Two Level-1 routers in different areas can establish a neighbor relationship.

A. TRUE
B. FALSE
Answer: B
Which of the following tasks need to be completed during the planning stage of a project?
(Multiple Choice)
A. Work out the technical design
B. Know the project background
C. Determine the model of network devices in the project
D. Make clear the requirements of a project
E. Plan IP addresses
Answer: BD
RSTP provides different functions in different scenarios.
Which of the following statements are false?
A. If the edge port on the switch enabled with BPDU protection receives RST BPDU, the switch
sets the edge port as a non-edge-port and triggers STP calculation.
B. The role of the designated port that is enabled with root protection cannot be changed.
C. When the designated port enabled with root protection receives optimal RST BPDUs, the port
enters the Discarding state and does not forward packets. If the port does not receive optimal
D. RST BPDUs within a certain period of time, the port will automatically restore to the
Forwarding state.
E. After TC protection is enabled, you can set the number of times the switch processes TC
BPDUs within a certain period.
Answer: A
In the port mirroring, real and reliable data must be collected in real time
A. TRUE
B. FALSE
Answer: A
Which of the following statements regarding the firewall zone security level is false?
A. The default security level of the new zone is 1.
B. Only the security level of the user-defined zone can be configured.
C. The configured security level cannot be changed.
D. Two zones cannot be configured with the same security level.
Answer: A
Which information of labels is used for simple traffic classification?
A. DSCP priority
B. IP precedence
C. MPLS EXP priority
D. 802.1p priority
Answer: C
In a route-policy, which of the following BGP attributes can be used in if-match clauses?
(Multiple Choice)
A. Local-Preference
B. AS_Path
C. TAG
D. Community
Answer: BD
Which of the following statements regarding Huawei eSight network management software is
false?
A. Multiple users can be created for network management.
B. Users may be asked to log in to eSight from specified IP addresses in specific time ranges.
C. The administrator can force unauthorized login users to log out.
D. The login time of the administrator role also can be limited.
Answer: D
which layer does a packet filtering firewall check data packets?
A. Application layer
B. Physical layer
C. Network layer
D. Link layer
Answer: C
What are differences between the DiffServ and IntServ models? (Multiple Choice)
https://www.certqueen.com/H12-224-ENU.html
A. The DiffServ model provides different services destined for different destinations.
B. The DiffServ model provides different services destined for different sources.
C. The DiffServ model does not need to maintain the status of each flow.
D. The DiffServ model applies to large-scale backbone networks.
Answer: CD
VXLAN users can access the Internet through VXLAN interfaces.
https://www.certqueen.com/H12-224-ENU.html
A. TRUE
B. FALSE
Answer: A
Which of the following statements regarding the any-source multicast (ASM) and source-
specific multicast (SSM) models are true? (Multiple Choice)
A. In the SSM model, the receiver hosts have obtained the specific location of the multicast
source in advance by other methods.
B. In the ASM model, receiver hosts cannot obtain locations of multicast sources in advance.
C. The SSM model and ASM model use the same multicast group address range.
D. In the SSM model, a multicast distribution tree is established directly between a multicast
source and its receiver hosts.
Answer: ABD
In the Agile Controller's access control scenario, Which of the following statements regarding
the roles of the RADIUS server and client is true?
https://www.certqueen.com/H12-224-ENU.html
A. The Agile Controller integrates all functions of the RADIUS server and client.
B. The Agile Controller as the RADIUS server, while the user terminal as the RADIUS client.
C. The authentication device (such as a 802.1X switch as the RADIUS server, while the user
terminal as the RADIUS client.
D. The Agile Controller as the RADIUS server, while the authentication device (such as a
802.1X switch) as the RADIUS client.
Answer: D
What happens when the topology of a network running RSTP changes?
A. Packets are flooded on the entire network.
B. The aging time of MAC address entries is changed.
C. Some MAC address entries are deleted.
D. The entire MAC address table is deleted.
Answer: C
MPLS performs different actions on labels.
What is the meaning of the pop action?
A. The top label is removed from the MPLS label stack.
B. The top label is added to the MPLS label stack.
C. The top label is replaced with another value.
D. The top label is replaced with the label of another group.
Answer: A
In most cases, an IP address that is dynamically assigned by a DHCP server has a lease.
Which of the following statements regarding the IP address lease is false?
A. The lease renewal timer is 50% of the total lease. When the lease renewal timer expires, the
DHCP server must renew the IP address lease.
B. The rebinding timer is 87.5% of the total lease.
C. If the rebinding timer expires but the DHCP client does not receive any responses from the
DHCP server, the DHCP client keeps sending DHCP Request packets to the DHCP server which
assigned an IP address to it before, until the total lease expires.
D. If the DHCP client receives a DHCP NAK packet within the lease, the client stops using the
current IP address immediately and returns to the initialization state. The DHCP client then
applies for a new IP address.
Answer: C
In the multicast network environment, how do an IGMPv1 host and an IGMPv2 muter on the
same LAN interact with each other? (Multiple Choice)
A. If any host on a LAN is running IGMPv1, all hosts on the LAN must also use IGMPv1.
B. Membership Report messages sent from the IGMPv1 host will be received by the IGMPv2
muter.
C. If the IGMPv1 is in a specific group, the IGMPv2 muter must ignore all Leave messages
received from this group.
D. The version 2 muter must set a countdown timer associated with the group that takes into
account the presence of the version 1 host.
Answer: BCD
Man-in-the middle attacks or IP/MAC Spoofing attacks are common on intra nets and will cause
information leakage.
Which configuration method can prevent these attacks?
A. Configure the trusted or untrusted interface.
B. Limit the maximum number of MAC addresses that can be learned on a switch interface.
C. Configure DHCP snooping to check the CHADDR field carried in a DHCP Request packet.
D. Configure association between DHCP snooping and IPSG or DAI on the switch.
Answer: D
Which of the following commands can leak routes of Level-2 areas into Level-1 areas?
A. import isis level-2 into level-1
B. import-route isis level-2 into level-1
C. advertise isis level-2 into level-1
D. export isis level-2 into level-1
Answer: B

