Questions
ayuda
option
My Daypo

ERASED TEST, YOU MAY BE INTERESTED ONHPE6-A70_ACMA(By.Kwon)

COMMENTS STATISTICS RECORDS
TAKE THE TEST
Title of test:
HPE6-A70_ACMA(By.Kwon)

Description:
HPE 시험

Author:
Kwon
(Other tests from this author)

Creation Date:
09/03/2023

Category:
Others

Number of questions: 118
Share the Test:
Facebook
Twitter
Whatsapp
Share the Test:
Facebook
Twitter
Whatsapp
Last comments
No comments about this test.
Content:
A network administrator creates the role employees and adds this rule to it: user any any permit The first several wireless clients assigned to the employees role are assigned IP addresses in the 10.10.10.0/24 subnet. Several other wireless clients with the employees role are then assigned IP addresses in the 10.10.20.0/24. When the Aruba firewall matches traffic from these clients to the user any any permit rule, what does it do? A. It permits traffic from wireless clients in both the 10.10.10.0/24 and 10.10.20.0/24 subnet as long as the packet has a source IP. B. It permits the traffic from wireless clients in the 10.10.20.0/24 subnet, but drops the traffic from wireless clients in the 10.10.10.0/24 subnet. C. It drops traffic from wireless clients in both the 10.10.10.0/24 and 10.10.20.0/24 subnet. D. It permits the traffic from wireless clients in the 10.10.10.0/24 subnet, but drops the traffic from wireless clients in the 10.10.20.0/24 subnet.
A company has many 7220 controllers in its Aruba wireless architecture. A network administrator wants to use the Traffic Analysis dashboard in order to monitor which type of applications are being used by wireless users. What is required for this implementation? A. AirMatch and ClientMatch must be enabled. B. The solution must have active PEFNG licenses. C. WLANs must use the decrypt-tunnel forwarding option. D. Firewall policies must include application filtering rules.
A network administrator configures an Aruba Mobility Master (MM)-based solution to provide wireless access to employees. The solution must meet these criteria: ✑ Authenticate users to a network RADIUS server ✑ Enforce different Aruba firewall rules based on the user department How can the administrator meet these criteria in the simplest way? A. Create a different WLAN and SSID for each department. Apply different firewall policies to each WLAN. B. Have the RADIUS server send different roles for users in different departments. Apply role-based firewall policies. C. Create multiple zones on the MM. Assign different departments are sets of firewall policies to different zones. D. Have the RADIUS server assign users in different departments to different VLANs. Apply firewall policies based on IP ranges.
A network administrator configures this policy: ip access-list user any svc-dhcp permit user any network 10.0.0.0 255.0.0.0 deny user any any permit Users to which this policy apply are unable to receive IP addresses with DHCP. How should the administrator fix the issue? A. Move the user any svc-dhcp permit rule to the bottom of the list. B. Remove the deny rule from the policy. C. Use the correct service alias in the user any svc-dhcp permit rule. D. Change user to any in the user any svc-dhcp permit rule.
An Aruba solution runs ArubaOS 8 and uses a mobility master architecture. Which feature can network administrators use to balance wireless across APs on different channels? A. AppRF B. ARM C. Client Match D. AirMatch.
What is the difference between how a network administrator can monitor clients in the Mobility (MM) interface and in the AirWave Management Platform? A. AirWave shows trends for the past several minutes, while MM shows longer trends. B. AirWave combines information from more sources, such as RADIUS authenticating servers and APs. C. AirWave shows the current signal level for the client connection, while MM does not show RF statistics. D. MM shows user and role information associated with clients, while AirWave does not.
An AP operates on channel 6. Which device causes the most significant and consistent interference with the signal? A. cellular phone B. AP operating on channel 11 C. wireless security camera operating on channel 8 D. weather radar.
What is a reason for a company to choose to deploy an Aruba 7024 Mobility Controller (MC) rather than an Aruba 7010 MC? A. to support a faster firewall throughput rate B. to support 802.11ac APs rather than only 802.11n APs C. to support more wireless users D. to support more POE devices directly connected to the MC.
Refer to the exhibit. The exhibit shows output from a Mobility Master (MM) dashboard. What is a valid reason for the administrator to click the akamai square under applications? A. to see the break down for only the roles, destinations, WLANs, and devices that use this application B. to download a report about the usage of this application over time C. to create filter rules in order to control wireless user access to this application D. to set up bandwidth rule in order to control wireless user access to this application.
A company has an Aruba solution that supports an employee WLAN. How can network administrators control in which subnets user receive IP addresses? A. Assign switch ports connected to APs to VLANs associated with the desired subnets. B. Set the VLANs associated with desired subnets in the WLAN settings. C. Configure firewall policies that permit the desired subnet, and add them to the initial role for the WLAN. D. In the WLAN settings, configure User role rules with the desired subnet addresses as match criteria.
A network manager wants to implement an Aruba wireless solution that accommodates 802.1X with EAP-TLS. All wireless users will utilize Active Directory (AD) accounts to authenticate. Which device will the authenticator forward the authentication requests to in this type of solution? A. Mobility Master (MM) B. Mobility Controller (MC) C. RADIUS server D. APs.
A company wants to provide wireless access for guests with their Aruba solution. Which configuration feature requires the customer to purchase PEFNG licenses? A. redirection of guests to an external captive portal B. customization of the internal captive portal login page C. addition of custom rules to control access for authenticated guests D. provision of DHCP services to unauthenticated guests.
