If the priority is the same, the packet will be preferentially forwarded to a certain link according to the
principle that the smaller the system-id, the better
D. If the number of equal-cost routing entries exceeds the number set by the device, the entire load will be
shared.
Answer: ABC
Q414
Which of the following layers does the telemetry protocol include? (Multiple choice)
A. Transport layer
B. Communication layer
C. Data encoding layer
D. Data Model Layer
Answer: ABCD
Q415
There are three families in a residential building: A, B, and C. Family A leases 30M network bandwidth, and
purchases voice phone, Internet TV and broadband Internet access services.
Family B leases 20M of network bandwidth and purchases Internet TV and broadband Internet access services.
Family C rents 10M network broadband and only purchases broadband Internet access services. The operator
has made the HoS configuration on the access device as shown in the figure below. Which of the following
descriptions are correct? (Multiple choice)
A. The Internet TV service of family A can obtain a maximum bandwidth of 30M, and the broadband Internet
service of family C can obtain a maximum bandwidth of 10M
B. Home A's voice and telephone services can obtain a bandwidth of 30M at most, and home B's Internet TV
service can obtain a maximum bandwidth of 10M
C. Family A's broadband Internet access service can obtain a maximum bandwidth of 30M, and family B's
Internet TV service can obtain a maximum bandwidth of 20M
D. The broadband Internet service of family A can obtain a maximum bandwidth of 10M, and the broadband
Internet service of family C can obtain a maximum bandwidth of 10M
Answer: AC
Q416
Which of the following aspects should be considered in the cutover risk assessment? (Multiple choice)
A. Location of key risk points

B. Losses from Risk
C. Timing of Risk Impact
D. Scope of Risk Impact
Answer: ABCD
Q417
Which of the following is the key technology for implementing SRv6 strategy based on Huawei Cloud WAN
solution architecture? (Multiple choice)
A. BGP-LS
B. BGP IPv6 SR Policy
C. PCEP
D. Network form
Answer: ABC
Q418
LDP uses discovery messages to discover neighbors. Which of the following statements about the basic
discovery mechanism is true? (Multiple choice)
A. The destination IP address of the LDP discovery message is the multicast IP address 224.0.0.2.
B. LDP discovery messages are sent to the specified LDP peers.
C. After the TCP connection is established, the LSR no longer sends Hello messages.
D. LDP discovery messages are encapsulated into UDP packets with destination port number 646.
Answer: ACD
Q419
Ethernet supports broadcasting. In the event of a network loop, this simple broadcast mechanism can lead to
catastrophic consequences.
Which of the following symptoms may be caused by a loop? (Multiple choice)
A. Users cannot log in to the device remotely.

B. The display interface command outputs a large number of broadcast packets received on the display
interface.
C. CPU usage exceeds 70%.
D. During the ping test, many ICMP packets are lost.
Answer: ABCD
Q420
Regarding forwarding equivalence classes (FEC) in MPLS, which of the following statements is incorrect?
(Multiple choice)
A. Packets with the same FEC are handled differently on MPLS networks.
B. FEC can be flexibly divided according to source IP address, destination IP address, source port, destination
port, protocol type, VPN or any combination of them.
C. MPLS classifies packets with the same forwarding processing mode into one FEC.
D. An FEC is marked with only one unique label.
Answer: AB
Q421
Regarding the security protocols used by IPsec, which of the following statements is true? (Multiple choice)
A. AH performs an integrity check on the entire IP packet.

B. ESP encrypts the entire IP packet.
C. Both AH and ESP support tunnel encapsulation.
D. ESP is an IP-based transport layer protocol with protocol number 50.
Answer: ACD
Q422
Regarding the hub-and-spoke topology in Huawei SD-WAN solution, which of the following statements is
A. The hub-and-spoke topology mode supports dual hub networks.

B. The hub-and-spoke topology mode supports segment-based active hub sites.
C. The hub-and-spoke topology mode supports active hub sites based on spoke sites.
D. The hub-and-spoke topology mode supports networking with four hub sites.
Answer: ABC
Q423
Which of the following intelligent operation and maintenance functions does Huawei CloudCampus solution
support? (Multiple choice)
A. Use telemetry to monitor AP, radio, and user wireless network quality.
B. Provide visual monitoring of network quality based on network health.
C. Analyze network failures based on individual and group failures.
D. Provide predictive intelligence optimization capabilities based on big data and artificial intelligence.
Answer: ABCD
Q424
Huawei CloudCampus solution supports the free mobility function. Which of the following descriptions about
the free mobility function is correct? (Multiple choice)
A. Administrators can centrally manage network-wide policies on the controller and execute business policies on
devices
B. In the free mobility solution, the administrator does not need to repeat the configuration for each device
C. The controller is not only the authentication center in the campus network, but also the management center
of the business policy
D. Administrators do not need to pay attention to users' IP addresses when configuring policies
Answer: ABCD
Q425
In PIM, which of the following description about DR is correct? (Multiple choice)
A. PIM routers become PIM neighbors by exchanging Hello packets. The Hello packets carry the DR priority and
the interface address of the network segment.
B. On the shared network segment of the connected group members, the DR is responsible for sending a
Register join message to the RP. The DR connected to the group member is called the group member side DR
C. On the shared network segment connected to the multicast source, the DR is responsible for sending the Join
registration message to the RP. The DR connected to the multicast source is called the source DR
D. If the current DR fails, the PIM neighbor relationship will time out, and a new round of DR election will be
triggered between other PIM neighbors
Answer: AD
Q426
RTA is the source DR router, RTB is the RP router, the multicast source sends multicast data to RTA, but the
multicast source registered to it through the PIM Register message cannot be seen on RTB, what are the
possible reasons? (Multiple choice)
A. There is no unicast route from RTB to RTA, which causes RTB to fail the RPF check of the source
B. The multicast network dynamically elects the RP, but the RTA fails to check the RPF of the BSR
C. RP elected by RTA is not RTB
D. The multicast network is statically configured with RP, but the RTA router is not statically configured with RP
Answer: ACD
Q427
Which of the following descriptions about Filter-Policy are correct? (Multiple choice)
A. Filter-Policy can be used on both OSPFv2 and OSPFv3