1.Two Level-1 routers in different areas can establish a neighbor relationship.

A. TRUE

B. FALSE

Answer: B

2. Which of the following tasks need to be completed during the planning stage of a project?
(Multiple Choice)

A. Work out the technical design

B. Know the project background

C. Determine the model of network devices in the project

D. Make clear the requirements of a project

E. Plan IP addresses

Answer: BD

3. RSTP provides different functions in different scenarios.

Which of the following statements are false?

A. If the edge port on the switch enabled with BPDU protection receives RST BPDU, the switch
sets the edge port as a non-edge-port and triggers STP calculation.

B. The role of the designated port that is enabled with root protection cannot be changed.

C. When the designated port enabled with root protection receives optimal RST BPDUs, the port
enters the Discarding state and does not forward packets. If the port does not receive optimal

D. RST BPDUs within a certain period of time, the port will automatically restore to the
Forwarding state.

E. After TC protection is enabled, you can set the number of times the switch processes TC
BPDUs within a certain period.
Answer: A

4. In the port mirroring, real and reliable data must be collected in real time.

A. TRUE

B. FALSE

Answer: A

5. Which of the following statements regarding the firewall zone security level is false?

A. The default security level of the new zone is 1.

B. Only the security level of the user-defined zone can be configured.

C. The configured security level cannot be changed.

D. Two zones cannot be configured with the same security level.

Answer: A

6. Which information of labels is used for simple traffic classification?

A. DSCP priority

B. IP precedence

C. MPLS EXP priority

D. 802.1p priority

Answer: C

7. In a route-policy, which of the following BGP attributes can be used in if-match clauses?
(Multiple Choice)

A. Local-Preference

B. AS_Path

C. TAG

D. Community

Answer: BD
1. (Multiple Response) Which of the following LSPs are established in Downstream Unsolicited (DU)
label advertisement mode and ordered label distribution control mode? ( )
A. When the edge node finds a new destination address in its routing table that does not belong to
any existing FEC, the edge node does not create a new FEC for the destination address.
B. An LSP is established by binding an FEC to a label and advertising the binding relationship to the
neighboring LSR.
C. If the egress node has available labels for distribution, it allocates labels for the FEC and sends a
label mapping message to the upstream node.
D. After receiving a label mapping message, the LSR adds the corresponding entry to the label
forwarding table.

2. (Multiple Response) Which of the following statements regarding the LDP session establishment
process are true? ( )
A. Two LSRs send a Hello message to each other. If the Hello message carries the transport address,
the LSR with a greater transport address initiates a TCP connection.
B. If the Hello Message does not carry the transport address, destination IP addresses of the Hello
Message are used to establish a TCP connection. The LSR with the larger IP address initiates a TCP
connection.
C. The initiator sends an Advertisement message to negotiate parameters for establishing an LDP
session. These parameters include the LDP version, label distribution control mode, value of the
Keepalive timer, maximum length of the PDU, and label space.
D. If the responder accepts negotiated parameters, it sends an Initialization message and then a
Keepalive message to the initiator.

3. (Single Response) MPLS VPN is used to solve some limitations of traditional VPN technology.
Which are the major limitation that MPLS VPN solves? ( )
A. Private routes cannot communicate with each other.
B. Leased lines are expensive.
C. Bandwidth resources cannot be fully used.
D. The address space is overlapping.

