H12-891_V1.0-ENU Dumps Questions Increase Your Chance of Success

Passing the H12-891_V1.0-ENU certification exam can be challenging, which is why practicing with H12-891_V1.0-ENU questions can greatly increase your chances of success. Huawei H12-891_V1.0-ENU dumps questions help you become familiar with the exam format. The H12-891_V1.0-ENU questions are designed to mimic the actual exam, which means that you'll get a feel for the types of questions you'll encounter, the difficulty level, and the time limit. All the H12-891_V1.0-ENU exam dumps questions are the latest version for you to study. Test free H12-891_V1.0-ENU exam questions below.

Page 1 of 2

1. An SRv6 Policy can be either statically configured on a device, or be delivered to a device after being dynamically generated by the controller.

True

False

 Loading...

2. In the firewall hot standby scenario, heartbeat interfaces can be connected directly or through an intermediate device such as a switch or router.

True

False

 Loading...

3. In the firewall hot standby scenario, when VGMP works in load balancing mode, which of the following functions must be enabled on the firewalls to prevent the return traffic from being discarded because it does not match any session entry in the case of inconsistent forward and return paths?

Automatic backup

Manual batch backup

Quick session backup

BFD

 Loading...

4. On a virtualized campus network, all devices in a VXLAN domain must support VXLAN.

True

False

 Loading...

5. Portal authentication, also known as web authentication, is used to authenticate user identities on a web authentication page.

Which of the following statements about Portal authentication is incorrect?

Before Portal authentication, the authentication client must obtain the IP address and be able to communicate with the Portal server.

In most cases, Portal authentication does not require installation of dedicated client software. Therefore, Portal authentication is mainly used in scenarios where no client software is available.

When Portal authentication is deployed on the network, clients to be authenticated must support the Portal protocol.

Portal authentication can authenticate users based on the combination of user name, VLAN, IP address, and MAC address.

 Loading...

6. NCE-Campus. The figure shows the configured policy control matrix.





Which of the following statements about the policy control matrix is incorrect?

The guest group can access the guest group.

If the server group is a resource group, the server group can be specified as the source group of a policy.

The sales group and guest group cannot communicate with each other.

If the policy enforcement point does not find the security group corresponding to an IP address, traffic from the IP address can be forwarded to the server group.

 Loading...

7. Which of the following steps is not mandatory when manually configuring an OSPF-based SR- MPLS BE tunnel?

Enable MPLS globally.

Configure the LSR ID for routers.

Enable segment routing globally

Configure the adjacency SID for each link.

 Loading...

8. Atter policy association is deployed on a campus network, the control device and access device establish CAPWAP tunnels to complete user association, exchange messages, deliver user authorization policies, and forward users' service data.

True

False

 Loading...

9. To prevent hackers from attacking user devices or networks using MAC addresses, you can configure MAC addresses of untrusted users as blackhole MAC addresses to filter out such invalid MAC addresses. When receiving a packet whose source or destination MAC address is a blackhole MAC address on a device, the device discards the packet.

True

False

 Loading...

10. In the topology shown in the following figure, OSPFv3 runs on the entire network.





If no external routes are imported, which of the following types of LSAs will not be generated on R1?

Inter-Area-Router LSA

Link- LSA

Intra-Area-Prefix- LSA

Inter-Area-Prefix- LSA

 Loading...

Page 2 of 2

11. SSH must be configured before you can enable NETCONF on Huawei network devices.

True

False

 Loading...

12. YANG, deriving from NETCONF, is not only applicable to NETCONF. Currently, both the YANG modeling language and YANG file have been unified.

True

False

 Loading...

13. Segment Routing (SR) is a technical architecture designed to forward data packets on a network based on the source routing paradigm. SR-MPLS, as its name suggests, is SR based on MPLS label forwarding.

True

False

 Loading...

14. When you configure a virtualized campus network on iMaster NCE-Campus, creating a virtual network is equivalent to creating a VPN instance to isolate different services.

True

False

 Loading...

15. Assume that free mobility is deployed on the virtualized campus network shown in the figure and PC1, PC2 and PC3 belong to the Sales, R&D and Market security groups, respectively.





Which of the following statements is incorrect?

Both AGG1 and AGG2 have the inter-group policy delivered by iMaster NCE- Campus.

AGG1 enforces the inter-group policy on traffic from PC1 to PC3.

AGG2 enforces the inter-group policy on traffic from PC2 to PC3.

There are multiple authentication points and policy enforcement points on the network.

 Loading...

16. On a carrier's MPLS VPN network, PE1 and PE2 transmit data packets between VPNs. After PE1 receives VPN route 172.16.1.0/24 from a client, it converts the route into a VPNv4 route and distributes label 1027 to PE2. For the FEC of LSR-ID in PE1, the label value distributed by PE2 is 1025.

When a client on PE2 accesses this route, what are the outer and inner labels in the packet transmitted out of PE2?

Outer label: 1027; inner label: 1025.

Outer label: 1025; inner label: 1025.

Outer label: 1027; inner label: 1027.

Outer label: 1025; inner label: 1027.

 Loading...

17. As shown in the figure, the CES and PEs run OSPF for communication.





When CE1 advertises the routes of its site to CE2, which of the following statements is incorrect?

The domain ID configured on PE1 can be carried as a BGP extended community attribute of a route, and sent to PE2 along the route.

If PE2 receives a BGP route from PE1 that carries a domain ID identical to the local domain ID and is calculated based on a Type 3 LSA, PE2 generates a Type 5 LS

If PE2 receives a BGP route from PE1 that carries a domain ID same as the local domain ID and is calculated based on a Type 1 or Type 2 LSA, PE2 generates a Type 3 LS

If PE2 receives a BGP route from PE1 that carries a domain ID different from the local domain ID, PE2 generates a Type 5 LSA or Type 7 LSA, regardless of the LSA type based on which the route is calculated.

 Loading...

18. If the K bit in the GRE header is set to 1, a 4-byte Key field is inserted into the GRE header. The sender and receiver then authenticate each other based on this key.

True

False

 Loading...

 Loading...