What does an Aruba Mobility Master (MM) do before it deploys a configuration to a Mobility Controller (MC)? A. It synchronizes the configuration with templates on Aruba AirWave. B. It removes any commands that are not supported on that MC or have dependency errors. C. It obtains the current configuration, encrypts it, and backs it up to a secure archive. D. It encrypts the configuration to be deployed and backs it up to a secure archive.
Refer to the exhibit. Which role must AP 1 play? A. Remote AP (RAP) B. Mesh Portal AP C. Instant AP (IAP) D. Mesh Point AP.
A company has an Aruba solution. The company wants to host a guest login portal with this solution, and the login portal must give guests the option to create their own login accounts. How can a network administrator help meet these criteria? A. Choose the Internal captive portal with email registration option for the guest WLAN. B. Choose ClearPass or the other external captive portal option for the guest WLAN. C. Make sure to create a guest provisioning account for the guest WLAN. D. Disable authentication in the captive portal profile for the guest WLAN.
How can network administrators upgrade AirMatch on an Aruba Mobility Master (MM)? A. Upgrade Client Match as part of a global software upgrade, and upgrade AirMatch separately as a loadable service module (LSM). B. Upgrade Client Match and AirMatch separately as loadable service modules (LSMs). C. Upgrade AirMatch and Client Match through a global software upgrade. D. Upgrade AirMatch as part of a global software upgrade, and upgrade Client Match separately as a loadable service module (LSM).
How does WPA2 protect wireless user traffic in the air? A. It provides both data integrity and privacy with AES. B. It provides data integrity with TKIP and data privacy with AES. C. It provides data privacy with TKIP and no data integrity. D. It provides data integrity with AES and no data privacy.
Which settings can a Mobility Master (MM) deploy to Mobility Controllers (MCs) but master controllers CANNOT deploy to local controllers? A. radio profiles B. WLAN settings C. Interface settings D. AAA profiles.
A company has an Aruba Mobility Master (MM)-based solution and needs a new WLAN for the corporate campus. A network administrator completes the creation of this WLAN, as shown in Exhibit 1. When the administrator tries to test a connection to the WLAN in various locations, the WLAN sometimes shows up in the list of WLANs on the client but sometimes does not. The administrator can see the WLAN in the list, as shown in Exhibit 2. What is the error? A. The WLAN is configured at a lower level in the Managed Network hierarchy. B. The configuration is not deployed to the Mobility Controller (MC). C. The Mobility Master (MM) does not have an active PEFNG license. D. The WLAN is configured as a hidden SSID.
A company has an Aruba Mobility Master (MM)-based solution. Where can a network administrator look to find a list of alerts about a variety of issues on the MM or managed devices? A. the top banner B. the MM Maintenance pages C. the Performance dashboard D. the Potential issues dashboard.
A company has a Mobility Master (MM)-based solution. A network administrator wants to monitor the types of applications in use in the wireless network. Which dashboard page in the MM interface should the administrator visit? A. Performance B. Network C. Traffic Analysis D. Security.
What is one difference between captive portal authentication and 802.1X authentication? A. 802.1X authentication always authenticates the wireless client, while captive portal authentication always authenticates the wireless user. B. 802.1X authentication is typically implemented without encryption, while captive authentication is often combined with WPA or WPA2. C. 802.1X authentication occurs at Layer 2, while captive portal authentication occurs at Layer 3. D. 802.1X authentication must use an LDAP server, while captive portal authentication can use a RADIUS server or an LDAP server.
Refer to the exhibit. A network administrator needs to specify a RADIUS server for an employee WLAN on an Aruba solution. What must the administrator enter in the Shared key field? A. the password defined for authorized wireless clients on the RADIUS server and also distributed to authorized wireless clients B. the password defined as the preshared key for the WLAN on the Mobility Master (MM) and on authorized wireless clients C. the password configured in a user account with administrative rights on the RADIUS server D. the password configured for RADIUS clients on the RADIUS server.
A company has a Mobility Master (MM)-based solution with a guest WLAN. Users can connect to the WLAN, but they receive the error shown in the Exhibit 1 then they open their browser rather than see login page. Exhibit 2 shows the status for one of the guest clients. What is one issue that could cause the errors described? A. The firewall blocks DHCP traffic between the guest clients and the DHCP server. B. The Captive Portal is not enabled for the role to which these clients are assigned. C. The DHCP pool for guests does not assign users a DNS server address. D. The MM and Mobility Controllers (MCs) have invalid certificates.
How can network administrator provide high availability for APs deployed in an Aruba Mobility Master (MM)-based architecture? A. Deploy all licenses locally to APs, so that they can continue to function if they lose contact with their controller. B. Configure APs to convert to controller-less Instant AP mode during controller failure. C. Establish clusters of Mobility Controllers (MCs). D. Configure MM to provide backup AP tunnel termination in case of controller failure.
A network administrator monitors an Aruba Mobility Controller with Aruba Mobility Controller with Aruba AirWave and sees the configuration status is Error. What should the administrator conclude? A. AirWave has a communication issue with the controller and cannot check the configuration. B. AirWave detects a mismatch with the controller configuration and software version. C. AirWave determines that the controller configuration does not match the template for its group. D. AirWave checks the controller configuration and detects a syntax error.
An Aruba Remote AP (RAP) operates in split-tunnel mode. How does the AP forward traffic? A. It sends all user traffic in a GRE tunnel to a central Mobility Controller (MC), and it sends control traffic in an IPsec tunnel to the controller. B. It sends user and control traffic in two separate IPsec tunnels to the Mobility Controller (MC). C. It sends all employee and control traffic in a GRE tunnel to a central Mobility Controller (MC), and it bridges all guest traffic locally. D. It sends traffic designed to the corporate network in an IPsec tunnel to a central Mobility Controller (MC), and it bridges other traffic locally.