4. (Single Response) A VPN instance is also called a VPN routing and forwarding (VRF) table. Which of
the following statements is false? ( )
A. VPN instances on a PE are independent of each other.
B. Each VPN instance can be regarded as a virtual router, which maintains an independent address
space and has one or more interfaces connected to the VPN.
C. A PE maintains multiple routing and forwarding tables, including a public routing and forwarding
table and one or more VRFs.
D. A VPN instance can be bound to multiple sites. Multiple sites can be bound to one VPN instance.

5. (Multiple Response) DHCP snooping is a security feature that can be used to defend against
various attacks, including ( )
A. Starvation attacks by changing the CHADDR field value
B. Bogus DHCP server attacks
C. TCP flag attacks
D. Man-in-the-middle attacks and IP/MAC spoofing attacks
6. (Multiple Response) Which of the following are included in the full lifecycle guest management of
the Agile Controller? ( )
A. Account registration
B. Account approval and distribution
C. Account authentication
D. Account audit and deregistration

7. (Multiple Response) Which of the following statements regarding terminal security management
of the Agile Controller are true? ( )
A. Supports one-click restoration to reduce maintenance costs of terminals.
B. Allows installation of only standard software, implementing desktop office standardization.
C. Forces installation of clients meeting security requirements and prevents terminal data leaking.
D. Prohibits installation of non-standard software to reduce the virus infection risks.

8. (Multiple Response) What are the mainly methods of data collection? ( )

A. Collection by physical optical splitter
B. Collection through port mirroring
C. Centralized collection by NMS
D. Automatic collection

9. (Multiple Response) Which of the following items can be used as the filtering conditions for
historical alarm query on eSight? ( )
A. Alarm severity
B. First occurrence time
C. Alarm source
D. Alarm name

10. (Single Response) Which information of labels is used for simple traffic classification? ( )
A. DSCP priority
B. IP precedence
C. MPLS EXP priority
D. 802.1p priority

11. (True or False) After add interface GigabitEthernet0/0/1 is configured in the trust zone view of
the USG series firewall, GigabitEthernet0/0/1 does not belong to the local zone anymore. ( )

12. (Single Response) For interzone packet filtering, which traffic is belong to transmitted to
outbound direction? ( )
A. Trusted zone -> Untrusted zone
B. Untrusted zone -> Trusted zone
C. Untrusted zone -> DMZ
D. Trusted zone -> Local zone

13. (Single Response) Which of the following statements regarding Network Address and Port
Translation (NAPT) and No Port Translation (No-PAT) is true? ( )
A. After NAPT translation, all packets are from the same IP address for external users.
B. In No-PAT mode, only the transport layer protocol port number can be converted.
C. In NAPT mode, only the network layer protocol address can be converted.
D. In No-PAT mode, the network layer protocol address can be converted.

14. (Single Response) Which of the following statements regarding VRRP is false? ( )
A. VRRP determines the device role in the virtual router based on device priorities.
B. If the backup router works in non-preemption mode, the backup router with a higher priority does
not become the master router as long as the master router does not fail.
C. Even if there is the master router, the backup router will preempt to be the master router.
D. When two routers with the same priority preempt to be the master router, the IP addresses of
interfaces are compared. The router with a larger IP address of the interface is selected as the
master router.

15. (Single Response) Which command is used to enable association between BFD and VRRP? ( )
A. vrrp vrid 1 track bfd-session session-name 1 reduced 100
B. bfd-session vrrp vrid 1 track session-name 1 reduced 100
C. track vrrp vrid 1 bfd-session session-name 1 reduced 100
D. vrrp vrid 1 track bfd-session-name 1 reduced 100

16. (Single Response) In the SDN network architecture, which device is used to calculate the path and
deliver the flow table? ( )
A. Application server
B. Controller
C. Orchestrator
D. Device

17. (True or False) VXLAN is irrelevant to SDN technology. ( )

18. (Single Response) How is OPEX defined? ( )

A. Maintenance cost
B. Total cost of ownership (TCO)
C. Operating cost
D. O&M cost

19. (Single Response) In vAR application scenarios, which functions of the AR Router can be
virtualized on a server? ( )
A. Firewall
B. VoIP
C. NAT
D. VPN

20. (True or False) SDN and NFV are essentially the same concept and both define network function
virtualization. ( )
Answer：
1.BCD 2.AD 3.D 4.D 5.ABD 6.ABCD 7.ABCD 8.ABC 9.ABCD 10.C 11.F 12.A 13.D 14.C 15.A 16.B
17.T 18.C 19.ABCD 20.F

1. (True or False) Each DD packet has a DD sequence number, which is used for DD packet
acknowledgement. DD contains complete link state information. ( )

2. (Single Response) Which of the following statements regarding stub area configuration notes
is true? ( )
A. The backbone area can be configured as a stub area.
B. If an area is configured as a stub area, all the routers within this area must have stub area
attributes configured.
C. An ASBR can belong to a stub area.
D. A virtual link can pass through a stub area.

