Ask Question
Huawei H12-821_V1.0 Practice Test - Questions Answers, Page 11
List of questions
Question 101
What parameters can a DHCP6 server assign to a DHCPv6 client?
Gateway address
DNS server address
IPV6 address/prefix
SNTP server address
Understanding DHCPv6:
DHCPv6 (Dynamic Host Configuration Protocol for IPv6) is used to assign configuration parameters to IPv6 clients.
It supports both stateful and stateless modes:
Stateful: Assigns IPv6 addresses and other configuration parameters.
Stateless: Assigns only configuration parameters (e.g., DNS server) without providing IPv6 addresses.
Analysis of Parameters:
A . Gateway address:
False. DHCPv6 does not assign the default gateway. Instead, the default gateway is advertised by routers using Router Advertisement (RA) messages in IPv6.
B . DNS server address:
True. DHCPv6 can assign the IPv6 address of DNS servers to the client.
C . IPv6 address/prefix:
True. In stateful mode, DHCPv6 assigns IPv6 addresses and prefixes to clients.
D . SNTP server address:
True. DHCPv6 can assign the address of an SNTP (Simple Network Time Protocol) server to synchronize time on the client.
Conclusion:
The correct parameters that a DHCPv6 server can assign to a client are: B. DNS server address, C. IPv6 address/prefix, D. SNTP server address.
Question 102
Which of the following statements about multicast packet forwarding is true?
If a multicast data packet fails the RPF check, the packet must have been received through a sub-optimal interface. However, this interface still receives and forwards the multicast traffic downstream.
IGMP snooping cannot control the scope of multicast traffic flooding on a Layer 2 network.
The source address of a multicast packet is a unicast address.
In multicast transmission, the destination address of a packet can be the unicast address of a host.
A stateful inspection firewall tracks the state of network connections and only matches the initial packet against its rule set. Subsequent packets in the same connection are matched in the state table. Contrary to this, UDP packets can be inspected by correlating them with connection states, and packets in a single connection are always correlated .
Question 103
Which of the following statements regarding the stateful inspection firewall is true?
When the stateful inspection firewall checks packets, packets of one same connection are not correlated.
Because UDP is a connectionless protocol, so the stateful inspection firewall cannot match UDP packets with the status table.
The stateful inspection firewall only needs to match the first data packet against a rule, and the subsequent packets of the connection are matched directly in the state table.
The stateful inspection firewall needs to match the rules for each incoming packet.
A stateful inspection firewall tracks the state of network connections and only matches the initial packet against its rule set. Subsequent packets in the same connection are matched in the state table. Contrary to this, UDP packets can be inspected by correlating them with connection states, and packets in a single connection are always correlated .
Question 104
Fill in the blanks
Compress the 2001:0DBB:B8:0000:C030:0000:0000:09A0:CDEF address.___________(if the answer contains letters, capitalize them.)
2001:DBB:B8:0:C030::9A0:CDEF
The IPv6 address 2001:0DBB:B8:0000:C030:0000:0000:09A0:CDEF can be compressed by removing leading zeros in each segment and collapsing consecutive zero groups into ::. The result is 2001:DBB:B8:0:C030::9A0:CDEF .
Question 105
Fill in the blanks
A Huawei firewall by default creates security zones named untrust, dmz, _________ and local. (Use Lowercase letters.)
TRUST
By default, Huawei firewalls create security zones named untrust, dmz, trust, and local. These zones facilitate security policies for inbound, outbound, and inter-zone traffic control .
Question 106
Which of the following attacks is not the network layer attack?
IP spoofing attack
ICMP attack
Smurf attack
ARP spoofing attack
ARP spoofing is a Layer 2 attack, as it targets ARP tables in switches or end devices. All other attacks, including IP spoofing, ICMP attacks, and Smurf attacks, are network layer (Layer 3) attacks .
Question 107
Which of the following statements regarding the firewall zone security level is false?
The configured security level cannot be changed.
Two zones cannot be configured with the same security level.
The default security level of the new zone is 1.
Only the security level of the user-defined zone can be configured.
In Huawei firewalls, the security level of a zone can be reconfigured by an administrator, making the statement that it cannot be changed false. Other statements accurately describe security level restrictions or defaults .
Question 108
ON a stateful inspection Firewall where there is no session table, when the status detection mechanism is enabled and the second packet (CYN+ACK) of 3-way hadshakes reaches the firewall. Which of the following statements is true?
If the firewall security policy permits packets to pass, the session table is created.
By default, when status detection is disabled and the permit policy is configured packets can pass.
Packets must pass the firewall, and a session table is established.
If the firewall security policy permits packets to pass, the packets can pass the firewall.
In a stateful inspection firewall, if the status detection mechanism is enabled, it tracks and validates the state of connections using the session table. If there is no session table and a SYN+ACK packet reaches the firewall, it checks the security policy. If the policy explicitly permits the packet, it will pass through the firewall, but no session table will be created without the initial SYN packet. The other options are either incorrect or misrepresent the behavior of stateful inspection .
Question 109
Which of the following configurations are not mandatory when an administrator configures VRRP?
Unlock Premium Member
Question 110
DRAG DROP
Drag the following VRRP states to the corresponding working mechanisms.
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question