Refer to the exhibit. Network administrators need to set up a WLAN that uses WPA2 encryption and authenticates users with a preshared key (PSK) that is the same for all users. Administrators do not see where they should specify the option for the preshared key. What should the administrator do? A. Click the + icon in the Authentication server section. B. Return to the first page in the wizard, and select the guest option. C. Click Personal in the side bar. D. Configure an L3 authentication profile after the WLAN wizard is complete.
A company has an Aruba Mobility Master (MM)-based solution and needs a new WLAN for the corporate campus. A network administrator completes the creation of this WLAN, as shown in Exhibit 1. When administrators try to test a connection to the WLAN, the WLAN does not show up in the list of WLANs on the client. The administrator can see the WLAN in the list, as shown in Exhibit 2. What is the error? A. The configuration is not deployed. B. The WLAN is configured at a lower level in the Managed Network hierarchy. C. The Mobility Master (MM) does not have an active PEFNG license. D. The WLAN is configured as a hidden SSID.
What describes the behavior for this WLAN? A. No APs broadcast the SSID. Clients cannot connect to the WLAN until administrators activate it. B. APs in the default group broadcast the SSID. Clients can connect to the WLAN on APs in any group. C. No APs broadcast the SSID. Clients can connect to the WLAN on APs in the default group only. D. APs in the default group broadcast the SSID. Clients can connect to the WLAN on APs in the default group only.
A company has an Aruba solution. The company wants to support a guest WLAN with the internal captive portal, but the company also wants to develop their own custom portal pages. What correctly describes the level of customization that the internal captive portal supports? A. The internal captive portal must use the default pages without modification, but administrators can upload pages developed externally. B. The internal captive portal must use the default pages without modification, and administrators cannot upload pages developed externally. C. Administrators can modify the default internal captive portal pages, but cannot upload pages developed externally. D. Administrators can modify the default internal captive portal pages or upload pages developed externally.
Refer to the exhibit. Based on the exhibit, what is the maximum number of APs that this Mobility Master (MM) solution can support? A. 0 B. 1 C. 32 D. 500.
What is a key difference between an Aruba Air Monitor (AM) and an Aruba Spectrum Analyzer (SA)? A. An AM detects threats such as rogue APs, while an SA analyzes RF conditions. B. An AM detects rogue APs and provides data services to clients, while an SA only detects rogue APs. C. An AM scans on only one 802.11 frequency band, while an SA scans on both 802.11 frequency bands. D. An AM both detects wireless intrusion attempts and mitigates them, while an SA only detects wireless intrusion attempts.
For which use should network administrators set up Aruba access points (APs) as multi-zone APs? A. The company requires high availability for its wireless services, and APs must be able to be controlled by more than once Mobility Controller (MC) in case a controller fails. B. The company has multiple small offices where APs at each branch office must forward internet traffic locally and corporate traffic over a secure tunnel to a centralized Mobility Controller (MC). C. The company has some devices that support both 5GHz and 2.4 GHz, and the APs must operate in both frequency bands. D. The company has a Mobility Manager (MM)-based solution that requires APs to terminate to multiple controllers that reside in different administrative domains.
Assume that administrators accept the default forwarding mode for WLANs. How does wireless user traffic flow in a master-local architecture, and how does it flow in a Mobility Master (MM) architecture? A. In the master-local architecture, traffic is tunneled to a local Mobility Controller (MC) to handle. In a MM architecture, all traffic is tunneled to the MM to handle. B. In the master-local architecture, all traffic is tunneled to the master controller to handle. In a MM architecture, all traffic is tunneled to the MM to handle. C. In both architectures, traffic is tunneled to a Mobility Controller (MC) to handle. D. In both architectures, APs forward corporate user traffic locally and tunnel guest user traffic to a Mobility Controller (MC) to handle.
A WLAN in an Aruba Mobility Master (MM)-based solution uses WPA2-Enterprise security. This WLAN currently authenticates users to Active Directory (AD), and users log in with their Windows domain credentials. Network administrators now want to authenticate the Windows clients as well, based on the client Computer Names. What should the administrator do on MM to achieve this goal? A. Set up MAC Authentication on the WLAN. B. Set up Machine Authentication on the WLAN. C. Import the computer names from AD to the MM internal database. D. Bind individual Mobility Controllers (MCs) to AD at the device level.
A company has an Aruba Mobility Master (MM)-based solution that runs ArubaOS 8 and uses the default AirMatch and Client Match settings. The ARM profile has been disabled for 5GHz radios. How are channel and transmit power settings managed for these radios? A. with AirMatch B. with Rule Based Client Match C. with legacy ARM D. with legacy Client Match.
A customer has a large campus that requires 400 Aruba 335 APs to support a total of 10,000 wireless users and 12Gbps of traffic. Although the customer wants two controllers for redundancy, each controller must be able to support all of the APs and users on its own. Which Aruba Mobility Controller models meet the customer requirements and DO NOT unnecessarily exceed them? A. Aruba 7030 controllers B. Aruba 7024 controllers C. Aruba 7240 controllers D. Aruba 7210 controllers.
Refer to the exhibit. The exhibit shows the AAA profile for a WLAN on an Aruba solution. This WLAN uses 802.1X authenticate users to a RADIUS server. A user successfully authenticates with 802.1X, but the RADIUS server does not send a role assignment. How does the Aruba firewall handle the role assignment for this user? A. It does not assign a role. B. It applies the Aruba VSA role, employee. C. It assigns the logon role. D. It assigns the authenticated role.