B. In the distance vector protocol, because routing information is passed between devices, Filter-Policy can
directly
C. Filtering In the link state routing protocol, the routing table is generated by LSDB, so Filter-Policy is essentially
filtering the LSAs in the LSDB
D. In the distance vector protocol, if you want to filter out the route from the upstream device to the
downstream device, you need to configure filter-policy export on the downstream device.
Answer: AB
Q428
What functions can Huawei iMaster NCE products achieve? (Multiple choice)
A. Devices can be managed across manufacturers

B. Network Automation
C. Provide a variety of open API interfaces
D. Predictive maintenance based on big data and Al
Answer: ABCD
Q429
In the security assistance of Agile Controller, which of the following description of security linkage components
A. The log reporting device is undertaken by the network devices, security devices, policy servers, third-party
systems, etc. in the middle of the network. It is mainly responsible for providing network information and
security logs.
B. Client devices are producers of network information and security logs
C. The linkage policy execution device is undertaken by the switch, which is mainly responsible for the security
response of the dark part of the linkage between the devices after the security time occurs.
D. The security defense component of Agile Controller is responsible for log collection and processing, event
correlation, security situation presentation, and security response.
Answer: ACD
Q430
In order for the eSight network management to be able to receive and manage devices and report alarms, what
conditions must be met? (Multiple choice)
A. The device is managed by the network management

B. The correct trap parameters are configured on the device side
C. The managed devices on the network management should be configured with the correct SNMP protocol and
parameters
D. The network management and equipment should be connected
Answer: ABCD
Q431
Which of the following statements about ASPF and Servermap are correct? (Multiple choice)
A. ASPF checks the application layer protocol information and monitors the application layer protocol status of
the connection
B. ASPF determines whether packets pass through the firewall by dynamically generating ACLs
C. Configure NAT Server to generate static Server-map
D. The Servermap table uses a five-tuple to represent a conversation
Answer: AC
Q432
When congestion occurs, which of the following indicators of Qos are usually affected? (Multiple choice)
A. Transmission delay
B. Transmission Jitter
C. Transmission bandwidth
D. Transmission distance
Answer: ABC
Q433
What information of the message can be marked or remarked? (Multiple choice)
A. MAC Address information
B. Any information in the message
C. IP Source, Destination Address, EXP information
D. IP DSCP. IP Precedence, 802.1p.EXP information
Answer: ACD
Q434
Regarding the statement of ASPF and Server-map, which of the following is correct? (Multiple choice)
A. Server-map is usually only used to check whether the message after the first message channel is established
or forwarded according to the session table
B. After the channel is established, the message is still forwarded according to the Server-map
C. The server-map entry will be deleted after a certain aging time because there is no packet matching.
This mechanism ensures that the looser channel such as the Server-map entry can be deleted in time; it ensures
the security of the network. When a new data connection is subsequently initiated, the establishment of the
Server-map entry will be re-triggered
D. Only ASPF will generate the Sever-map table
Answer: AC
Q435
Which of the following working modes does the interface of the firewall have? (Multiple choice)
A. Exchange Mode
B. Transparent Mode
C. Transmission Mode
D. Routing Mode
Answer: BD
Q436
LSR retains the received label, and there are several ways to retain it, then which of the following statement
about LDP label retention - free mode is correct? (Multiple choice)
A. Keep all labels sent by neighbors