3. (Single Response) What is the Origin attribute of the routes injected into BGP using the
network command? ( )
A. IGP
B. EGP
C. Incomplete
D. Unknown

4. (Single Response) Which of the following statements regarding Local-Preference is true? ( )

A. Local-Preference is a well-known mandatory attribute.
B. Local-Preference affects traffic that enters an AS.
C. Local-Preference can be transmitted between ASs.
D. The default Local-Preference value is 100.

5. (True or False) The AS_Path attribute cannot take effect within an AS. Therefore, a BGP router
will not advertise any Update message received from an IBGP peer to other IBGP peers. ( )

6. (True or False) The first four bits of a multicast IP address are fixed as 1110 and are mapped to
the high 25 bits of a multicast MAC address. Among the last 28 bits of a multicast IP address,
only 23 bits are mapped to a multicast MAC address, and information about the other 5 bits is
lost. As a result, 32 multicast IP addresses are mapped to the same MAC address. ( )

7. (True or False) IGMPv1 defines a mechanism to select a querier when there are multiple
routers on a shared network. ( )

8. (Multiple Response) What services and functions can ACLs be applied to the router AR3200?
( )
A. Routing policy
B. Traffic classifier
C. Firewall
D. Policy-based routing
9. (Multiple Response) Which of the following statements regarding routing policy and policy-
based routing are true? ( )
A. Policy-based routing is used to control packet forwarding without following routes in the
routing table.
B. A routing policy is used to control import, advertisement, and receiving of routing
information.
C. A routing policy is used to control packet forwarding without following routes in the routing
table.
D. Policy-based routing is used to control import, advertisement, and receiving of routing
information.

10. (Single Response) Port isolation provides secure and flexible networking solutions for users.
Which of the following statements regarding port isolation is false? ( )
A. Port isolation can be used for configuring Layer 2 isolation.
B. By default, interfaces are isolated at Layer 2 but can communicate at Layer 3.
C. Before the port isolation function takes effect on an interface, the port isolation function must
be enabled.
D. The port-isolate enable command can run in the system view.

11. (Single Response) On a network running RSTP, some devices use STP. When RSTP-enabled
switches detect a topology change, which method is used by the RSTP-enabled switches to notify
STP-enabled switches of the topology change? ( )
A. RSTP BPDUs with the TC are used.
B. STP BPDUs with the TC are used.
C. RSTP BPDUs with the TCA are used.
D. STP BPDUs with the TCA are used.

12. (Multiple Response) RSTP defines different ports compared with STP. Which of the following
ports cannot work in forwarding state? ( )
A. Root port
B. Designated port
C. Backup port
D. Alternate port

13. (Single Response) Which of the following statements regarding MUX VLAN is true? ( )
A. You do not need to configure the principal VLAN and subordinate VLAN in sequence.
B. The MUX VLAN function must be enabled on an interface so that it can take effect.
C. The principal VLAN and the subordinate VLAN of the MUX VLAN can be the same VLAN.
D. The MUX VLAN can contain only one subordinate group VLAN.

14. (Single Response) Which of the following statements regarding an SPT switchover after RPT
setup is false? ( )
A. An RPT cannot provide multicast forwarding for a long time.
B. Because all multicast traffic passes through an RP router, the RP router may become the data
forwarding bottleneck.
C. An SPT has the shortest path and provides higher forwarding performance than an RPT.
D. A RPT cannot be used to forward high volumes of traffic.

15. (Single Response) Which of the following statements regarding the summary automatic
command and BGP route summarization is false? ( )
A. This command enables automatic summarization for the locally imported routes.
B. After this command is configured, BGP summarizes routes based on natural network
segments.
C. After this command is configured, BGP sends only the summarized routes to peers.
D. This command is used to implement automatic summarization. Automatic summarization
takes precedence over manual summarization.

16. (Single Response) What is the function of the detail-suppressed keyword in the aggregate
command? ( )
A. It suppresses the delivery of generated summarized routes to the IP routing table.
B. It suppresses the delivery of specific routes to the IP routing table.
C. It only advertises the summarized routes to other BGP peers.
D. It advertises both the summarized routes and specific routes to other BGP peers.