A company currently uses Instant APs (IAPs), all managed by a virtual controller. The company expects to double in size within the next 18 months. The network manager wants to purchase additional APs to service the increased traffic load. The network manager also wants to deploy a Mobility Controller (MC) to manage all APs. How should the network administrator adapt the current IAPs to a controlled architecture? A. Configure the IAPS to establish CPSec tunnels to the new MCs. B. Configure the IAPS to Campus APs, controlled by the new MCs. C. Manage both the MCs and IAP clusters with Aruba Central. D. Manage both the MCs and IAP clusters with a Mobility Master (MM).
How does a high-gain omni-directional antenna compare to a typical omni-directional antenna? A. it provides more coverage in both the horizontal and vertical directions. B. it provides more single-user spatial streams. C. it provides more coverage in the horizontal direction than in the vertical direction. D. it provides more multi-user spatial streams.
Which IEEE standard provides the highest transmission rates in the 2.4GHz frequency band? A. 802.11a B. 802.11ac C. 802.11g D. 802.11n.
A network administrator wants to assign an authentication server group to the WPA2-Enterprise WLAN. Which profile should the administrator modify? A. Virtual AP B. SSID C. AAA D. L2 Authentication.
What is one reason for a network administrator to visit the Dashboard > Usage window on an Aruba Mobility Master (MM)? A. to check license usage and determine the need for additional licenses B. to generate reports about traffic patterns and network usage over the past several months C. to view system usage statistics for the MM and troubleshoot potential issues D. to analyze short term trends in network usage by client, AP, and application.
Refer to the exhibit. A network administrator sets up the Exam_Employees WLAN on an Aruba solution with a default role of guest, as shown in the exhibit. To which users does the guest role apply? A. users who have connected to the SSID, but have not yet attempted authentication B. users who successfully authenticate and are assigned to the default role by the RADIUS server C. users who successfully authenticate and are not assigned a different role by the RADIUS server D. users who fall authentication.
A network administrator creates an employee WLAN on an Aruba solution that uses WLAN WPA2-Enterprise security and an external RADIUS server. When the administrator tests the WLAN, the test client receives limited connectivity and cannot access any resources, but the RADIUS server shows that the user authenticated successfully. What should the administrator check as a possible source of this issue? A. the certificate on the RADIUS server B. the connectivity between the AP that the client is associated to and the MC C. the firewall role and policy that apply to this user D. the connectivity between the Master Controller (MC) for the client and the RADIUS server.
A network administrator examines a list of 2.4GHz clients with low performance in the Mobility Master (MM) dashboard. Which property should pose a concern as a potential performance issue? A. Radio PHY of HT 20MHz B. Goodput data rate of 12Mbps C. Max speed of 72Mbps D. Usage of 10 MB.
An Aruba Mobility Master (MM)-based solution has a WLAN that uses WPA2-Enterprise security. A test login on a wireless client fails. How can a network administrator determine whether the RADIUS server rejected the credentials or another issue occurred? A. Use the tools in the MM Dashboard > Security window. B. Use the MC AAA Server Test Diagnostic tool. C. Ping the IP address configured as the RADIUS server. D. View Technical Support information for the MM.
A company plans to deploy a Mobility Master (MM) solution with two MM nodes. The MM solution will manage 10 Mobility Controller (MC) appliance that will control a total of 400 APs. How should the network administrator install the AP licenses? A. 40 AP licenses on the MM and no licenses on the MC B. 400 AP licenses on the MM and no licenses on the MC C. 800 AP licenses on each MC and no licenses on the MM D. 800 AP licenses on the MM and 40 AP licenses on each MC.
A company has an Aruba Mobility Master (MM)-based solution. Under which circumstance will an AP radio change channel without the use of the Mobility Master (MM)? A. when the MM detects that a different channel has significant better quality B. when the AP detects a large amount of interference on its channel C. when the Mobility Controller (MC) detects a rogue AP on the channel D. when the Client Match rules indicate that nearby clients do not support the current channel.
Refer to the exhibits. Exhibit 1 - A network administrator creates a guest WLAN on an Aruba Mobility Manager (MM). The exhibits show some of the settings for the WLAN. The administrator does not change the policies for those roles. How does the firewall control guest clients when they first connect to the WLAN? A. It permits them to send any DHCP traffic and DNS and web traffic to the Internet. It redirects web traffic destined to the private network to a login portal. B. It does not permit them to send any traffic until they are authenticated. C. It permits them to send any DHCP and DNS traffic, and it redirects all web traffic to a login portal. D. It permits them to send any DHCP and RADIUS traffic. It redirects all web traffic destined to the Internet to a login portal and drops web traffic destined to the private network.
Which Aruba controller supports a maximum of 512 APs? A. Aruba 7210 B. Aruba 7240 C. Aruba 7010 D. Aruba 7030.
A Mobility Controller (MC) runs ArubaOS 8. What is a valid reason for an administrator to set the MC to master-local mode? A. The company needs to manage third-party network infrastructure devices with the use of the master controller interface. B. The company already has a partially hierarchical deployment based on the 6.x code and wants to keep the current architecture. C. The company requires a centralized licensing architecture that provides global license pools. D. The company wants a deployment architecture that allows administrators to configure all MC settings from a single location.