B. Requires more memory and label space
C. Keep only labels from next-hop neighbors and discard all labels from non-next-hop neighbors
D. Save memory and label space
E. Reduced LSP convergence time when IP route convergence next hop changes
Answer: ABE
Q437
Which protocol modules can BFD detection be linked with? (Multiple Choice)
A. VRRP
B. OSPF
C. BGP
D. Static routing
Answer: ABCD
Q438
Which description is correct for the configuration on this switch? (Multiple Choice)
A. By default, both DHCP server and DHCP delay must be enabled to enable DHCP service
B. VLANIF100: The interface will send the received DHCP packets to the external DHCP Server through the relay
C. Specify the DHCP server group as DHCP group for the VLANIF100 interface
D. First you need to create a DHCP server group and add a DHCP server to the server group
E. By default, DHCPgroup1 will automatically add a DHCP server in the network
Answer: ABCD
Q439
By default, the D main ID of each SPF process running on the router is the same as the process ID of the process,
which can be modified through the d main-id command under the process.
A. True
B. False
Answer: B
Q440
BFD can implement link status detection at the ms (millisecond) level.
A. True
B. False
Answer: A
Q441
In the DU label distribution mode, if the Liberal label retention mode is used, the device will retain the labels
distributed by all LDP peers, regardless of whether the LDP peer is the optimal next hop to the destination
network segment.
A. True
B. False
Answer: A
Q442
Traditional BGP-4 can only manage IPv4 unicast routing information. MP-BGP extends BGP-4 in order to support
multiple network layer protocols. The feature that MP-BGP supports for IPv6 unicast networks is called BGP4+,
and BGP4+ carries routing next-hop address information through the Next_Hop attribute.
A. True
B. False
Answer: B
Q443
The request header field Accept-Language indicates the language type desired by the client.
A. True
B. False
Answer: A
Q444
In the MA network, if IS-IS is used to publish the Adjacency SID, since every IS-IS router will publish the
Adjacency SID, it is not necessary to select DIS at this time.
A. True
B. False
Answer: B
Q445
Node Segments in SR-MPLS must be manually configured.
A. True
B. False
Answer: B
Q446
The enterprise WAN connects the enterprise headquarters and branches, the enterprise and the cloud, and also
realize the interconnection between the clouds.
A. True
B. False
Answer: A
Q447
When configuring an IPsec tunnel on Huawei AR series routers, you must create an IPSec tunnel interface.
Otherwise, user data cannot be encrypted.
A. True
B. False
Answer: B
Q448
To isolate the communication between wired user terminals, you can enable port isolation on the access switch;
however, for wireless users, APs cannot implement user isolation.
A. True
B. False
Answer: B
Q449
As shown in the figure, the SPF protocol is enabled for all classes of the router, the cost of the link is marked in
the figure, and the Lookback class end announcement of R2 is in area 0.
In area 1, both R2 and R3 transmit the routing information of 10.0.2.2/32 in the form of Type3 LSA.
A. True
B. False
Answer: A
Q450
The down of the BFD session causes the direct link to fail.
A. True
B. False
Answer: B
Q451
A campus deployed IPv6 for service testing. In the initial stage of deployment, engineers wanted to implement
network interoperability through IPv6 static routes. When creating an IPv6 static route, you can specify both the
outbound interface and the next hop, or you can specify only the outbound interface or only the next hop.
A. True
B. False
Answer: B
Q452
When there is a relay between the DHCP client and the DHCP server. If the IP address in the global address pool
of the DHCP server is not in the same network segment as the IP address of the VLANIF interface connected to
the client on the relay device, a DHCP failure will occur.
A. True
B. False
Answer: A
Q453
As shown in the figure, on the R1 router, the network administrator can control the path of the traffic entering
AS100 after modifying the MED value of the routing entry sent to R2 through the routing policy.
A. True
B. False
Answer: A
Q454
The ipv6 enable topology standard is configured in the IS-IS protocol view. The meaning of this command is that
IPv4 and IPv6 share the same topology.
A. True
B. False
Answer: B
Q455
SR-MPLS issues labels and reserves bandwidth through the extended IGP, thereby supporting large-bandwidth
services.
A. True
B. False
Answer: B
Q456
For the same MAC address, manually configured MAC entries have higher priority than automatically generated
entries.
A. True
B. False
Answer: A
Q457
VXLAN uses VNI to distinguish tenants. A tenant can have one or more VNIs, and the VNI length is 24 bits, so
VXLAN supports up to 12 M tenants.
A. True
B. False
Answer: B
Q458
As shown in the figure, all interfaces of the router enable the SPF protocol, in which R4 and R5 can establish an
OSPF virtual connection.
A. True
B. False
Answer: B
Q459
When deploying a BGP/MPLS VPN, when two VPNs have a common site, the common site must not use
overlapping address spaces with other sites of the two VPNs.
A. True
B. False
Answer: B
Q460
The traffic shaping technology will temporarily cache the data that exceeds the forwarding threshold. For the
data in the cache, you can use congestion management technology to discard the data packets from the cache
queue in advance to prevent the cache queue from being full.
A. True
B. False
Answer: A
Q461
The traffic shaping technology will temporarily cache the data that exceeds the forwarding threshold. For the
data in the cache, you can use the congestion management technology to discard the data packets from the
cache queue in advance to prevent the cache queue from being full.
A. True
B. False
Answer: A
Q462
In the dual-system hot backup scenario of the firewall, service interfaces need to be added to the security zone,
and heartbeat interfaces do not need to be added to the security zone.
A. True
B. False
Answer: B
Q463
iMaster NCE-CampusInsight uses SNMP technology to collect performance indicators and log data of network
devices, and discover network anomalies based on real business traffic.
A. True
B. False
Answer: B
Q464
iMaster NCE-Campus control does not support device management through SNMP.
A. True
B. False
Answer: B
Q465
In the Huawei SD-WAN solution, the CPE needs to establish a control channel before being managed by the
iMaster NCE-WAN controller.
A. True
B. False
Answer: B
Q466
MPLS LDP sends a large number of packets to maintain the protocol neighbor relationship and path status.
A. True
B. False
Answer: A
Q467
NETCONF uses SSL to implement secure transmission, and uses the RPC (Remote Procedure Call) remote call
mechanism to implement the communication between the client and the server.
A. True
B. False
Answer: A
Q468
As shown in the figure, the operator's BGP/MPLS IP VPN backbone network constructs LSPs through LDP. If the
two sites of user X are to communicate through the BGP/MPLS IP VPN network, PE1 and PE2 must use a 32-bit
mask. Loopback interface address to establish MP-IBGP peer relationship.
A. True
B. False
Answer: A
Q469
In an SR network, if IS-IS is used to transmit the SID, the Node SID advertised by the Level-2 router is only
transmitted within the same area by default.
A. True
B. False
Answer: B
Q470
The difference between SRv6 and SR-MPLS is that the segment in the SRv6 SRH will not be ejected after being