17. (Multiple Response) Which of the following statements regarding the MED value are true?
( )
A. According to BGP route selection rules, the MED value has a lower priority than AS_Path,
Preferred-Value, Local-Preference, and Origin.
B. The default MED value of BGP routes is 0.
C. By default, BGP can compare the MED values of routes from different ASs.
D. By default, if there is no MED value in routes, the value 0 is used. If the bestroute med-none-
as-maximum command is configured, the maximum MED value 4294967295 is used.

18. (Multiple Response) Which of the following statements regarding DR/BDR are false? ( )
A. All DR others establish neighbor relationships with DR and BDR only.
B. In a broadcast network, DR and BDR must be elected. A broadcast network without a DR or
BDR cannot operate normally.
C. DR others listen on the multicast address 224.0.0.5.
D. DR others listen on the network address 224.0.0.6.

19. (Single Response) Which of the following statements regarding OSPF external route types is
false? ( )
A. OSPF includes Type 1 and Type 2 external routes.
B. The cost of a Type 1 external route is the addition of the AS external cost and the AS internal
cost (the cost from a router to an ASBR).
C. The cost of a Type 2 external route is the AS external cost.
D. A Type 2 external route is always preferred over a Type 1 external route when other
conditions are the same.

20. (Single Response) Which of the following statements regarding different LSA types is false?
( )
A. DD packets contain only LSA summary information, including LS Type, LS ID, Advertising
Router, and LS Sequence Number.
B. LS Request packets contain only LS Type, LS ID, and Advertising Router.
C. LS Update packets contain complete LSA information.
D. LS Ack packets contain complete LSA information.

Answer:
1.F 2.B 3.A 4.D 5.T 6.T 7.F 8.ABCD 9.AB 10.D 11.B 12.CD 13.B 14.A 15.D 16.C 17.ABD 18.
ABD 19.D 20.D

1. (Multiple Response) Which of the following cabling modes are commonly used in a data
center? ( )
A. TOR
B. DOD
C. EOR
D. PHP
E. NSF

2. (Simple Response) Which of the following features is not applied to enterprise WANs? ( )
A. Wide coverage
B. Difficult O&M
C. Multiple types
D. High costs of utilization

3. (Multiple Response) Data center switches greatly differ from campus switches. Which of the
following features are specific to data center switches but are not supported by campus
switches? ( )
A. MSTP
B. TRILL
C. NFV
D. FCoE
E. VXLAN

4. (True or False) If the number of checked goods is different from the number of goods on the
packing list, you can unpack and inspect goods and then contact the vendor to handle the
inconsistency. ( )

5. (Single Response) Which of the following authorization items is not required for risky
operations? ( )
A. Management authorization
B. Technology authorization
C. Customer authorization
D. Administrative authorization

6. (Multiple Response) Which of the following statements regarding the device software upgrade
necessity are true? ( )
A. The new software version continuously increases new functions.
B. The new software version continuously improves usability.
C. The new software version continuously improves stability.
D. You are advised to immediately upgrade the system software to the latest version.

7. (Single Response) Which of the following is the core idea of network troubleshooting? ( )
A. Service traffic path check
B. Determining and analysis
C. Information collection
D. Top-down

8. (Multiple Response) Which of the following tasks need to be completed during the planning
stage of a project? ( )
A. Work out the technical design
B. Know the project background
C. Determine the model of network devices in the project
D. Make clear the requirements of a project

9. (Multiple Response) Which of the following contents are included in a migration project
solution? ( )
A. Migration preparation
B. Migration implementation
C. Rollback solution
D. Contingency plan

10. (Single Response) Which of the following work is not prepared before the migration? ( )
A. Hardware test
B. Software test
C. Expenses
D. Tools

11. (Single Response) During MSTP troubleshooting, the display current-configuration command
is executed to obtain the configuration file of the device. Which of the following statements is
false? ( )
A. Check the port configuration to verify that the MSTP-enabled port is configured (for example,
using the bpdu enable command) to send protocol packets.
B. The port connected to a user device has MSTP disabled or is configured as the edge port.
C. The BPDU tunnel configuration has no impact on MSTP.
D. Check whether the interface is added to the correct VLAN.

12. (Single Response) If all data packets are lost when you ping the peer host, which of the
following methods is the most appropriate for subsequent troubleshooting? ( )
A. Configuration comparison
B. Bottom-up
C. Service traffic path check
D. Top-down

13. (Multiple Response) During follow-up operations of the structured network troubleshooting
process, which of the following parties does not require advertisement of information? ( )
A. Parties affected by the fault
B. Authorization parties in each phase of troubleshooting
C. Other vendors and service providers
D. Users who are interested in the root cause for the fault

14. (Single Response) A network administrator fails to access devices on the internal network
through Telnet. Which of the following causes is the most impossible? ( )
A. The route is unreachable, and the client fails to establish a TCP connection with the server.
B. The number of login users reaches the upper limit.
C. An ACL is bound in the VTY user interface view.
D. The protocol inbound all command is configured in the VTY user interface view.

