Ment
Ment
Ment
True or False
1. When two devices have the same root bridge priority, the device with a larger MAC
address is selected.
Answer:wrong
2. A trunk port can forward both tagged and untagged data frames.
Answer:right
3. STP not only eliminates loops on a switching network, but also improves network
reliability.
Answer: right
Answer:right
Answer:wrong
Answer:right
7. If the network address of a network is 192.168.100.0, then its broadcast address must
be 192.168.100.255.
Answer:wrong
8. An intranet server can be accessed from an external network using the static NAT or
NAT server function.
Answer:right
9. Multipath interference may reduce or increase signal energy.
Answer:right
10. At the two sides of the main lobe, radiation is reduced by 3 dB (power reduced by a
half). The angle between the two sides is beamwidth (also called main lobe width or
half-power angle). When the beamwidth is narrow, the radiation distance is long and the
anti-interference capability is strong.
Answer:right
11. The most important feature of the passive attack is to listen to information to obtain
confidential information. Such activities, however, are unknown to data owners or
authorized users.
Answer:right
12. An IP sweep attacker uses ICMP packets to detect the destination IP address to
obtain the topology structure and survival system of the target network, preparing for
the next attack.
Answer:right
13. The persistent connection allows for the setting of an extra-long aging time on
specific TCP and UDP data streams to ensure that session information is not aged for a
long period of time.
Answer:wrong
14. In the IKE main negotiation mode, the ID type can be set only to the IP address
form. In IKE aggressive negotiation mode, the ID type can be set only to the name
form.
Answer:wrong
15. Configuring a NAT address pool on the firewall, if the public IP address of the
address pool is not on the same network segment as the outgoing IP address of the
external network, you need to configure the route to the address pool on the next hop
router.
Answer:right
Single choice
1. Which command can be used to check whether an OSPF neighbor relationship has
been set up?
Answer:D
C. Optical fiber
Answer:D
A. 192.200.1.1
B. 192.1.1.1
C. 172.32.1.1
D. 172.20.2.1
Answer:D
4. Which type of address is indicated by the IP address 10.0.10.63 and subnet mask
255.255.255.224?
A. Broadcast address
B. Multicast address
C. Host address
D. Network address
Answer:A
5. Which of the following default route configurations is correct?
Answer:A
6. In the port transition mechanism of STP, to which state will the root ports and
designated ports be transited finally?
A. Forwarding
B. Blocking
C. Listening
D. Learning
Answer:A
7. An enterprise wants to assign VLANs on its network, and requires that users belong
to a fixed VLAN no matter which access point is used to access the network. So which
VLAN assignment mode is recommended?
Answer:B
B. The P/A mechanism of RSTP can still be used in interconnection with the STP.
Answer:A
9. In the VRP system, which of the following functions does the Ctrl+Z key
combination have?
Answer:C
10. Which of the following is false about the working principles of a Layer 3 switch?
A. If the destination MAC address of a received data frame is the MAC address of the
switch, the switch performs Layer 3 forwarding; otherwise, the switch performs Layer 2
forwarding.
C. After transmitting the first data flow based on the routing table, a Layer 3 switch
generates a mapping between the MAC address and IP address. When the same data
flow arrives, the switch directly forwards the data flow at Layer 2 based on the mapping
table.
Answer:D
11. Which of the following statements about the process of establishing a PPP link is
false?
A. After NCP negotiation is successful, the PPP link maintains the communication state
and enters the Terminate phase.
B. In the Establish phase, the two devices perform LCP negotiation to negotiate the
maximum receive unit (MRU), authentication mode, and magic number.
C. In the Network phase, the two devices perform NCP negotiation to select and
configure a network layer protocol and to negotiate network-layer parameters.
D. The physical layer is unavailable during the Dead phase. When two communicating
devices detect that the physical link between them is activated, PPP enters the Establish
phase from the Dead phase.
Answer:A
12. What is the UDP protocol number?
A. 6
B. 22
C. 17
D. 5
Answer:C
A. 22
B. 20
C. 21
D. 23
Answer:D
14. Fragmentation can be performed on both the original packet sending host and
intermediate router. After an IP data packet is fragmented, where can the fragments be
reassembled?
A. Next router
B. Packet loopback
C. Intermediate router
D. Packet destination
Answer:D
15. Two routers are connected through serial ports and the link layer protocol is PPP,
but the MRU values on the two ends of the PPP link are different. Which of the
following statements about PPP LCP negotiation is correct?
A. The larger MRU value will be used according to the LCP negotiation.
B. The standard MRU value of 1500 will be used according to the LCP negotiation.
D. The smaller MRU value will be used according to the LCP negotiation.
Answer:A
16. Which of the following messages can provide error information and processing of IP
data packets for source nodes?