processed by the node, so the SRv6 header can be used for path backtracking.
A. True
B. False
Answer: B
Q471
When BGP/MPLS IP VPN is deployed, the OSPF VPN Route Tag is not transmitted in the extended community
attribute of MP-BGP, but is only a local concept, only on the PE router that receives MP-BGP routes and
generates OSPF LSA Significant.
A. True
B. False
Answer: B
Q472
The OPS (Open Programmability System) function of Huawei network equipment enables users to run Python
scripts on the local PC and call the open RESTful API interface of the equipment.
A. True
B. False
Answer: B
Q473
The path of the SR-MPLS TE tunnel can be calculated by the controller or the tunnel head node.
A. True
B. False
Answer: A
Q474
In the Huawei SD-WAN solution, the RR is automatically selected after the CPE goes online, and the iMaster
NCE-WAN controller does not need to be involved. Or In the Huawei SD-WAN solution, after the CPE goes
online, it automatically select an RR without the help of iMaster NEC-WAN.
A. True
B. False
Answer: B
Q475
In the scenario of dynamically establishing a VXLAN tunnel through BGP EVPN, when a BGP EVPN route is passed
between VTEPs, the BGP EVPN route will be discarded only if the RT value carried by the route is different from
the EVPN IRT and IP VPN IRT.
A. True
B. False
Answer: B
Q476
When an administrator creates a policy control matrix, when a source security group has policies for multiple
destination groups, the matching order of different policies needs to be distinguished by priority.
A. True
B. False
Answer: A
Q477
Free Mobility implements policy management and permission control based on the user's VLAN and IP.
A. True
B. False
Answer: B
Q478
Under the distributed gateway, VNI is divided into L2 VNI and L3 VNI. The L2 VNI is a common VNI, which is
mapped to the broadcast domain BD in a 1:1 manner to implement the forwarding of VXLAN packets on the
same subnet; the L3 VNI is associated with the VPN instance. It is used to forward VXLAN packets across
subnets.
A. True
B. False
Answer: A
Q479
Traffic policing can only be used in the inbound direction. Its function is to monitor the traffic entering the
device to ensure that the upstream device does not abuse network resources.
A. True
B. False
Answer: B
Q480
When encountering a large-scale network cutover project, it can be divided into several relatively independent
but related small cutovers.
A. True
B. False
Answer: A
Q481
After snetconf server enable is configured on a Huawei network device, the client can establish a NETCONF
connection with the device through port 830.
A. True
B. False
Answer: B
Q482
When policy linkage is deployed in the campus network, a CAPWAP (Control And Provisioning of Wireless Access
Points) tunnel is established between the control point and the enforcement point device, and CAPWAP is used
to implement user association, message communication, user authorization policy issuance, and user services
data forwarding, etc.
A. True
B. False
Answer: A
Q483
The following figure shows the MPLS VPN cross-domain Option B solution. If ASBR-PE1 and ASBR-PE2 are only
responsible for transmitting VPNv4 routes, you can configure the following command on ASBR-PE1:
[ASBR-PE1-bgp-af-vpnv4] undo peer 10.0 .34.4 enable
A. True
B. False
Answer: B
Q484
ESI (Ethernet Segment Identifier) has a total length of 10 bytes and is unique in the entire network.
A. True
B. False
Answer: A
Q485
As shown in the figure, all routers in the figure run the OSPF protocol.
Because R3 is in the backbone area, there are no three types of LSAs in the LSDB of R3.
A. True
B. False
Answer: B
Q486
The public key is public and does not need to be kept secret. Private keys are held by individuals and are not
disclosed and disseminated to the public.
A. True
B. False
Answer: A
Q487
Currently, Huawei uses the TLS protocol as the bearer protocol of the NETCONF protocol.
A. True
B. False
Answer: B
Q488
In an SRv6 network, a Locator is an identifier of a network node in the network topology, which is used to route
and forward packets to the node. In the SR domain, the Locator of each node must be unique.
A. True
B. False
Answer: A
Q489
The full name of HTTP is Hypertext Transfer Protocol, which is an application layer protocol for distributed,
collaborative, and hypermedia information systems.
A. True
B. False
Answer: A
Q490
Segment Routing SR (Segment Routing) is a technical architecture designed to forward data packets on the
network based on the concept of source routing. Segment Routing MPLS refers to SR based on MPLS label
forwarding, referred to as SR-MPLS.
A. True
B. False
Answer: A
Q491
If network admission control is deployed on the campus network, if a terminal device fails the admission
authentication, the terminal cannot access all network resources.
A. True
B. False
Answer: B
Q492
LLDP (Link Layer Discovary Protocol) is a link discovery protocol defined in IEEE 802.1ab. Because it works at the
data link layer, it cannot obtain the management address of neighbors.
A. True
B. False
Answer: B
Q493
In the small and medium-sized campus network based on HUAWEI CLOUD campus network solution, the On-
Premise mode is recommended for the controller deployment mode.
A. True
B. False
Answer: A
Q494
The terminal management of iMaster NCE-Campus provides terminal identification function, which can display
terminal type, operating system, and manufacturer information.
A. True
B. False
Answer: A
Q495
In a virtualized campus network scenario, all devices in the VXLAN domain must support the VXLAN feature.
A. True
B. False
Answer: B
Q496
The <config> operation of the NETCONF protocol may contain an optional "operation" attribute, if not specified,
the default action is creat.
A. True
B. False
Answer: B
Q497
The VN on i-master-nce is equivalent to VPN-instance, which plays the role of business isolation.
A. True
B. False
Answer: A
Q498
After traffic shaping is deployed, congestion avoidance techniques are used in the cache queue to prevent the
cache queue from being filled.
A. True
B. False
Answer: A
Q499
The function of using the command ipv6 preference in the ISIS process is to adjust the routing priority of IPv6.
A. True
B. False
Answer: A
Q500
In 6PE and 6VPE networking scenarios, it is not necessary to enable VPN-instance on PEs.
A. True
B. False
Answer: B
Q501
In SR-MPLS, segment-NOD must be manually configured
A. True
B. False
Answer: B
Q502
EVPN's L2VPN and L3VPN use two address clusters.
A. True
B. False
Answer: A
Q503
In the MPLS L3VPN inter-AS Option C solution, if there is an RR, the RR cannot transmit the VPNv4 route without
changing the next hop address when it reflects the VPNv4 route to the neighbor.
A. True
B. False
Answer: B
Q504
HTTP/2 is a low-latency Internet transport layer protocol based on UDP.
A. True
B. False
Answer: B
Q505
Node segments in SR-MPLS must be configured manually.
A. True
B. False
Answer: B
Q506
The enterprise WAN provides the interconnection between the enterprise headquarters and branches, between
the enterprise and the cloud, and between the cloud.
A. True
B. False
Answer: A
Q507
BFD can implement millisecond-level link status detection.
A. True
B. False
Answer: A
Q508
If you run the ipv6 enable topology standard command in the is-is view, then IPv4 and ipv6 share the same
topology.
A. True
B. False
Answer: A
Q509
Traffic shaping can only be used in the outbound direction. Its purpose is to control the rate of outgoing packets.
A. True