15. (Multiple Response) Which of the following items are used to remind customers of
information security? ( )
A. Account sort-out reminder
B. Password update reminder
C. Log protection reminder
D. Data backup reminder

16. (Single Response) During the structured network troubleshooting process, which of the
following statements regarding the fault identification phase is true? ( )
A. Focus on how to better solve faults, regardless of whether a fault is within your own
responsibility scope.
B. Pay attention to user feedback and identify faults based on user feedback.
C. To minimize the fault effect, try not to let others know the network fault.
D. Check whether the troubleshooting is within your own responsibility scope.

17. (Single Response) If a fault is located on a router that works in redundancy mode with
another router, which of the following methods is the most appropriate for subsequent
troubleshooting? ( )
A. Configuration comparison
B. Bottom-up
C. Service traffic path check
D. Top-down

18. (Multiple Response) Which of the following causes may result in an IS-IS neighbor
relationship fault? ( )
A. The devices on two ends of a link have the same system ID.
B. The devices on two ends of a link have inconsistent IS-IS levels.
C. When an IS-IS Level-1 neighbor relationship is established, the devices on two ends of a link
have inconsistent area addresses.
D. The IP addresses of interfaces on two ends of a link are on different network segments.
 19. (Single Response) Which of the following events represent the end of the network planning
stage? ( )
A. Project initiation
B. Bid release
C. Contract signing
D. Preliminary project acceptance

20. (Single Response) Which of the following network features is described by counters such as
mean time between failures (MTBF) and mean time to repair (MTTR)? ( )
A. Scalability
B. Availability
C. Security
D. Cost-effectiveness

Answer：
1.AC 2.C 3.BDE 4.F 5.D 6.ABC 7.A 8.BD 9.ABCD 10.C 11.C 12.B 13.ABC 14.A 15.ABCD 16.
D 17.A 18.ABCD 19.B 20.B

1. To enable an Eudemon in routing mode to work like a router, you need to assign IP addresses
to interfaces and enable dynamic or static routing protocols on the Eudemon.

 True
 False

2. To process fragmented service packets on an NAT-enabled firewall which of the following

functions needs to be enabled?

 Transparent fragment transmission

 Fragment cache
 Fragment reassembly
 MTU check

Question was not answered

3. In a Land attack, the source address and destination address of an SYN packet are both the IP
address of the attacked object or a loopback address.

 True
 False

Question was not answered

4. The urgent pointer in the flag field of an IPv4 packet header is generally used for OOB data
transmission.
  True
 False

Question was not answered

5. Which of the following indicators are performance indicators of the Eudemon?

 Throughput of large-sized or small-sized packets

 Number of new connections and concurrent connections per second
 VPN performance
 Process delay

Question was not answered

6. To process fragmented service packets on an NAT-enabled firewall, which of the following

functions needs to be enabled?

 Transparent fragment transmission

 Fragment cache
 Fragment reassembly
 MTU check

Question was not answered

7. In the scenario where packets are sent and received along different paths, which of the
following functions needs to be disabled on the firewa119

 Status detection
 Attack defense
 Packet filtering
 Status backup

Question was not answered

8. Assume that the trace route test is used to detect the packet forwarding path and tracert packets
have passed through the firewall. Which of the following attack protection functions needs to be
disabled to normally display the tracert result?

 ICMP-redirect
 ICMP-unreachable
 Tracert
 Smurf

Question was not answered

9. What is the recommended minimum delay for HRP preemption on the Eudemon?
  120s
 60s
 10s
 5s

Question was not answered

10. Which of the following commands is used to display the detailed information about the
Eudemon?

 display firewall statistic system

 display firewall session table raw both-direction
 display firewall session table verbose
 display firewall session table detail

Question was not answered

11. Which of the following technologies does the Eudemon use to defense against Anti-DDoS
attacks?

 TCP agent
 Source authentication and detection
 Standard protocol stack identification
 Fingerprint identification (characteristics detection)
 Abnormal session detection
 Traffic control

Question was not answered

12. What are the types of DDoS attacks?

 Attacks by special packets

 Scanning attack
 Traffic attack
 Application-layer attack

Question was not answered

13. Which of the following attacks are DDoS attacks?

 SYN flood
 SYB/ACK flood
 UDP flood
 CC attack
 HTTP get flood
Question was not answered

14. Which of the following options are performance parameters of the firewall?

 Throughput
 Maximum number of connections
 Number of new connections per second
 Process delay

Question was not answered

15. By which can an IP-based advanced ACL filter packets?

 Source IP address and its subnet mask

 Destination lP address and its subnet mask
 Protocol type
 TCP or UDP port number
 Priority of the data packet
 Service type of the data packet

Question was not answered

16. Which of the following statements about NAT are true?

 NAT is short for "network address translation".

