**Quiz Question and Answer:**

**Question 1/60:**

Specific routes can be summarized into a summary route only when they have the same next-hop
address.

- [ ] True

- [ ] False

**Correct Answer:** True

**Question 2/60:**

To prevent out-of-order packets, it is recommended that Eth-Trunk use flow-based load balancing.

- ○ True

- ○ False

**Correct Answer:** True

**Question 3/60:**

AAA is short for authentication, authorization, and application.

- [ ] True

- [x] False

**Correct Answer:** False

**Explanation:**

AAA stands for **Authentication, Authorization, and Accounting**, not "application."

**Question 4/60:**

In the WLAN network architecture, ACS can be connected in in-path or off-path mode.
- [ ] True

- [ ] False

**Correct Answer:** True

**Explanation:**

In WLAN (Wireless Local Area Network) architectures, an **ACS (Access Control Server)** can indeed
be deployed in either:

- **In-path mode**: Directly inline with data traffic for real-time processing.

- **Off-path mode**: Connected indirectly (e.g., via separate interfaces) for management purposes.

**Question 5/60:**

Switches can implement communication between homogeneous networks or communication

- [ ] True

- [x] False

**Correct Answer:** False

**Explanation:**

- **Switches** operate at Layer 2 (Data Link Layer) and primarily facilitate communication within the
**same broadcast domain** (homogeneous networks). They **isolate collision domains** but do
not inherently isolate **broadcast domains** (unless VLANs are configured).

- **Communication between heterogeneous networks** (e.g., different subnets or protocols)

**Question 6/60:**

A hybrid port on a switch can connect to either a user host or a port on another switch.

- [x] True

- [ ] False
**Correct Answer:** True

**Explanation:**

- A **hybrid port** on a switch is versatile and can be configured to:

- Connect to **end-user devices** (e.g., PCs, printers) while tagging or untagging VLAN traffic.

- Connect to **other switches** (e.g., trunk links) to pass multiple VLANs.

- Unlike **access ports** (host-only) or **trunk ports** (switch-to-switch), hybrid ports support
**both scenarios** through flexible VLAN tagging settings.

**Question 7/60:**

When a static route is configured on a router, the specified next-hop address must be an address on
the directly connected network.

- [ ] True

- [x] False

**Correct Answer:** False

**Explanation:**

- Static routes can specify a **next-hop IP address** that is either:

- **Directly connected** (on the same subnet as one of the router's interfaces).

- **Non-directly connected** (reachable via another router, requiring recursive lookup).

- The statement is false because the next-hop address **does not** strictly need to be on a directly
connected network.

**Question 8/60:**

The PVID of a trunk port on a switch may not be the ID of a VLAN that is allowed for the port.

- [x] True

- [ ] False

**Correct Answer:** True

- **PVID (Port VLAN ID)** defines the default VLAN for untagged frames on a port.

- On a **trunk port**, the PVID can be set to a VLAN that is **not** included in the list of allowed
VLANs for that port. This configuration is uncommon but technically possible.

- Typically, best practice is to ensure the PVID matches an allowed VLAN, but the statement
highlights a valid exception.

## **Question 11/60 (Multiple Choice - Single Answer)**

**Question:** IPv6 addresses can be classified into three types based on IPv6 address prefixes.
Which of the following is **not** an IPv6 address type?

- **A. Multicast address**

- **B. Anycast address**

- **C. Unicast address**

- **D. Broadcast address**

✅ **Correct Answer: D (Broadcast address)**

**Explanation:**

- IPv6 address types include **Unicast**, **Multicast**, and **Anycast**.

- **Broadcast** does **not** exist in IPv6; it is replaced by **Multicast** (e.g., `FF02::1` for all
nodes).

---

### **Question 12/60 (Multiple Choice - Single Answer)**

**Question:** The MAC address table of a switch is as follows:

```

00-01-02-03-04-AA G0/0/1

00-01-02-03-04-CC G0/0/3
```

A data frame with the destination MAC address **00-01-02-03-04-BB** is received on **G0/0/1**,
and another data frame with the destination MAC address **00-01-02-03-04-CC** is received on
**G0/0/3**. How does the switch process the two data frames?