B. False
Answer: A
Q510
During the evolution from OSPFv2 to OSPFv3, the format and function of the LSA remain unchanged, except that
the network layer address in the LSA is changed from IPv4 to IPv6.
A. True
B. False
Answer: B
Q511
In Huawei SD-WAN solution, the topology of different VNs must be the same.
A. True
B. False
Answer: B
Q512
iMaster provides terminal identification, displaying terminal type, operating system and manufacturer
information.
A. True
B. False
Answer: A
Q513
Network admission control can be deployed at different network layers according to actual network
requirements. Deploying it at the access layer enables finer-grained rights management and higher network
security than deploying at the aggregation or core layers.
A. True
B. False
Answer: A
Q514
When establishing a VXLAN tunnel between VTEPs, it is recommended to use the IP address of the loopback
interface on the VTER instead of the IP address of the physical interface as the VTEP IP address of the VXLAN
tunnel.
A. True
B. False
Answer: A
Q515
A company purchased private lines from two operators. In order to optimize the lines, the company used the
6GP protocol to learn the routing entries of the two operators. However, the enterprise found that after this
configuration, the traffic of the egress route increased greatly. After the network engineering investigation, it
was found that the traffic of the two operators was transmitted to each other through the enterprise egress
router.
Therefore, the enterprise intends to use the routing strategy so that the traffic of the packets of different
carriers is no longer transmitted to each other. Is the configuration in the following figure correct?
A. True
B. False
Answer: A
Q516
As shown in the figure, OSPF is deployed in a campus, and Area1 is deployed as an NSSA area.
In the case of missing header, R2 will automatically generate the missing header route of Type7 LSA and flood it
in the NSSA area.
A. True
B. False
Answer: A
Q517
To prevent hackers from attacking user devices or networks through MAC addresses, you can configure the MAC
addresses of untrusted users as black hole MAC addresses to filter out illegal MAC addresses.
A. True
B. False
Answer: A
Q518
In an MPLS network, SRs running the DP protocol exchange LDP messages to implement functions such as
neighbor discovery, session establishment and maintenance, and label management. To ensure the reliability of
message delivery, all LDP messages are sent and received based on TCP connections.
A. True
B. False
Answer: B
Q519
There are two types of stream mirroring: local stream mirroring and remote stream mirroring.
A. True
B. False
Answer: A
Q520
BFD determines whether a fault occurs by periodically detecting packets. It is a fast fault detection mechanism
that relies on routing protocols.
A. True
B. False
Answer: B
Q521
BFD (Bidirectional Forwarding Detection) technology is a fast detection technology, but it is relatively complex
and requires special manufacturer equipment support.
A. True
B. False
Answer: B
Q522
The traffic of the traditional network is connected to the VXLAN network by the edge node, and the VXLAN
network accesses the VXLAN external network through the ( ) node. (Fill in English, the first letter is capitalized)
Answer: Border
Q523
When L3VPNv4 ver SRv6 BE is configured, if RR is used in the SR domain, you need to configure the () command
on the RR to ensure that the PEs at both ends can correctly learn VPNv4 routes. (Please enter the complete
command, no extra spaces, all letters are lowercase)
Answer: display bgp vpnv4 all routing-table
Q524
DiffServ-based horizontal QS has four major components: traffic classification and marking, traffic policing and
shaping, congestion management and ().
Answer: avoid
Q525
There are many SR-MPLS TE tunnel protection mechanisms, among which ( ) FRR adopts the method of
constructing a virtual node, converts multiple identical route advertisement nodes into a single route
advertisement node, and then calculates the backup downlink of the virtual node according to the TT-LFA
algorithm. One hop, thus realizing fast switching of traffic when a fault occurs. (Fill in English terms, capitalize
only the first letter)
Answer: Anycast
Q526
Huawei AR series routers are configured with GRE tunnels and enable keepalive detection. By default, the
interval for sending keepalives is ( ) seconds.
Answer: 5
Q527
To configure a static VXLAN tunnel, the parameters that need to be manually configured are: ( ), VTEP IP
address, and headend replication list. (All letters capitalized)
Answer: VNI
Q528
In a campus, SPF is deployed to achieve network interoperability, and SPF is also enabled on the GE0/0/2
interface of R3. Among them, Area1 is deployed as an NSSA area, and the addresses of each device are shown in
the figure.
An engineer configures a static route on R3 to access the loopback interface address of R4, and imports the
static route in the SPF process. At this time, in the Type5 LSA received by R1, the forwarding address (FA) is: ( )
(please fill in the IP address without mask)
Answer: 10.1.34.4
Q529
VGMP packets are encapsulated by UDP packet headers and VGMP packet headers. By default, the UDP port
used by VGMP packets is ( ).
Answer: 18514
Q530
In order to improve network security, a company uses static MAC address binding for all internal computers.
Now buy a new host with MAC address 5489-98FD-7B7F. The network administrator connects the host to the
corporate network by executing the mac-address ( ) 5489-98FD-7B7F GigabiteEthernet 0/0/1 vlan10 command.
(Please use English lowercase letters to complete the command, and the command cannot be abbreviated)
Answer: static
Q531
For VXLAN external networks, VTEP transmits network segment routes through Type ( ) BGP EVPN routes, which
are used to instruct VXLAN internal hosts to access external networks. (Arabic numerals)
Answer: 5
Q532
In the Vxlan-based virtualized campus network, the Fabric networking can select Vxlan to the access layer. The
nodes in this networking include: Border, transparent node, ( ). (expressed in English, and the first letter is
capitalized)
Answer: Edge
Q533
The scheduling algorithm used by the LPQ queue is ( ).
Answer: SP
Q534
The VxLAN network is connected to the external network through the ( ) node.
Answer: border
Q535
<rpc xm/ns="xxxx" message-id="1024" belongs to layer( ) in netconf.
Answer: message
Q536
( ) in SRv6 is the identifier of the network node, so in the SR domain, it is necessary to ensure that this parameter
of each node is unique. (The first letter is capitalized, spelled out)
Answer: Segment Identifier
Q537
There are two subscription methods for telemetry, of which the shorter subscription time is ( ). (full name)
Answer: Dynamic subscription
Q538
NCE uses ( ) technology to collect network performance indicators and logs. (Capitalized)
Answer: Telemetry
Q539
According to different bearer technologies, the bearer modes of traditional wide area bearer networks can be
divided into MPLS bearer modes and ( ) bearer modes. (English terms are used with all capital letters)
Answer: SDH
Q540
Ingress VTEP performs L2 and L3 table lookup and forwarding at the same time. The forwarding mode is _( )_IRB
forwarding.
Answer: symmetry
Q541
As shown in the figure, when PE1 receives an ARP request, PE1 will forward the ARP request to PE4 and carry
two layers of label information, in which the label value 201 is defined by the EVPN type ( ).
