Huawei H12-351_V1.0 Exam Practice Test Instant Access

Question 1

Which of the following statements about WLAN roaming and signal strength Is false?

ASmart roaming can be enabled on the WAC to help ST As roam and associate with APs with better signals.

BGenerally, a STA roams when it detects that the signal strength is less than -75 dBm.

CSTAs can roam between WACs in dual-link HSB mode.

DIn most cases, the signal strength of a STA should range from -45 dBm to -65 dBm.

Answer : B

B is false because generally, a STA roams when it detects that the signal strength is less than -70 dBm or -65 dBm, not -75 dBm.

Question 2

Which of the following user access authentication modes are supported In Huawel's CloudCampus Solution? (Select All that Apply)

A802. IX authentication

BMAC address authentication

CPortal authentication

Answer : A, B, C

Huawei's CloudCampus Solution supports three user access authentication modes: 802.1X authentication, MAC address authentication, and Portal authentication.

Question 3

On a campus network, which of the following problems may occur when you manually create a static VXLAN tunnel? (Select All that Apply)

AAlthough the static VXLAN tunnel mode supports the distributed gateway scenario, the configuration involves a heavy workload and is complex to adjust.

BA static VXLAN tunnel uses related protocols on the control plane, consuming device resources.

CIf N devices need to establish VXLAN tunnels, you need to manually configure the ingress replication list up to N x (N-l)/2 times.

DRemote MAC addresses can be learned only through data flooding.

Answer : A, C

B is false because a static VXLAN tunnel does not use any protocols on the control plane, saving device resources.

Question 4

Which of the following key factors is used by the CloudCampus cloud management platform to determine the tenant to which a device belongs?

ADevice ESN

BDevice IP address

CDevice MAC address

DDevice model

Answer : A

The device ESN (Electronic Serial Number) is a unique identifier that is used by the CloudCampus cloud management platform to determine the tenant to which a device belongs. The device ESN is bound to a tenant when a device is added to the platform.

Question 5

Which of the following statements about the access layer design are true when Huawei's CloudCampus Solution is applied to small and midsize campus networks? (Select All that Apply)

AIn the mini-store scenario, APs and egress devices must be deployed if Wi-Fi coverage is required. APs cannot directly connect to egress links and do not support NAT.

BWhen selecting a switch, ensure that the following condition is met; Number of connected APs x AP power ^ Power provided by the PoE switch. Therefore, select PoE switches with a proper power supply based on the AP model and quantity.

CSelect appropriate models of access switches based on whether PoE support is required and how many APs need to access the network.

DFor relatively large networks in midsize shopping malls, supermarkets, and primary/secondary education campuses, it is recommended that stack networking be used at the access layer. If a single device can provide sufficient access capacity for downstream terminals, single-device networking can be used at the access layer. If the upstream devices of access-layer devices are stacked, it is recommended that Eth-Trunks be used to connect to such upstream devices. If more APs need to be deployed, use the PoE switch to increase the number of APs to be connected.

Answer : B, C

A is false because in the mini-store scenario, APs can directly connect to egress links and support NAT if Wi-Fi coverage is required. There is no need to deploy egress devices separately.

Question 6

Which of the following statements about attack defense is true?

ADefense against flood attacks can be used to defend against Ping of Death attacks.

BAttack defense allows APs to analyze the contents and behaviors of incoming packets on ports to determine whether packets have attack characteristics. The APs then take defense measures on the packets that have attack characteristics.

CAttack defense can defend against spoofing packet attacks, malformed packet attacks, fragmentation attacks, and flood attacks.

DFragmentation attack defense enables a device to detect packet fragments in real time and discard or rate-limit them to protect the device.

Answer : B

Attack defense is a feature that allows APs to analyze the contents and behaviors of incoming packets on ports to determine whether packets have attack characteristics. The APs then take defense measures on the packets that have attack characteristics, such as discarding them or limiting their rate. Attack defense can defend against spoofing packet attacks, malformed packet attacks, fragmentation attacks, and flood attacks.

Question 7

WPA3 has the following advantages over WPA and WPA2: supports WPA3-SAE, provides a more secure handshake protocol, enhances the algorithm strength, and supports Suite A cryptography.

ATrue

BFalse

Answer : A

WPA3 has the following advantages over WPA and WPA2:

Supports WPA3-SAE, which provides more secure authentication and key management than PSK.

Provides a more secure handshake protocol than 802.11i, which can resist offline dictionary attacks and protect forward secrecy.

Enhances the algorithm strength from AES-128 to AES-192 or AES-256.

Supports Suite A cryptography, which provides higher security levels for government or military networks.

Huawei H12-351_V1.0 HCIE-WLAN (Written) V1.0 Exam Practice Test