- **A. Floods the first frame and forwards the second frame.**

- **B. Forwards the first frame and discards the second frame.**

- **C. Forwards the first frame and floods the second frame.**

- **D. Floods the first frame and discards the second frame.**

✅ **Correct Answer: D (Floods the first frame and discards the second frame.)**

**Explanation:**

1. **First Frame (00-01-02-03-04-BB):**

- The MAC **BB** is **not** in the table → **Flooded** out all ports (except G0/0/1).

2. **Second Frame (00-01-02-03-04-CC):**

- The MAC **CC** is in the table (G0/0/3), but the frame is received on the **same port**
(G0/0/3) → **Discarded** (loop prevention).

### **Question 13/60 (Multiple Choice - Single Answer)**

**Question:** Mastering the basic operations of the file system is crucial for network engineers to
efficiently manage the configuration files and VRP system files of devices. Which of the following
statements is **true** about these files?

- **A.** A PAF file effectively controls product features and resources. The common file name
extension is `.bin`.

- **B.** A patch file is a type of software compatible with the system software. The common file
name extension is `.zip`.

- **C.** System software is mandatory for device startup and running. The common file name
extension is `.cfg`.

- **D.** A configuration file stores configuration commands. The common file name extension is
`.cc`.
✅ **Correct Answer: A (A PAF file effectively controls product features and resources. The common
file name extension is .bin.)**

**Explanation:**

- **PAF (Product Authorization File)** files (`.bin`) manage licensed features and resources on
devices (e.g., Huawei VRP).

- **Patch files** typically use `.pat` (not `.zip`).

- **System software** uses `.bin` (not `.cfg`).

- **Configuration files** use `.cfg` or `.dat` (not `.cc`).

---

### **Question 14/60 (Multiple Choice - Single Answer)**

**Question:** What is the network ID for the IP address `192.168.1.1/29`?

- **A.** 192.168.1.255

- **B.** 192.168.1.4

- **C.** 192.168.1.0

- **D.** 192.168.1.7

✅ **Correct Answer: C (192.168.1.0)**

**Explanation:**

- A `/29` subnet mask (`255.255.255.248`) divides the last octet into 8-address blocks (e.g.,
`192.168.1.0`–`192.168.1.7`).

- The **network ID** is the first address in the block (`192.168.1.0`).

---

### **Question 15/60 (Multiple Choice - Single Answer)**

**Question:** When a `ping` command is run on a network device to check connectivity, which type
of packet will be sent by the device?
- **A.** UDP

- **B.** TCP

- **C.** IGMP

- **D.** ICMP

✅ **Correct Answer: D (ICMP)**

**Explanation:**

- **Ping** uses **ICMP (Internet Control Message Protocol)** Echo Request/Reply packets to test
reachability.

- UDP/TCP are transport-layer protocols, and IGMP is for multicast management.

### **Question 16/60 (Multiple Choice - Single Answer)**

**Question:** Which is the most widely used VLAN assignment method?

- **A.** Interface-based VLAN assignment

- **B.** IP subnet-based VLAN assignment

- **C.** Protocol-based VLAN assignment

- **D.** MAC address-based VLAN assignment

✅ **Correct Answer: A (Interface-based VLAN assignment)**

**Explanation:**

- **Interface-based VLAN assignment** (port-based VLAN) is the **most common** method, where
VLAN membership is determined by the switch port to which a device is connected.

- Other methods (IP subnet, MAC address, or protocol-based) are less common and used for specific
scenarios.

---

### **Question 17/60 (Multiple Choice - Single Answer)**

```

[R1-aaa] display this [V200R003C00]

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user huawei password cipher %$%$m|GrHmJ1mL[7&zCh^XQBUII]%$%$

local-user huawei privilege level 0

local-user huawei service-type telnet

```

- **A.** The authentication mode is local authentication.

- **B.** The huawei user can log in to the device through SSH.

- **C.** The authorization scheme is default and the authorization mode is non-authorization.

- **D.** The huawei user can run the `display current-configuration` command.

✅ **Correct Answer: A (The authentication mode is local authentication.)**

**Explanation:**

- The configuration shows:

- **Local user "huawei"** is defined with a password and `service-type telnet`, confirming **local
authentication**.

- **SSH access is not enabled** (only Telnet is specified).

- **Privilege level 0** restricts the user to basic commands (cannot run `display current-
configuration`).

- The **default schemes** do not imply "non-authorization"; they use predefined settings.
---

**Navigation:** Arrow keys available to switch questions.

**Progress:** Questions 16-17 out of 60.

Here are the quiz questions and answers for questions 18 and 19:

---

### **Question 18/60 (Multiple Choice - Single Answer)**

**Question:** Which of the following packet types is used by OSPF to maintain neighbor
relationships?

- **A.** LSR (Link-State Request)

- **B.** DD (Database Description)

- **C.** Hello

- **D.** LSU (Link-State Update)

✅ **Correct Answer: C (Hello)**

**Explanation:**

- **Hello packets** are used by OSPF to **discover neighbors**, establish adjacencies, and maintain
ongoing relationships.

- Other OSPF packet types:

- **LSR/LSU**: Exchange routing information.

- **DD**: Summarize database contents during initialization.

---

### **Question 19/60 (Multiple Choice - Single Answer)**

**Question:** An IPv6 address is 128 bits long, represented by eight 16-bit hexadecimal groups
separated by colons (`:`). Which statement about IPv6 addresses is **false**?
- **A.** There may be ULA conflicts in a global scope.

- **B.** The IPv6 address with the prefix `FE80::/10` is a link-local address (LLA).

- **C.** Each IPv6 interface must have a unique local address (ULA).

- **D.** A global unicast address (GUA) is globally unique.

✅ **Correct Answer: C (Each IPv6 interface must have a unique local address (ULA).**

**Explanation:**

- **False Statement (C):** ULAs (Unique Local Addresses, `FC00::/7`) are **not mandatory**; they
are used for private addressing (similar to IPv4's RFC 1918).

- **True Statements:**

- **A:** ULAs *may* conflict if manually configured without uniqueness checks.

- **B:** `FE80::/10` addresses are **link-local** (non-routable, used for neighbor discovery).

- **D:** GUAs (`2000::/3`) are globally routable and unique.

---

Here is a consolidated list of all **multiple-choice questions** starting from **Question 20** to
**Question 35**, along with their **correct answers** and **explanations**:

---

### **Question 20**:

**Statement**: Which of the following statements about Fit AP+AC networking is true?

- **Options**:

- A. After a CAPWAP tunnel is established, keepalive packets detect tunnel status.

- **B. A data tunnel and a control tunnel are established between AC and Fit AP.**

- C. Tunnel forwarding reduces AC’s forwarding pressure.

- D. AP version can be upgraded via HTTP.

- **Correct Answer: B**

- **Explanation**: CAPWAP creates **two tunnels** (data + control) for management and traffic.
---

### **Question 21**:

**Statement**: Which route is used for destination 172.16.1.1?

- **Options**:

- **A. OSPF route 172.16.1.0/24 (Preference 10, Cost 200).**

- B. Static route 172.16.0.0/16 (Preference 5).

- C. Static route 172.16.1.0/22 (Preference 80).

- D. Both static routes (equal cost).

- **Correct Answer: A**

- **Explanation**: OSPF’s **longest prefix match (/24)** wins over less specific static routes.

---

### **Question 22**:

**Statement**: Which is not a valid RSTP port role?

- **Options**:

- A. Root port.

- B. Backup port.

- **C. Forwarding port.**

- D. Designated port.

- **Correct Answer: C**

- **Explanation**: "Forwarding" is a **state**, not a role. RSTP roles are Root, Designated,
Alternate, Backup.

---

### **TCP/IP Model Question**:

**Statement**: Layers from bottom to top?

- **Options**:

- A. OSI model (7 layers).

- **C. Physical → Data Link → Network → Transport → Application.**

- D. OSI model reversed.

- **Correct Answer: C**

- **Explanation**: TCP/IP uses 5 layers (simplified).

---

### **Question 24**:

**Statement**: What does `user-interface maximum-vty 7` on Huawei router do?

- **Options**:

- A. Limits serial port logins.

- B. Locks after 7 failed attempts.