A company has a Mobility Master (MM)-based solution. There is a hardware issue with the MM appliance, and, as result, all connectivity is lost between the appliance and the network. The network manager is concerned about how this will impact licensing. How will the Mobility Controller (MC) be affected? A. The MC maintains its current licenses for 30 days. B. The MC loses all licenses and cannot support APs or clients. C. The MC contacts Aruba Activate and uses the licensing limits defined there. D. The MC maintains only licenses that have been locally installed on it.
What is an example of Layer 2 wireless threat that a wireless intrusion detection system (WIDS) should detect? A. spyware B. RF jamming C. Bluetooth interference D. 802.11 association floods.
A company has an Aruba Mobility Master (MM)-based solution. A network administrator wants to collect and analyze information about clients and access points (APs) over extended periods of time. What should the administrator do to achieve this goal? A. Run a Traffic Analysis report on the MM. B. Add Aruba AirWave to the solution. C. Enable archival from the MM interface Maintenance windows. D. Make sure that MM has sufficient AppRF licenses.
A company deploys an Aruba wireless solution for the first time. In which deployment is clustering supported? A. deployment as Mobility Masters (MMs) B. deployment in 7000 Series standalone mode C. deployment as a standalone VMC D. deployment in master-local mode.
Refer to the exhibits. Exhibit 1 - Exhibit 2 - A company has an Aruba solution. Client 1 is assigned to the users1 role, and Client 2 is assigned to the users2 role. The exhibits show current firewall rules for those roles. The network1 alias used to be 10.1.1.0/24, but the network administrator now changes the network1 alias to 172.16.1.0/24. Client 1 and Client 2 both then send a packet destined to 172.16.1.10. How does the firewall handle these packets? A. It denies both packets. B. It denies the packet from Client 1 and permits the packet from Client 2. C. It permits both packets. D. It permits the packet from Client 1 and denies the packet from Client 2.
Which task can an Aruba Spectrum Monitor (SM) perform? A. Prevent client connections to rogue APs. B. Analyze RF signals to determine the cause of non-802.11 interference. C. Optimize RF through the AP channel and transmit power plans. D. Analyze wireless traffic patterns at the application level.
A company has an Aruba solution with a guest WLAN named exam_guest. A network administrator creates the guest WLAN with the wizard and does not change any of the default roles. The authentication server does not send particular role assignments for authorized users. The company wants to deny guests access to specific IP ranges after the guest authenticate. For which role should the administrator create the rule to deny this traffic? A. guest B. authorized C. exam_guest-guest-logon D. guest-logon.
Network administrators use the Aruba Mobility Master (MM) wizard to create a WLAN and do not manually alter any of the profiles for that WLAN. The exhibits show some of the settings for the WLAN. Some wireless users cannot successfully connect to the WLAN. Network administrators attempt to connect on their own machines with a test account, and the connection is successful. They attempt to connect with the same account on user clients, and the connection fails. Which issue could prevent authentication from completing correctly? A. The user clients have unauthorized MAC addresses, so the RADIUS server rejects the authentication even though the username and password are correct. B. The user clients do not trust the RADIUS server certificate and are configured not to prompt users to trust new certificates. C. Some access points (APs) are not configured as clients on the RADIUS server, so user clients connected to them cannot authenticate. D. The RADIUS server has reached the maximum number of RADIUS clients that it can support, so it rejects new wireless clients.
An Aruba solution has a WLAN that uses WPA2-Enterprise security. How are encryption keys dynamically managed for the wireless users? A. The MM generates and distributes keys to clients and access points (APs). B. Administrators configure identical key strings on the Mobility Controllers (MCs) and wireless client 802.1X settings. C. Keys are generated and distributed securely during each wireless user authentication process. D. Keys are derived from the preshared key configured on the WLAN and on each wireless client.
Which authentication server option would the network administrator choose to authenticate a wireless user directly against an Active Directory (AD) domain controller without NPS or IAS? A. LDAP server B. RFC 3576 server C. TACACS server D. RADIUS server.
A network administrator creates a guest WLAN on an Aruba Mobility Master (MM). The exhibit shows some of the settings for the WLAN. How should the network administrator handle the Auth server settings? A. Add an authentication server with the LDAP type and the IP address of the company AD server. B. Add an authentication server with the LDAP type and IP address 10.10.10.10. C. Add an authentication server with the RADIUS type and IP address 10.10.10.10. D. Add an authentication server with the RADIUS type and the IP address of the company AD server.
A company has an Aruba Mobility Master (MM)-based solution with a WLAN that assigns users to VLANs 10–19. The company wants the Aruba solution to act at Layer 3 to route wireless user traffic. What must network administrators configure to permit the solution to forward traffic correctly? A. VLAN 10–19 interfaces and proper IP settings on the MM nodes B. trunk ports that support VLANs 10–19 on the managed Mobility Controllers (MCs) C. VLAN 10–19 interfaces on the Mobility Controllers (MCs) as the default gateway for wireless users D. trunk ports that support VLANs 10-19 on the MM nodes.
A company has a Mobility Master (MM)-based solution with an employee WLAN Several users report that they can connect to the WLAN, but they cannot access all of the resources that they should. Where should the network administrator look in the MM interface to find the roles to which these users are actually assigned? A. Configuration > Policies & Roles B. Dashboard > Security C. Dashboard >Clients D. Configuration >WlANs > Profiles > AAA Profile.
What is required for a WLAN that uses WPA2-Enterprise security? A. a Web server to host a login porta B. a shared password to secure access to the WLAN C. RADIUS server or servers D. a policy to allow unauthenticated users to receive RADIUS.
