ExamGecko
Search Search Login
Home Home / Huawei / H12-351_V1.0

Huawei H12-351_V1.0 Practice Test - Questions Answers, Page 3

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the fallowings is not an IPv6 address type?
Which of the followings is not a roaming optimization solution?
Which of the following encapsulation formats are used for EAP termination in 802.1X authentication? (Select All that apply)
In a VRRP HSB scenario, if the VRRP preemption delay is set to a small value, which of the following problems may occur after a master/backup switchover? (Select All that apply)
Which of the following may be the reason why no data Is displayed on the telemetry management page of IMaster NCE-CampusInsight? (Select All that Apply) A. The network connecting devices and iMaster NCE-Campuslnsight Is faulty.
With protocol trace, iMaster NCE-Campuslnsight displays protocol-level Interaction details at the phases for wireless users. (Enter the acronyms in capital letters.)
Which of the following statements about VXLAN is false?
On a campus network, which of the following problems may occur when you manually create a static VXLAN tunnel? (Select All that Apply)
When calculating the number of APs, you can divide the total required bandwidth by the maximum bandwidth of a single AP.
Which of the following statements are true about the WLAN site survey In different typical scenarios? (Select All that Apply)

Question 21

Report
Export
Collapse

WPA3 has the following advantages over WPA and WPA2: supports WPA3-SAE, provides a more secure handshake protocol, enhances the algorithm strength, and supports Suite A cryptography.

A.
True
A.
True
Answers
B.
False
B.
False
Answers
Suggested answer: A

Explanation:

WPA3 has the following advantages over WPA and WPA2:

Supports WPA3-SAE, which provides more secure authentication and key management than PSK.

Provides a more secure handshake protocol than 802.11i, which can resist offline dictionary attacks and protect forward secrecy.

Enhances the algorithm strength from AES-128 to AES-192 or AES-256.

Supports Suite A cryptography, which provides higher security levels for government or military networks.

Reference: https://support.huawei.com/enterprise/en/doc/EDOC1100058940/8a8f1c9b/wpa3

Question 22

Report
Export
Collapse

Which of the following statements about attack defense is true?

A.
Defense against flood attacks can be used to defend against Ping of Death attacks.
A.
Defense against flood attacks can be used to defend against Ping of Death attacks.
Answers
B.
Attack defense allows APs to analyze the contents and behaviors of incoming packets on ports to determine whether packets have attack characteristics. The APs then take defense measures on the packets that have attack characteristics.
B.
Attack defense allows APs to analyze the contents and behaviors of incoming packets on ports to determine whether packets have attack characteristics. The APs then take defense measures on the packets that have attack characteristics.
Answers
C.
Attack defense can defend against spoofing packet attacks, malformed packet attacks, fragmentation attacks, and flood attacks.
C.
Attack defense can defend against spoofing packet attacks, malformed packet attacks, fragmentation attacks, and flood attacks.
Answers
D.
Fragmentation attack defense enables a device to detect packet fragments in real time and discard or rate-limit them to protect the device.
D.
Fragmentation attack defense enables a device to detect packet fragments in real time and discard or rate-limit them to protect the device.
Answers
Suggested answer: B

Explanation:

Attack defense is a feature that allows APs to analyze the contents and behaviors of incoming packets on ports to determine whether packets have attack characteristics. The APs then take defense measures on the packets that have attack characteristics, such as discarding them or limiting their rate. Attack defense can defend against spoofing packet attacks, malformed packet attacks, fragmentation attacks, and flood attacks.

Reference: https://support.huawei.com/enterprise/en/doc/EDOC1100058940/8a8f1c9b/attackdefense

Question 23

Report
Export
Collapse

In 802. IX authentication using port-based access control, once a user is authenticated successfully on a port, subsequent users on this port can access the network without authentication. When the authenticated user goes offline, all other users are denied access to the network.

