H12-211 Dumps - Here's What Huawei Certified Say about It 
                     Hua wei
H12-21 1
Huawei Network Technology and Device (HCDA-HNTD)
https://www.exam4help.com/huaw ei/h12-211-dumps.html
 
Question: 1 
   
An administrator currently manages AR2200 devices in the network through a single password, however 
the company wishes to introduce another two administrators and provide unique user credentials and 
privilege levels for telnet access to the network devices. What action can be taken? (Choose three) 
 
A. Configure three users under the AAA-view, and assign each a different password. 
B. The authentication mode must be changed to AAA. 
C. Each administrator must be assigned a privilege level. 
D. A public IP address must be assigned to each user for telnet access 
 
Answer: A, B, C     
 
Question: 2 
   
Which of the following authentication methods are supported for Telnet users? (Choose three) 
 
A. Password authentication 
B. AAA local authentication 
C. MD5 authentication 
D. No authentication 
 
Answer: A, B, D     
 
Question: 3 
   
Which authentication modes does AAA support? (Choose three). 
 
A. None 
B. Local 
C. Radius 
D. 802.1X 
 
Answer: A, B, C     
 
Question: 4 
   
[RTA]aaa 
[RTA-aaa]domain huawei 
[RTA-aaa-domain-huawei]authentication-scheme au1 
 
[RTA-aaa-domain-huawei]authentication-scheme au2 
Refer to the configuration output. RTA has been configured using AAA as shown, and associated with 
the “huawei” domain. For users in the huawei domain, which authentication-scheme will be used 
 
A. au1 
B. au2 
C. au1 will be used. When au1 is deleted, users will use au2 
D. au2 will be used. When au2 is deleted, users will use au1 
 
Answer: B     
 
Question: 5 
   
A user accesses a server supporting AAA, for which the authorization mode on the AAA server has been 
configured using the command “authorization-mode hwtacacs if-authenticated”. Which of the following 
statements regarding this command are true? (Choose three). 
 
A. If the hwtacacs server fails to respond, the user will be authenticated using local authentication. 
B. If the hwtacacs server fails to respond, the user will be authenticated using remote authentication. 
C. If the hwtacacs server fails to respond, the user will bypass authentication. 
D. The hwtacacs server will authorize the user. 
 
Answer: A, B, D     
 
Question: 6 
   
Which of the following descriptions regarding eSight is not correct? 
 
A. eSight is used to monitor and manage enterprise networks. 
B. eSight supports only Huawei devices 
C. eSight supports WLAN management and monitoring of hotspot coverage. 
D. eSight supports the backup of configuration files and network traffic analysis. 
 
Answer: B     
 
Question: 7 
   
What of the following statements is correct regarding access control list types and ranges? 
 
A. A basic ACL value ranges from 1000-2999 
B. An advanced ACL value ranges from 3000-4000 
C. A layer 2 ACL value ranges from 4000-4999 
 
D. An interface ACL value ranges 1000-2000 
 
Answer: C     
 
Question: 8 
   
Which of the following parameters is not used by Advanced ACL? 
 
A. Source interface 
B. Destination port number 
C. Protocol number 
D. Time-range 
 
Answer: A     
 
Question: 9 
   
[RTA]acl 2001 
[RTA-acl-basic-2001]rule permit source 10.0.1.0 0.0.0.255 
[RTA-acl-basic-2001]rule deny source 10.0.1.0 0.0.0.255 
Refer to the configuration output. Which of the following statements regarding ACL 2001 is correct? 
 
A. Packets from network 10.0.1.0/24 network will be denied. 
B. Packets from network 10.0.1.0/24 network will be permitted. 
C. Packets destined for network 10.0.1.0/24 will be denied. 
D. Packets destined for network 10.0.1.0/24 will be permitted. 
 
Answer: B     
 
Question: 10 
   
[RTA]acl 2002 
[RTA-acl-basic-2002]rule permit source 20.1.1.1 0 
[RTA-acl-basic-2002]rule permit source 30.1.1.1 0 
Refer to the configuration output. A network administrator configured the ACL on router RTA, as shown. 
Which of the following statements regarding the rule order are correct? (Choose two). 
 
A. The rule-number of the first rule is 1 
B. The rule-number of the first rule is 5 
C. The rule-number of the second rule is 2 
D. The rule-number of the second rule is 10 
 
 
Answer: B, D     
 
Question: 11 
   
Refer to the graphic. The network administrator has configured ACL 2000 to filter packets on RTA, as 
shown. 
Which of following statements regarding the subsequent behavior are correct? (Choose two). 
 
A. RTA will forward packets received from Host A. 
B. RTA will drop packets received from Host A. 
C. RTA will forward packets received from Host B. 
D. RTA will drop packets received from Host B. 
 
Answer: B, C     
 
Question: 12 
   
Refer to the graphic. The network administrator wishes to deny Host A access to the HTTP server but 
allow access to all other servers. Which of the following ACL rules will achieve this? 
 
A. Rule deny tcp source 10.1.1.1 0 destination 202.100.1.12 0.0.0.0 destination-port eq 21 
B. Rule deny tcp source 10.1.1.1 0 destination 202.100.1.12 0.0.0.0 destination-port eq 80 
C. Rule deny udp source 10.1.1.1 0 destination 202.100.1.12 0.0.0.0 destination-port eq 21 
D. Rule deny udp source 10.1.1.1 0 destination 202.100.1.12 0.0.0.0 destination-port eq 80 
 
Answer: B     
 
Question: 13 
   
Following a failure of services in the network, an administrator discovered that the configuration in one 
of the enterprise routers had been changed. What actions can be taken by the administrator to prevent 
further changes? (Choose three) 
 
A. The administrator should limit access by setting the login privilege of users to 0. 
B. The administrator should configure AAA to manage user authorization on the router. 
C. The administrator should configure an ACL to allow only the administrator to manage the router. 
D. The administrator should configure port-security on the router 
 
Answer: A, B, C     
 
https://www.exam4help.com/huawei/h12-211-dumps.html