(only fill in Arabic numerals)
Answer: 1
Q542
VxLAN tunnel has several contents that must be configured: ( ), tunnel source address, headend replication list.
Answer: VNI
Q543
The Cost value of the loopback0 port from AR5 to AR1 is ( ).
Answer: 3
Q544
In OSPFv3, the LSA whose propagation range is one area has the ( ) class. (Fill in Arabic only)
Answer: 129
Q545
IS-IS is a link-state routing protocol that uses the SPF algorithm for route calculation. A campus deploys both
IPv4 and IPv6 and runs IS-IS to achieve network interconnection. As shown in the figure, the network IPv4 and
IPv6 have the same overhead, and R1 and R4 only support IPv4.
By default, in the IPv6 shortest path tree formed by calculation, the next hop device for R2 to access R6 is ( ).
(Note: The device name must be consistent with the picture, such as: R1)
Answer: R3
Q546
Please complete the configuration of the following static VXLAN tunnels and drag the corresponding
configuration to the corresponding area.
Answer:
Q547
Please match the classification related to the MPLS label of Huawei routers with the default method.
Answer:
Q548
When encountering network failures, engineers often use the hierarchical failure method. Because all models
follow the same basic premise, when all of a model's lower-level structures work properly, its higher-level
structures can only work properly. Please match the following check items to the corresponding levels according
to the hierarchical method.
Answer:
Q549
The network administrator needs to permit or deny some specific routes, but the network administrator is not
proficient in configuration, please help him sort the configuration reasonably so that the device can permit or
deny specific routes according to the requirements in the figure.
Answer:
Q550
As shown in the figure, to enable the traffic between Site1 and Site2 to pass through the Hub-CE, VPN instances
on two Spoke-PEs have been configured. Two VPN instances need to be created on the Hub-PE. The instance
VPN_in is used to receive routes from Spoke-PE, and the instance VPN_ut is used to advertise routes to Spoke-
PE. Please select Import RT of VPN_in and Export RT of VPN_ut respectively.
Answer:
----VPN_in imp rt RT
---- VPN_ut exp rt RT
Q551
Please arrange the development process of iMaster NCE business open and programmable in order
1HLD Design
2 Demand analysis
3 Business package development
4 Enter the production environment
5 Network element driver package development
Answer: 2-1-5-3-4
Q552
NETCONF defines a series of operations, please match NETCONF operations and functions accordingly.
Answer:
Q553
In the network shown in the figure, user access authentication needs to be deployed. Please select the
appropriate authentication method at different authentication points.
Answer:
Q554
CE1 and CE2 belong to the same VPN, and the name of the VPN instance is vpna. Through option C mode 1, CE1
and CE2 can communicate with each other.
To accomplish this, match the following command line with the device number.
Answer:
Q555
There is a certain order in the execution of QOS, please sort the following QOS function modules in the correct
order.
Answer:
Q556
There are three types of channels in the Huawei SD-WAN solution architecture. Please correspond the channels
and their names in the figure one by one.
Answer:
Q557
gRPC is a language-neutral, platform-neutral, open source remote procedure call (RPC) system. The gRPC
protocol stack has five layers, please arrange the gRPC protocol stack in order from the lower layer to the upper
layer.
Answer:
Q558
Authentication header AH (Authentication Header, packet authentication header protocol) in IPsec is an IP-
based transport layer protocol, and its IP protocol number is ( ). (fill in Arabic numerals).
Answer: 51
Q559
As shown in the figure, the entire network of a company uses OSPF to connect the network, but Router S and
Router E cannot establish an OSPF neighbor relationship. When network administrators detect OSPF faults, they
can run the display ospf 100 interface CE0/0/1 ( ) command on RouterS to obtain error-related information.
Users can diagnose OSPF faults based on the information. (Please use English lowercase letters to complete the
Answer: error
Q560
As shown in the figure, R1, R2, R3, and R4 are in the same MPLS domain, and LDP is used to distribute MPLS
labels between devices. R4 is the Egress LSR of the FEC 4.4.4.0/24. If R1 wants to access 4.4.4.0/24, R4 does not
need to query the label table but can know the forwarding priority of the data, then the outgoing label of R3 for
the FEC is ( ). (Please fill in the Arabic numerals directly without symbols).
Answer: 0
Q561
By executing the ( ) command, users on different ports in the same VLAN can be completely isolated at Layer 2
and Layer 3 and cannot communicate. (Please use English lowercase letters to complete the command, and the
command cannot be abbreviated)
Answer: port-isolate mode all
Q562
CE1 and CE2 belong to the same VPN, and the name of the VPN instance is vpna. Through Option C mode 1, CE 1
and CE 2 can communicate with each other. To meet this requirement, ASBR-PE1 is configured with two routing
policies ( ) for [ASBR-PE1-bgp]peer route-policy policy2 export (only fill in the IP address).
Answer: 10.0.34.4/10.0.4.4
Q564
NCE has five security groups are ( ). (separated with commas)
Answer: Static security group, dynamic security group, Any security group, escape security group, unknown
security group
Q565
As shown in the figure, please associate the user authentication result with the corresponding access authority.
(Drag and drop)
Answer:
Before certification 1
Failed certification or failed security check2
Certification passed 3
Q566
Please match the following commands to their functions.
Answer:
Q567
The figure shows an enterprise WAN bearer network. Please plan appropriate metric values for the four links in
the figure.
Answer:
Q568
The Python script of the OPS (Open Programability System) function of Huawei network equipment uses the
HTTP method to access the management objects of the network equipment. Please drag the HTTP method to
correspond to its function.
Answer:
Q569
There are three levels of queues in HQoS: Level1l, Level2, and Level3. Please map the following queue names to
the queue levels one by one. (Drag and drop)
Answer:
Q570
For VXLAN-based virtualized campus network planning, three main module designs need to be considered,
including underlay network design, fabric design, and overlay network design. Please drag the module on the
left below to the corresponding current module on the right for specific considerations.
(Drag and drop)
Answer:
Q571
Please match the following authentication technologies to their applicable scenarios. (Drag and drop)
Answer:
Q572
As shown in the figure, there is a packet containing a three-layer label header. Please select the values (decimal)
corresponding to the X, Y, and Z fields in the figure.
Answer:
Q573
CE1 and CE2 belong to the same WPN, and the name of the VPN instance is vpna. CE1 and CE2 can communicate
with each other through OptionC mode 1. To accomplish this, match the following command line with the
device number. (Drag and drop)
Answer:
Q574
The virtualized campus network deployed through the iMaster NCE-Campus is shown in the figure, and the
parameters and the positions where the parameters are deployed are in one-to-one correspondence.
Answer: 123456
1-Export interconnect vlan