A.
True
A.
True
Answers
B.
False
B.
False
Answers
Suggested answer: A

Explanation:

According to the Huawei documents and resources, 802.1X authentication using port-based access control is a method that allows only one user to access the network through a port at a time. If a user is authenticated successfully on a port, subsequent users on this port can access the network without authentication. When the authenticated user goes offline, all other users are denied access to the network1. Therefore, A is the correct answer.

Reference: 1: https://support.huawei.com/enterprise/en/doc/EDOC1100086527

Question 24

Report
Export
Collapse

Which of the following are typical 802. IX authentication modes? (Select All that apply)

A.
EAP termination
A.
EAP termination
Answers
B.
EAP relay
B.
EAP relay
Answers
C.
EAP-TLS
C.
EAP-TLS
Answers
D.
EAP-MD5
D.
EAP-MD5
Answers
Suggested answer: A, B

Explanation:

According to the Huawei documents and resources, EAP termination and EAP relay are typical 802.1X authentication modes between the access device and authentication server. In EAP termination mode, the access device terminates EAP packets and encapsulates them into RADIUS packets. In EAP relay mode, the access device directly encapsulates the received EAP packets into RADIUS using EAP over RADIUS (EAPoR) packets2. Therefore, A and B are the correct answers. Reference: 2:

https://support.huawei.com/enterprise/en/doc/EDOC1100086527

Question 25

Report
Export
Collapse

Huawei Agile Cloud Authentication (HACA) supports only IMaster NCE-Campus as the HACA server.

A.
True
A.
True
Answers
B.
False
B.
False
Answers
Suggested answer: B

Explanation:

According to the Huawei documents and resources, Huawei Agile Cloud Authentication (HACA) supports iMaster NCE-Campus as well as Agile Controller-Campus as the HACA server. HACA is an authentication method that allows users to access a network without entering user names or passwords3. Therefore, B is the correct answer. Reference: 3:

https://support.huawei.com/enterprise/en/doc/EDOC1100086527

Question 26

Report
Export
Collapse

Which of the following statements about EAP relay and EAP termination are false? (Select All that apply)

A.
In EAP termination mode, an access device encapsulates EAP packets sent by an 802. IX client Into RADIUS packets, without processing the data in the EAP packets.
A.
In EAP termination mode, an access device encapsulates EAP packets sent by an 802. IX client Into RADIUS packets, without processing the data in the EAP packets.
Answers
B.
In EAP relay mode, an access device extracts information from EAP packets, encapsulates the information into RADIUS packets, and sends the RADIUS packets to an authentication server.
B.
In EAP relay mode, an access device extracts information from EAP packets, encapsulates the information into RADIUS packets, and sends the RADIUS packets to an authentication server.
Answers
C.
In EAP termination mode, an access device extracts client authentication information from the EAP packets sent by a client and encapsulates the information using the standard RADIUS protocol.The access device supports only the EAP MD5-Challenge authentication method.
C.
In EAP termination mode, an access device extracts client authentication information from the EAP packets sent by a client and encapsulates the information using the standard RADIUS protocol.The access device supports only the EAP MD5-Challenge authentication method.
Answers
D.
The EAP termination mode simplifies the processing on an access device and supports various authentication methods. However, this mode requires an authentication server to support EAP and have high processing capability.
D.
The EAP termination mode simplifies the processing on an access device and supports various authentication methods. However, this mode requires an authentication server to support EAP and have high processing capability.
Answers
Suggested answer: A, D

Explanation:

A. In EAP termination mode, an access device encapsulates EAP packets sent by an 802. IX client Into RADIUS packets, without processing the data in the EAP packets. This statement is false because in EAP termination mode, an access device extracts information from EAP packets, encapsulates the information into RADIUS packets, and sends the RADIUS packets to an authentication server2.

D. The EAP termination mode simplifies the processing on an access device and supports various authentication methods. However, this mode requires an authentication server to support EAP and have high processing capability. This statement is false because it describes the EAP relay mode, not the EAP termination mode2.