An Aruba solution runs ArubaOS 8 and uses a standalone controller architecture. Which feature can administrators use to optimize the channel and power plan for the APs? A. ARM B. Rule Based Client Match C. AirMatch D. AppRF.
Refer to the exhibits. An Aruba solution supports a WLAN that uses WPA2-Enterprise security. Exhibit 1 shows the AAA policy for the WLAN. Users are supposed to be assigned to different roles after authentication. Network administrators test a connection with the employee user account. Exhibit 2 shows the status for the client after this test. What is a possible reason for the issue shown in Exhibit 2? A. The shared key configured for the ClearPass server is incorrect. B. The RADIUS server is not correctly set up to send a user role for the employee account. C. MAC authentication is enabled on the WLAN, and the test device does not have an authorized address D. The administrators entered the wrong password for the employee account.
A company has a Mobility Master (MM) solution that manages Mobility Controllers (MCs) in several groups. The company has several WebCC licenses and wants to reserve these licenses for MCs in the Sunnyvale group only. How can a network administrator achieve this goal? A. Associate the MAC addresses for the Sunnyvale MCs with the licenses when they are generated. B. Make sure to be at the Managed Network > Sunnyvale level in the MM Interface when the licenses are installed. C. Install the licenses on the MM, and allocate them to a dedicated local pool for the Sunnyvale group. D. Install the licenses directly on the MCs in the Sunnyvale group, and activate the licneses locally.
What is a role fulfilled by an Aruba Mobility Master (MM)? It forwards and routes traffic for wireless users across multiple sites. It terminates control tunnels for Aruba APs. It provides an advanced Web portal for onboarding Bring Your Own Device (BYOD) devices. It manages VLAN and routing configuration for multiple Mobility Controllers (MCs).
Refer to the exhibit. A company has a Mobility Master (MM)-based solution with a guest WLAN. During the captive portal redirection, users who access a non-HTTPS Website see the error shown in the exhibit. How can a network administrator prevent this error? A. Enable automatic CPSec certificate deployment. B. Replace the default Mobility Master certificate with a certificate that has the correct hostname. C. Replace the default server certificate for mobility controllers with a certificate signed by a trusted CA. D. Reconfigure the guest WLAN to use EAP methods that rely on passwords rather than certificates.
An Aruba solution has a WLAN that uses WPA2-Personal security. How are encryption keys dynamically managed for the wireless users? A. The MM generates and distributes keys to clients and access points (APs). B. Administrators configure identical key strings on the Mobility Controllers (MCs) and wireless client 802.1X settings. C. Keys are generated and distributed securely during each wireless user authentication process. D. Keys are derived from the preshared key configured on the WLAN and on each wireless client.
What is one setting that a network administrator can configure for user roles in an Aruba solution? A. DHCP pool B. ClientMatch rules C. source NAT D. Maximum session.
What is one networking setting that a network administrator can configure for roles in an Aruba solution? A. DHCP pool B. ClientMatch rules C. source NAT D. bandwidth limit.
What is an advantage for a network administrator to use AirWave over a Mobility Master (MM)? A. ability to gather and analyze historical user data, and monitor client association and network usage trends B. scans wireless client settings and brings those settings in compliance with corporate security policies. C. ability to monitor and manage a Mobility Controller (MC) to configure the WLAN D. provides realtime firewall hits for client network troubleshooting.
A company has an Aruba solution that is monitored by AirWave. Several users have recurring connectivity and performance issues with their wireless clients. How can network administrators use AirWave to minitor these clients more easily? A. Specify the clients as Watched Cliesnts and view the tables and graphs for these clients. B. Click the Down icon in the Airwave banner to quickly see a list of issues with client connections. C. Use the Client > Tags windows to tag the client for periodic checks and analysis. D. Run Device Summary reports and filter for the client MAC addresses within the report.
If the decrypt-tunnel forwarding mode is selected in an employee WLAN, where is the user traffic decrypted? A. at the switch B. at the AP C. at the controller D. at the RADIUS server.
When an Aruba solution uses AirMatch, which device generates the channel and power plan for an AP? A. the AirWave Management Platform B. the Mobility Master (MM) C. the Mobility Controller (MC) for the AP D. the AP itself.
Which APs operate in an autonomous or standalone mode? A. remote APs (RAPs) B. spectrum analyzers (SAs) C. mesh points (APs) D. instant AP (IAP) clusters.
Network administrators use the wizard to create a WLAN that uses WPA2-Enterprise security to a RADIUS server at 10.21.98.55. They do not manually change any settings. Which device determines the EAP type that the wireless clients must support? A. Mobility Master (MM) B. Mobility Controller (MC) C. RADIUS server D. AP.
A company has an Aruba solution. A network administrator wants to prevent wireless users from accessing shopping web sites with a bad reputation. What should the administrator set up to deny such traffic? A. an AppRF engine B. application filters in the Traffic Analysis dashboard C. firewall access control rules that specify HTTP and HTTPS services D. firewall application rules.
A network administrator wants to implement MAC filtering for the wireless network of a local financial firm to ensure that only employees can access the wireless network. What is a potential weakness of this solution? A. MAC filters cannot be applied with WPA2 encryption. B. Authorized MAC addresses are visible in plaintext in the air and can be easily spoofed. C. Many popular clients do not have the capability to connect to WLANs that use MAC filters. D. MAC filters offer no protection against authorized users who try to connect unauthorized devices.
A company currently uses 802.11ac Wave 1 as a wireless solution. They want to upgrade to 802.11ac Wave2. Which new feature will now be available with this upgrade? A. band steering B. multiple spatial streams C. 40MHz channel bonding D. multi-user MIMO (MU-MIMO).