2-Loopback
3-Vxlan tunnel
4-BD
5-Transparent transmission of BPDUs
6-Access vlan
Q581
The configuration shown in the figure is executed on R2 to filter all the received routes. Suppose there is a BGP
route with the AS_Path attribute of [100 200 300 400] on R1 that needs to be sent to R2. Please help the
network administrator to adjust the route on R1. The order of AS in the AS_Path attribute ensures that routing
entries will not be filtered by R2's routing policy.
100 This space corresponds to the [A] space in the routing policy
200 This space corresponds to the [B] space in the routing policy
300 This space corresponds to the [C] space in the routing policy
400 This space corresponds to the [D] space in the routing policy
Answer: 200 400 100 300
Q582
As shown in the figure, if the packet describes an IPsec packet in tunnel mode, please insert the corresponding
packet header into the correct position. (Drag and drop)
1-New IP Header
2-AH Header
3-ESP Header
4-Raw IP Header
Answer: 1234
Q583
During the SSH algorithm negotiation phase, the two parties send SSH packets to each other, and the packets
contain a list of multiple algorithms supported by them. For the composition of the algorithm list. Please sort
them in the order of negotiation (that is, which class algorithm is negotiated first, which class algorithm is
negotiated second, and so on).
Answer:
Q584
Please match the OSPFv3 LSA with its delivery range.
Answer:
Q585
The following is the main process for the controller to issue an SR-MPLS Policy. Please sort the processes in
order.
Answer:
Q586
VGMP defines multiple packet types. Please match the packet type and function.
Answer:
Q587
Please sort the traffic categories: marking, policing, shaping, congestion management, congestion avoidance:
A. Policing
B. Marking
C. Congestion Avoidance
D. Congestion Management
E. Shaping
Answer: BACDE