Therefore, A and D are the correct answers. Reference: 2:

https://support.huawei.com/enterprise/en/doc/EDOC1100086527

Question 27

Report
Export
Collapse

Which of the following encapsulation formats are used for EAP termination in 802.1X authentication? (Select All that apply)

A.
EAP-TLS
A.
EAP-TLS
Answers
B.
EAPoL
B.
EAPoL
Answers
C.
EAPoR
C.
EAPoR
Answers
D.
EAP
D.
EAP
Answers
Suggested answer: B, C

Explanation:

According to the Huawei documents and resources, the encapsulation formats used for EAP termination in 802.1X authentication are as follows:

B. EAPoL: The client and access device exchange information using EAPoL packets across the LAN2.

C. EAPoR: The access device directly encapsulates the received EAP packets into RADIUS using EAP over RADIUS (EAPoR) packets2.

Therefore, B and C are the correct answers.

Reference: 2: https://support.huawei.com/enterprise/en/doc/EDOC1100086527

Question 28

Report
Export
Collapse

DRAG DROP

Drag the short-range wireless IoT technologies on the left to their corresponding descriptions on the right.


Question 28
Correct answer: Question 28

Explanation:

According to the Huawei documents and resources, the definitions of the short-range wireless IoT technologies are as follows:

ZigBee: IEEE 802.15.4-based wireless communication technology is a short-range, and low-power wireless communication technology that supports star, mesh, and hybrid networking.

Bluetooth: With the emergence of IoT industries such as smart wearables, smart home, and Internet of Vehicles, short-range communication technologies are attracting more and more developers.

REID: Its basic principle is to automatically identify objects based on the transmission characteristics of radio signals and space coupling (inductance or electromagnetic coupling) or radar reflection.

Wi-Fi: Wireless networking technology based on IEEE 802.11 is the most popular WLAN technology.

Therefore, ZigBee - 1, Bluetooth - 3, REID - 2, Wi-Fi - 4 is the correct answer.

Reference: https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/zigbee

https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/bluetooth

https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/rfid

https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/wi-fi

Question 29

Report
Export
Collapse

DRAG DROP

Differentiated network planning needs to be performed to meet requirements of different IoT services in Huawei's CloudCampus loT solutions. Drag the solutions on the left to their corresponding network planning suggestions on the right.


Question 29
Correct answer: Question 29

Explanation:

According to the Huawei documents and resources, the network planning suggestions for the solutions are as follows:

Asset management: The RFID signal coverage distance is 25 m. Therefore, RFID signal coverage must be considered during AP deployment planning. Attach RFID tags on the surface or top of assets to prevent signals from being blocked.

ESL: Shelves may be blocked in application scenarios. Therefore, shelf blocking must be considered during network planning. The shelves can be deployed in aisles to minimize obstacles toward integrated base stations.

Smart healthcare: For applications that support regional positioning, positioning devices need to be deployed at key entrances and exits based on service requirements.

Therefore, Asset management - 2, ESL - 1, Smart healthcare - 3 is the correct answer.

Reference: https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/asset-management https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/esl https://support.huawei.com/enterprise/en/doc/EDOC1100158948/9a0d5c37/smart-healthcare

Question 30

Report
Export
Collapse

Which of the following components is not included In a typical RFID system?

A.
Information processing platform
A.
Information processing platform
Answers
B.
RFID tag
B.
RFID tag
Answers
C.
Router
C.
Router
Answers
D.
RFID reader
D.
RFID reader
Answers
Suggested answer: C

Explanation:

A router is not included in a typical RFID system. A typical RFID system consists of three components:

RFID tag, RFID reader, and information processing platform. The RFID tag is attached to the object to be identified, the RFID reader communicates with the tag and reads its information, and the information processing platform processes and stores the data collected by the reader.

Reference: https://support.huawei.com/enterprise/en/doc/EDOC1100058940/8a8f1c9b/rfid

Total 60 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms