Here you have the best Huawei H12-211 practice exam questions
An administrator currently manages AR2200 devices in the network through a single password, however the company wishes to introduce another two administrators and provide unique user credentials and privilege levels for telnet access to the network devices.
What action can be taken? (Choose three)
To introduce additional administrators with unique credentials and privilege levels, three actions must be taken: first, configure three users under the AAA-view, each with a different password, to ensure individual authentication; second, change the authentication mode to AAA to leverage AAA's flexibility in managing multiple user credentials and permissions; and third, assign each administrator a privilege level to control access permissions based on their role. Assigning a public IP address to each user is unnecessary for telnet access.
Refer to the configuration output. RTA has been configured using AAA as shown, and associated with the "huawei" domain. For users in the huawei domain, which authentication-scheme will be used?
The configuration indicates the use of two authentication schemes, 'au1' and 'au2'. When configuring AAA in Huawei devices, the most recently specified authentication scheme will be the one applied. In the provided configuration, 'au2' is specified after 'au1', making 'au2' the active authentication scheme. Therefore, for users in the 'huawei' domain, the 'au2' authentication scheme will be used.
What of the following statements is correct regarding access control list types and ranges?
A layer 2 ACL value ranges from 4000-4999. This range is designated for Layer 2 access control lists, which operate on the data link layer of the OSI model, dealing with MAC addresses and such. This classification helps in managing network traffic and permissions based on Layer 2 addresses.
Which of the following parameters is not used by Advanced ACL?
Advanced ACLs (Access Control Lists) typically do not use the 'Source interface' as a parameter. Instead, they commonly include criteria such as the destination port number, protocol number, and time-range to create more precise and detailed traffic filtering rules. The 'Source interface' is not a parameter that is configurable within Advanced ACLs.
Refer to the configuration output. Which of the following statements regarding ACL 2001 is correct?
The correct answer is that packets from network 10.0.1.0/24 will be denied. The configuration output shows that there are two rules in ACL 2001. The first rule permits traffic from the network 10.0.1.0/24, but the second rule explicitly denies traffic from the same network. In an ACL, the rules are processed in order from top to bottom. Since the second rule denies the traffic, it takes precedence over the first rule allowing it. Therefore, packets from the network 10.0.1.0/24 will ultimately be denied.