Which task can an Aruba Air Monitor (AM) perform? A. Analyze wireless traffic patterns at the application level. B. Optimize RF through the AP channel and transmit power plans. C. Analyze RF signals to determine the cause of non-802.11 interference. D. Help to detect rogue APs in the environment.
Which feature is unique to 802.11ac Wave 2 access points? A. band steering B. multiple spatial streams C. 40MHz channel bonding D. multi-user MIMO (MU-MIMO).
A network administrator examines a list of 2.4GHz clients with low performance in the Mobility Master (MM) dashboard. Which property for a client should pose a concern as a potential performance issue? A. Radio PHY of HT 20MHz B. Max speed of 72Mbps C. SNR of 18 D. Usage of 10 MB.
The exhibit shows output from a Mobility Master (MM) dashboard. What does the health status indicate? It takes the AP about twice as long to send data to the client as expected if all transmissions succeeded. About half of the heartbeats the client sends reaches the Mobility Manager (MM). The maximum data rate that 802.11ac supports is about twice as high as the data rate the client uses. The client device only complies with about half of the rules in the endpoint health policy.
What are two criteria that distinguish different Aruba Mobility Controller (MC) models from each other? A. firewall speed and ability to act as a standalone controller or not B. number of supported users and firewall throughput C. number of supported APs and ability to support 802.11ac APs or not D. number of supported users and ability to support 802.11ac APs or not.
A company plans to deploy a Mobility Master (MM). The MM will manage 50 Mobility Controller (MC) appliances that will control a total of 680 APs, and 10 Virtual Mobility Controllers (VMCs) that will control a total of 160 APs. How many MM licenses does the company require? A. 60 B. 210 C. 900 D. 960.
A network administrator reduces an AP radio transmit power from 18 dBm to 15 dBm. This is a loss of 3 dBms. What is the current power as a percentage of the original power? A. 10% B. 33% C. 50% D. 83%.
Which type of authentication server should administrators select to authenticate users to a ClearPass server? A. Windows B. RADIUS C. TACACS+ D. LDAP.
What is a valid way to deploy an Aruba Mobility Master (MM)? A. as a subscription-based service through the Aruba cloud B. as a role on a Mobility Controller 7030 that is deployed as a standalone controlle C. as a virtual appliance on a server that meets the recommended hardware requirements D. as a role on a Mobility Controller 7240 that is deployed as a master controller.
What is one difference between an Aruba firewall access controle rule and an application rule? A. An application rule cannot use the packet source and destination IP addresses as part of its match criteria. B. An access rule can filter non-IP traffic, as well as IPv4 and IPv6 traffic. C. An access rule cannot apply different actions to different types of traffic sent to the same destination. D. An application rule can filter traffic at a higher layer beyond the TCP or UDP port.
A network administrator creates a user account on an Aruba Mobility Master (MM) with the guest-provisioning role. Which task does this user have the rights to perform? A. set up portal pages B. create guest user accounts C. monitor guest clients D. create guest WLANs.
A network administrator needs to create an Aruba firewall rule that permits wireless users to receive DHCP settings when they first connect to the Aruba solution. What are the correct source and destination aliases for the rule? A. source = any and destination = user B. source = any and destination = any C. source = user and destination = user D. source = user and destination = any.
Which improvement does ArubaOS 8 offer for the Client Match feature? A. It checks the compliance posture for Bring Your Own Device (BYOD) endpoints to improve security. B. It enables the application of unique CM rules for specific client types. C. It checks client behavior against a wider array of rules to detect more DoS attacks and intrusion attempts. D. It offloads client load balancing decisions to local controllers.
A network administrator uses a wireless intrusion detection system (WIDS) to detect 802.11 association floods. At which layer do these attacks occur? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 7.
A company deploys a wireless network in a typical office environment with many surfaces where the signal can bounce. Which 802.11 technology uses the characteristics of this environment to increase wireless speeds? A. Channel bonding B. Multiple Input Multiple Output (MIMO) C. Transmit Power Control (TPC) D. QAM modulation.
Which IEEE standard provides the highest transmission rates in the 5.0GHz frequency band? A. 802.11a B. 802.11ac C. 802.11g D. 802.11n.
What is the minimum space between channels in the 2.4GHz range to prevent overlap? A. 1 channel B. 3 channels C. 5 channels D. 7 channels.
A network administrator configures a guest WLAN on an Aruba Mobility Master (MM)-based solution. The exhibits show some of the settings for this WLAN. Which settings must the administrator configure on each Mobility Controller (MC) at the device level for this configuration to function properly? A. an IPsec preshared key B. CPSec certificates C. a portal page D. VLAN 99 IP settings.
A company has a single Aruba Mobility Master (MM)-based solution with two Mobility Controllers (MCs). Network administrators want APs in building 1 to support a WLAN but do not want APs in building 2 to support the WLAN. How can administrator ensure that they can enforce this rule as they set up the WLAN in the Mobility Master (MM) Interface? A. Place APs in different buildings in different AP Groups. B. Assign APs in different buildings to different MM nodes. C. Configure APs in different buildings to use different frequency bands. D. Assign different radio profiles to APs in different buildings.
Which class of controller is more appropriate in a branch installation with up to 64 APs? A. 7008 B.7030 C.7205 D.7210.