 NAT, also called address proxy, is used for translation between private and public
network addresses.
 Hosts within the intranet can access the extranet without using NA
 NAT can effectively resolve the problem of IP address shortage.

Question was not answered

17. Which of the following NAT functions are supported by the Eudemon?

 NAT/PAT
 NAT ALG
 Bidirectional NAT
 NAT server

Question was not answered

18. Which of the following attacks can Eudemon defend against?

 SYN-Flood
 UDP Flood
 Port Scan
  Ping-Death

Question was not answered

19. Which of the following routing technologies are supported by the Eudemon 200E?

 Static route
 Policy-based routing
 Routing policy
 Route iteration

Question was not answered

20. Which of the following DDoS attacks can the Eudemon l000E defend against?

 SYN flood
 UDP flood
 ICMP flood

The 4 Phases of the Project Management Life

Cycle
Posted By: Lucidchart Content Team
August 28 2017

The 4 Phases of the Project Management Life Cycle

1. Initiation
2. Planning
3. Execution
4. Closure

Whether you’re working on a small project with modest business goals or a large, multi-
departmental initiative with sweeping corporate implications, understanding the project
management life cycle is essential. Every project has essential milestones at the beginning, in the
middle, and at the end, following a path from initiation to completion to evaluation.

Working with an understanding of the project management cycle helps you keep your project
organized and on track from ideation to completion.

Project management life cycle overview

The project management life cycle describes high-level processes for delivering a successful
project. For every $1 billion invested in projects by companies in the United States, $122 million
was wasted due to lacking project performance, according to Project Management Institute
Research. Wasted money and resources can be prevented with effective project management, as
57% of unsuccessful projects fail due to communication breakdown. In the phases of the
project management life cycle, you come up with the idea for a project, define its goals, plan for
its execution, and guide it to completion.

4 phases of the project management life cycle

The project management life cycle is usually broken down into four phases: initiation, planning,
execution, and closure—these make up the path that takes your project from the beginning to the
end. Some methodologies also include a fifth phase, controlling or monitoring. For our purposes,
this phase is covered under the execution and closure phases.

To help you visualize the project management lifecycle, use this free customizable template. It’s
easy to edit and share with your team.

Project Management Life Cycle (Click on image to modify this template)

Use this free project management life cycle template

1. Initiation
In the initiation phase of the project, you identify a business need, problem, or opportunity and
brainstorm ways that your team can meet this need, solve this problem, or seize this opportunity.
During this step, you figure out an objective for your project, determine whether the project is
feasible, and identify the major deliverables for the project.

Instead of waiting to have the project strategy decided for you, Moira Alexander advocates for a
mental switch from being a project "manager" to becoming a project "leader":

"Project managers must be able to sell business leaders on the intrinsic value they offer to the
business at a strategic level when they are at the table from the start of strategic planning instead
of after the fact decision-making. Project managers effectiveness is drastically muted when
offering a "fix-it" or "workaround" once high-level directional business decisions are made
without their expertise."

Clearly it's worth it to do what it takes to make your voice heard early, before the strategy is set
in stone.

Project management steps for the initiation phase

Steps for the project initiation phase may include the following:

 Undertaking a feasibility study – Identifying the primary problem your project will solve
and whether your project will deliver a solution to that problem
 Identifying scope – Defining the depth and breadth of the project
 Identifying deliverables – Defining the product or service to provide
 Identifying project stakeholders – Figuring out whom the project affects and what their
needs may be
 Developing a business case – Using the above criteria to compare the potential costs and
benefits for the project to determine if it moves forward

You’ll also develop a statement of work or project initiation document, which may include basic
project life cycle flowcharts.

2. Planning

Once the project is approved to move forward based on your business case, statement of work, or
project initiation document, you move into the planning phase. In this phase, you break down the
larger project into smaller tasks, build your team, and prepare a schedule for the completion of
assignments. During this phase, you create smaller goals within the larger project, making sure
each is achievable within the time frame. Smaller goals should have a high potential for success.