- **C. Allows 7 concurrent Telnet/SSH logins.**

- D. Limits console logins.

- **Correct Answer: C**

- **Explanation**: VTY = Virtual Terminal (remote access like Telnet/SSH).

---

### **Question 25**:

**Statement**: Which statement about edge ports is false?

- **Options**:

- A. Edge ports don’t receive BPDUs normally.

- B. Edge port becomes STP port if BPDU received.

- **C. Edge ports take 15s to forward (false).**

- D. Edge ports connect to end devices.

- **Correct Answer: C**

- **Explanation**: Edge ports **skip delays** (immediate forwarding).

---
### **Question 26**:

**Statement**: Which is false about CAPWAP?

- **Options**:

- A. Tunnel forwarding uses CAPWAP.

- B. CAPWAP carries data + management traffic.

- C. CAPWAP maintains AP-AC connectivity.

- **D. CAPWAP is TCP-based (false).**

- **Correct Answer: D**

- **Explanation**: CAPWAP uses **UDP** (not TCP).

---

### **Question 27**:

**Statement**: What’s true about R1’s route to 10.1.34.0/24?

- **Options**:

- A. Only static route exists.

- B. OSPF route with next hop 10.1.12.21.

- C. Both static and OSPF routes exist.

- **D. Only OSPF route exists (next hop 10.1.13.32).**

- **Correct Answer: D**

- **Explanation**: OSPF **overrides static routes** by default (lower AD).

---

### **Question 28**:

**Statement**: Which is false about PPP?

- **Options**:

- **A. PPP has 3 phases (false).**

- B. PAP sends plaintext passwords.

- C. Supports PAP/CHAP.
 - D. LCP negotiates link parameters.

- **Correct Answer: A**

- **Explanation**: PPP has **2 phases** (LCP + NCP).

---

### **Question 29**:

**Statement**: Ethernet frame length range?

- **Options**:

- A. 46–1500 bytes.

- B. 64–1500 bytes.

- C. 46–1518 bytes.

- **D. 64–1518 bytes.**

- **Correct Answer: D**

- **Explanation**: Includes header (14B), payload (46–1500B), FCS (4B).

---

### **Question 30**:

**Statement**: Which is false about Python?

- **Options**:

- **A. // marks comments (false).**

- B. Methods need `self`.

- C. Modules lack `main()`.

- D. Classes group similar objects.

- **Correct Answer: A**

- **Explanation**: `//` is floor division; `#` marks comments.

---
### **Question 31**:

**Statement**: Which is false about NETCONF?

- **Options**:

- A. Supports rollback.

- B. Needs YANG support.

- C. YANG standardizes data.

- **D. Uses JSON/XML (false).**

- **Correct Answer: D**

- **Explanation**: NETCONF uses **XML only**.

---

### **Question 32**:

**Statement**: Which is not a NAT advantage?

- **Options**:

- A. Saves IPv4 addresses.

- B. Enables external access.

- C. Hides internal topology.

- **D. Provides flow control (false).**

- **Correct Answer: D**

- **Explanation**: Flow control requires QoS/firewalls.

---

### **Question 33**:

**Statement**: Which is false about STP BPDUs?

- **Options**:

- A. Configuration BPDU has bridge ID/cost.

- B. Types: Configuration + TCN.

- **C. All switches send BPDUs (false).**

- D. TCN BPDUs signal topology changes.

- **Explanation**: Only the **root switch** sends BPDUs post-stability.

---

### **Question 34**:

**Statement**: DHCP Discover message mode?

- **Options**:

- A. Unicast.

- B. Multicast.

- **C. Broadcast.**

- D. Anycast.

- **Correct Answer: C**

- **Explanation**: Client broadcasts to find DHCP servers.

---

### **Question 35**:

**Statement**: In stable OSPF Ethernet, which is true?

- **Options**:

- **A. Neighbor states are Full or 2-way.**

- B. All neighbors are Full.

- C. DR’s neighbors can be 2-way.

- D. Some routers stay 2-way.

- **Correct Answer: A**

- **Explanation**:

- **Full**: DR/BDR ↔ Others.

- **2-way**: Non-DR/BDR peers.