A. UDP
B. IGMP
C. TCP
D. ICMP
Answer:D
17. After a DHCP server is deployed on a network, an administrator finds that some
hosts obtain IP addresses that are not specified on the DHCP server. Which of the
following is not a possible cause?
A. These hosts cannot communicate with the DHCP server, so clients on these hosts
automatically obtain IP addresses on the 169.254.0.0 network segment.
B. These hosts cannot communicate with the DHCP server, so clients on these hosts
automatically obtain IP addresses on the 127.254.0.0 network segment.
C. Another DHCP server with higher working efficiency exists on the network.
Answer:B
18. What is the best way to avoid interference in IEEE 802.11 WLAN ( )?
A. Antenna Selection
B. Channel Selection
D. SSID Selection
Answer:B
A. 100mw
B. 200mw
C. 50mw
D. 500mw
Answer:A
20. Since the signal strength is too weak during wireless communication, the wireless
client switches to the channel of other wireless APs. This process is called?
A. Association
B. Roaming
C. Load balancing
D. Reassociation
Answer:B
21. If you use the "display ap all" command to check that the AP status is "dload", what
is the reason?
A. AP is discovering AC
B. AP is registering
C. AP is online
D. AP is upgrading
Answer:D
A. 127.0.0.1
B. 169.254.1.1
C. 10.1.10.1
D. 192.168.0.1
Answer:B
23. For ease of management, STAs connected to a WLAN can obtain IP addresses only
using DHCP but not by manual configuration.
Answer:C
24. What do we generally use to connect APs and antennas during WLAN network
deployment?
A. Combiner
B. Arrester
C. Power splitter
D. Feeder
Answer:D
25. What are the common non-overlapping channels working at the 2.4 GHz frequency
band?
A. 1/5/9/13
B. 1/6/11
C. 2/7/11
D. 1/7/12
Answer:B
26. Which of the following statements about the intrusion prevention system (IPS) is
incorrect?
C. Upon detecting intrusion behaviors, IPS can immediately block the operation.
Answer:B
27. On a USG firewall, which of the following commands can be used to check the
current session entries?
Answer:A
28. In the GRE configuration environment, which IP address does the destination IP
address in the tunnel interface mode refer to?
Answer:A
Answer:C
30. Which of the following statements about MAC address spoofing attacks is
incorrect?
A. MAC address spoofing attacks can cause switches to learn incorrect mapping
relationships between MAC addresses and IP addresses.
B. An attacker can forge source MAC address data frames and send them to switches to
implement MAC address spoofing attacks.
C. MAC address spoofing attacks may cause packets, which should be sent by switches
to correct destinations, to be incorrectly sent to attackers.
D. MAC address spoofing attacks take advantages of the MAC address learning
mechanism employed by switches.
Answer:A
C. RADIUS uses the UDP protocol, with the authentication and authorization port
numbers as 1812 and 1813, or 1645 and 1646, respectively.
Answer:B
33. Which one of the following protocols can verify the new IP header in IPsec?
A. MD5
B. ESP
C. SHA1
D. AH
Answer:D
34. How many IPsec SAs are created for setting up an IPsec tunnel in AH+ESP mode?
A. 2
B. 3
C. 4
D. 1
Answer:A
35. Which of the following technologies can be used by USG series firewalls to provide
well-known application services through ephemeral ports?
A. Port mapping
B. Persistent connection
Answer:A
Multiple choice
A. 2001:410:0:1::45FF
B. 2001:410:0:1:0:0:0:45FF
C. 2001:410::1::45FF
D. 2001:41:0:1:0:0:0:45FF
Answer:A B
A. LSR
B. DD
C. Hello
D. LSA
E. LSU
Answer:A B C E
3. Which of the following statements about ARP packet sending are correct?
Answer:C D
4. Which of the following are correct regarding the MAC address learning mechanism
of a switch?
C. The MAC address learning mechanism of a switch can be based on destination MAC
addresses.
Answer:A B D
5. Which fields in packets are not changed when a router forwards packets?
C. Destination IP address
D. Source IP address
Answer:C D
A. 1 dBm = 0 mw
B. 1 dBm = 1 mw
C. 0 dBm = 1 mw
D. 0 dBm = 0 mw
Answer:A B D
Answer:A D
C. BCP documentation
Answer:A B C
9. Which of the following methods can be used to implement web proxy?
A. Web forwarding
C. Web rewriting
D. Web link
Answer:C D
10. A link-group has three physical interfaces. If any of the interfaces fails, which of the
following statements are correct?
A. After all interfaces in the group recover, the system changes the status of all
interfaces to Up.
D. After some interfaces in the group recover, the system changes the status of all
interfaces to Up.
Answer:A B