Take a look at this example workflow diagram that you can use as a template to plan your
projects.
Workflow diagram template (Click on image to modify this template)
Use this free template

Project management steps for the planning phase

Steps for the project planning phase may include the following:

 Creating a project plan – Identifying the project timeline, including the phases of the
project, the tasks to be performed, and possible constraints
 Creating workflow documents or process maps – Visualizing the project timeline by
diagramming key milestones
 Estimating budget and creating a financial plan – Using cost estimates to determine how
much to spend on the project to get the maximum return on investment
 Gathering resources – Building your functional team from internal and external talent
pools while making sure everyone has the necessary tools (software, hardware, etc.) to
complete their tasks
 Anticipating risks and potential quality roadblocks – Identifying issues that may cause
your project to stall while planning to mitigate those risks and maintain the project’s
quality and timeline

The planning phase is also where you bring your team on board, usually with a project kickoff
meeting. It is important to have everything outlined and explained so that team members can
quickly get to work in the next phase.

3. Execution

You’ve received business approval, developed a plan, and built your team. Now it’s time to get
to work. The execution phase turns your plan into action. The project manager’s job in this phase
of the project management life cycle is to keep work on track, organize team members, manage
timelines, and make sure the work is done according to the original plan.

Project management steps for the execution phase

Steps for the project execution phase may include the following:

 Creating tasks and organizing workflows – Assigning granular aspects of the projects to
the appropriate team members, making sure team members are not overworked
 Briefing team members on tasks – Explaining tasks to team members, providing
necessary guidance on how they should be completed, and organizing process-related
training if necessary
 Communicating with team members, clients, and upper management – Providing updates
to project stakeholders at all levels
 Monitoring quality of work – Ensuring that team members are meeting their time and
quality goals for tasks
 Managing budget – Monitoring spending and keeping the project on track in terms of
assets and resources

If you have a properly documented process already in place, executing the project will be much
easier.
You can use swimlane diagrams to make sure team members clearly understand their role in a
project. (Click on image to modify online)
Use this free template

4. Closure

Once your team has completed work on a project, you enter the closure phase. In the closure
phase, you provide final deliverables, release project resources, and determine the success of the
project. Just because the major project work is over, that doesn’t mean the project manager’s job
is done—there are still important things to do, including evaluating what did and did not work
with the project.

Project management steps for the closure phase

Steps for the project closure phase may include the following:
  Analyzing project performance – Determining whether the project's goals were met (tasks
completed, on time and on budget) and the initial problem solved using a prepared
checklist [link to checklist template]
 Analyzing team performance – Evaluating how team members performed, including
whether they met their goals along with timeliness and quality of work
 Documenting project closure – Making sure that all aspects of the project are completed
with no loose ends remaining and providing reports to key stakeholders
 Conducting post-implementation reviews – Conducting a final analysis of the project,
taking into account lessons learned for similar projects in the future
 Accounting for used and unused budget – Allocating remaining resources for future
projects
 By remaining on task even though the project’s work is completed, you will be prepared
to take everything you’ve learned and implement it for your next project.

Use Lucidchart throughout the project life cycle

Finding the right tools can make even the most difficult project easier. With Lucidchart, the
essential visual productivity platform, you can document all parts of your process to make
planning and execution simple. For example, you can map out your process and quickly glance
to see whether you’re on track, or you can create an organizational chart to define the
responsibilities of everyone on your team.

If you haven't used Lucidchart before, see how easy it is to get started.

Difference between Firewall and Router

Answer-

1) WE can make Security-Level on Firewall,but router can't

2) We can make firewall in multiple context(Virtual Firewall) but router can't

3) We can create SSL VPN on Firewall,but router can't

4) Whenever a packet inspected by Firewall and another packet comes with same contents then
firewall didn't check that packet,

but router checks all packets.(show connections)

5) Firewall works as L2 and L3 both, but router only on L3.

6) Firewall inspects packets on L3 to L7 but router works on L3.

7) Firewall have Failover,router can't

8) Whenever we take trace,then firewall cannot comes on picture,but router always shows as a
Hop Count.

The following explains the various states a BGP connection can be in:

 Idle is the initial state of a BGP connection. The BGP speaker is waiting for a start event,
generally either the establishment of a TCP connection, or the re-establishment of a
previous connection. Once the connection is established, BGP moves to the next state.

 Connect is the connection phase. If the TCP connection completes, BGP will move to the
OpenSent stage. If the connection does not complete, BGP goes to Active.

 Active indicates that the BGP speaker is continuing to create a peer relationship with the
remote router. If this is successful, the BGP state goes to OpenSent. You'll occasionally
see a BGP connection flap between Active and Connect. This indicates an issue with the
physical cable itself, or with the configuration.

 OpenSent indicates that the BGP speaker has received an Open message from the peer.
BGP will determine whether the peer is in the same AS (iBGP) or a different AS (eBGP)
in this state.

 OpenConfirm indicates the BGP speaker is waiting for a keepalive message.

 Established is reached once a keepalive is received in the OpenConfirm state.

UPDATES should happen here.