A company has a Mobility Master (MM)-based solution with a guest WLAN. During the captive portal redirection, users who access a non-HTTPS Website see the error shown in the exhibit. How can a network administrator prevent this error? A. Enable automatic CPSec certificate deployment. B. Replace the default Mobility Master certificate with a certificate that has the correct hostname. C. Replace the default server certificate for mobility controllers with a certificate signed by a trusted CA. D. Reconfigure the guest WLAN to use EAP methods that rely on passwords rather than certificates.
A company has an Aruba solution and wants to provide guests with wireless access. The company wants to assign guests IP addresses in subnets that exist only within the Aruba solution. Which feature should network administrators set up so guests can send traffic on the Internet without changes to the company routing solution? A. Enable NAT on the VLAN assigned to the guest WLAN. B. Set up a dynamic default gateway on the Mobility Controllers (MCs). C. Create destination NAT rules for the guest role. D. Enable policy-based routing for the guest traffic.
A network administrator has installed PEF licenses in the global pool of a Mobility Master (MM) solution. When the administrator tries to configure roles and policies, an error indicates that the PEF licenses must be installed. What should the administrator do to correct this issue? A. Ensure the PEF licenses were installed at the Managed Network and not at the MM level. B. Enable Building 1 as a local license pool. C. Enable the PEF feature in the Global Usage window. D. Activate the PEF licenses through an Aruba Activate account.
An Aruba solution uses AirMatch with the default AirMatch profile settings. A network administrator sees that a scheduled optimization was completed, but a plan was not deployed. Based on the exhibit, why did this occur? A. The cost of the new plan exceeds the amount allowed by the feature license B. The new plan did not offer significantly improved quality C. The solution uses master-local mode D. ARM is disabled in the radio profile, so AP radios are considered frozen.
A network administrator adds a global rule in the area shown in the exhibit. Where does the global rule take effect? A. It immediately applies only to the guest role, as part of the final policy applied to the role. Administrators cannot apply the rule to other roles. B. It immediately applies to the guest role and other roles, as part of the first policy applied to the role. C. It immediately applies to the guest role and other roles, as part of the final policy applied to the role. D. It immediately applies only to the guest role and other roles, as part of the first policy applied to the role. Administrators can choose to apply the rule to other roles.
Which Mobility Master (MM) dashboard should an administrator access to view a list of rogue and interfering APs? A. Potential issues B. Security C. Performance D. Network.
A network administrator adds several new APs to an Aruba solution that uses AirMatch. The administrator does not want to change the channel for the existing APs, but wants the new APs to receive a provisional plan for their channels and power. What should the administrator do to meet this goal? A. Run an on-demand quick AirMatch optimization. B. Run an on-demand incremental AirMatch optimization. C. Temporarily enable ARM on the existing and new APs, while AirMatch scheduling remains enabled. D. Temporarily disable AirMatch scheduling, and then enable ARM on the existing and new APs.
What is one difference between how administrators can use the Mobility Master (MM) Interface as compared to the AirWave Management Platform? A. AirWave shows trends for the past several minutes, while MM shows historical data. B. MM shows trends for the past several minutes, while AirWave shows historical data. C. AirWave shows the current signal level for the client connection, while MM does not show RF statistics. D. MM shows user and role information associated with clients, while AirWave does not.
A network administrator wants to use unique digital certificates installed on user devices to authenticate wireless users. Which EAP method should the RADIUS server and clients support? A. PEAP and MS-CHAPv2 B. EAP-TLS C. EAP-TTLS and MS-CHAPv2 D. LEAP.
A network administrator needs to use Aruba AirWave to view statistics for an AP’s 802.11ac radio. How can the administrator update the information on-demand rather than wait the typical interval? A. Click Poll Controller Now B. Click the 802.11ac link C. Log out of the interface and log back in D. Refresh the browser.
A WLAN in an Aruba Mobility Master (MM)-based solution enforces Enterprise-WPA2 security and uses the tunnel forwarding mode. The company has an external RADIUS server. Which device exchanges RADIUS packets with the RADIUS server? A. Mobility Controller (MC) B. wireless client C. access point (AP) D. Mobility Master (MM).
A network administrator needs to configure firewall rules for three roles: ✑ Finance ✑ Sales ✑ Employee Several rules apply to both the Employee and Sales roles, but not to the Finance role. What is the simplest way to configure these rules? A. Define the Employee and Sales roles as internal roles, and then configure the rules as global rules for internal users. B. Apply these rules as a subnet-based policy, and then ensure that only Employee and Sales users are assigned IP addresses in that subnet. C. Select either the Employee or Sales role, and then configure these rules within the global policy. D. Create a policy with these rules, and then apply that policy to the Employee and Sales roles.
What is a valid way to help the APs discover devices that can control them? A. Set up an Aruba Central subscription, and ensure that APs can reach the Internet. B. Enable CPSec, and ensure the Mobility Master (MM) and Mobility Controllers (MCs) trust the Aruba certificates installed on the APs at the factory. C. Specify the Mobility Master (MM) IP address in DHCP option 43 on the network DHCP server. D. Map the Mobility Controller (MC) IP addresses to the aruba-master name on the network DNS server.
A company deploys Aruba Instant AP(s) (IAPs). The company has grown, so network administrators decide to deploy several Mobility Controllers (MCs) and convert to a controller architecture that still uses the same APs. How can administrators achieve this goal? A. Manage both the MCs and IAP clusters with Aruba Central. B. Configure the IAPs to establish CPSec tunnels to the new MCs. C. Manage both the MCs and IAP clusters with a Mobility Master (MM). D. Convert the IAPs to Campus APs controlled by the new MCs.
Report abuse Consent Terms of use