HCIE Datacom V1.0 All Files Merged

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

HCIE Datacom V1.0 All Files Merged

Uploaded by

Copyright:

Available Formats

1.Which of the following statements about 802.1s deployment are correct?

A.Multiple bridges share one spanning tree instance.

B.All VLANs share one spanning tree instance.

C.Each VLAN shares a spanning tree instance.

D.Multiple VLANs share one spanning tree instance.

A.RSTP increases the port status.

B.RSTP has a smaller overhead.

C.RSTP is not converged based on timers,

C.The PiM router with a lower DR priority is elected as the DR.

D.The router with a smaller IP address is elected as the DR.

5.Which of the following route selection tools is specificto BGP?

C.By defaull, BGP is enabled with automatic aggregation.

7.Which of the following statements about OSPF is incorrect?

8.Which of the following statements about MPLS labels is incorrect?

Jq2db8.e. 150 qlo3 .W.Sf5g

The reason for the route of 10.34.34.4 is as follows:

A.Configure a routing policy on R2 to filter the default route.

B.The system-ID of R2 conflicts with R3.

C.The area planning of R3 and R4 is incorrect.

D.The system1D of R2 conflicts with R1

12.ABD in a VXLAN can correspond to multiple VNIs.

D. Type 1 LSAE and Type 3LSAs

interface is automatically blocked.

B. Single bucket rate per bucket

©. Thvee buckets ata single rate

D. Dual Bucket Single Rate

19.Which of the following attacks are DoS(Denial of service) attacks?

A.Single packet atack

B.Source IP address spoofing attack

D. IS-ISroute leaking is used to prevent routing loops.

EF queue affer the first round of scheduling?

Bose mse S@AMHe(OPs) PIR(ops)

& WFO , RES ‘90M som

AFA WO), aed 10M 10M

An wra . REI 10M 15M

AED WEO , PEED 20M 10M

AFI WFO, REET 20M 10M

Ethemet1/0/2, Ethemett/0/3, Ethemet/0/4, Ethemnet1/0/5, Ethernet1/0/6, and Ethernett/0/7, the

aggregation group supports only six ports.

B. Ethernet1/0/6 Unselected port when the configuration of each port is consistent

D.Ethemet1/0/1 Unselected port when the configuration of each port is consistent

obtain the NSF function?

D. The siding window size can only be increased or remains unchanged.

E. Size ofthe intial window announced by the transmit end

A.All prefixes imported to BGP by using the network or import command

B.All prefixes in the IP routing table

C.Prefix received from IBGP and EBGP neighbors

to specify the authentication domain

30.Which of the following statements about LDP reliability is incorrect?

LSP to set up forwarding entries

‘What is the purpose of a data packet?

A.The G0/0/2 of Sw1 enters the Discarding state.

B.The G0/0/1 of sw2 enters the Discarding state

C.The G0/0/2 of the sw2 enters the Discarding state

D.No interface is blocked.

36.In the aggregate ipv4-address {mask | mask-length} [as-set | attribute-policy route-policy-namet |

D.Other options are correct

about the configuration of the RP.RP are correct?

D. When configuring a dynamic RP, you do not need to configure a BSR.

A. Available MAC addresses in the system

C.Memory Used for Frame Buffer

F.None of the above

B. Link aggregation can be applied to Layer 2 and Layer 3 devices.

E.None of the other