Prueba

Javier Cortes
Quiz by Javier Cortes, updated more than 1 year ago
Javier Cortes
Created by Javier Cortes over 3 years ago
11
1

Description

Quiz on Prueba, created by Javier Cortes on 04/24/2017.

Resource summary

Question 1

Question
Which of the following core components of ARM enables intelligent distribution of clients across available channel capacity?
Answer
  • Multi-band scan
  • Spectrum load balancing
  • Rogue AP detection
  • Band steering

Question 2

Question
Which one of the following file types cannot be imported to Visual RF Plan?
Answer
  • dwg
  • jpg
  • TIFF
  • gif

Question 3

Question
When adding licenses in the startup wizard license screen a reboot is required:
Answer
  • After each license is installed
  • Before any other configuration can take place
  • Only if the Policy Enforcement Firewall license is installed
  • A reboot is not required until you have completed the configuration wizard

Question 4

Question
When looking at clients in the ‘Monitoring Clients’ section of the Controller, which of the following information is not visible?
Answer
  • Role
  • MAC Address
  • Output power of client radio
  • Method of authentication

Question 5

Question
When configuring a guest WLAN via the WLAN section of the startup wizard which security option is not available?
Answer
  • WEP encryption
  • Direct access to the internet with no captive portal
  • Captive portal with authentication via credentials
  • Captive portal with email registration

Question 6

Question
What information is required by an AP in order to boot? (select all that apply)
Answer
  • AP’s IP Address, Netmask, Default Gateway
  • AP’s Name and Group
  • Aruba Controller’s Master IP Address
  • An established NTP connection to the Master Controller

Question 7

Question
Which of the following statements about management accounts is false?
Answer
  • The root account can be used to monitor access points connected to the controller
  • The guest-provisioning account can see the controller’s configuration but cannot change it
  • The read-only account cannot delete internal database entries
  • The guest-provisioning account can make changes to the internal database

Question 8

Question
The Guest Provisioning user account has the ability to do which of the following?
Answer
  • Add a new employee to the internal database
  • Change the “look” and “feel” of the guest provisioning page
  • Change the available data fields on the guest provisioning page
  • Add a guest user to the internal database

Question 9

Question
In a Campus AP deployment, what is the difference between a Direct and an Overlay deployment?
Answer
  • In an overlay deployment APs are connected directly to the Controller while in a direct deployment, APs are connected to other Layer 2 or Layer 3 devices.
  • The Controller supplies PoE to APs in an Overlay Deployment while APs draw power from other PoE switches in a Direct deployment
  • In a direct deployment, APs are directly connected to the controller while in an overlay deployment APs are connected to other Layer 2 or Layer 3 devices.
  • In an overlay deployment, the APs cannot terminate their GRE tunnels at the controller, while in a direct deployment they can.

Question 10

Question
What does SET ORIENTATION option do in the Visual RF Plan edit tool?
Answer
  • Set the horizontal plane on each floor
  • Give the option to resize a floor
  • Sets the North/South orientation of the building
  • Sets the proper vertical floor plan alignment

Question 11

Question
How many roles should be created on a controller?
Answer
  • As many as necessary
  • the same number as firewall policies
  • one less than the number of firewall policies
  • the same number as SSIDs

Question 12

Question
802.1X authentication takes place
Answer
  • Prior to granting access to L2 media
  • After the user has an IP address
  • After the user sees the captive portal page
  • Prior to the user associating with the AP

Question 13

Question
Firewall policy should be written from:
Answer
  • Least specific to most specific
  • Most specific to least specific
  • Most important resources first
  • Order is not important

Question 14

Question
Which role is assigned prior to launching the captive portal splash screen?
Answer
  • Pre-authentication role
  • Post-authentication role
  • AAA role
  • AAA-CP role

Question 15

Question
When local controller is selected as the controller’s operation mode in the startup wizard, which is no longer configurable?
Answer
  • Licenses
  • WLANs
  • VLANs and IP addressing
  • Controller country code

Question 16

Question
The characteristics of 802.1X Authentication include (select all that apply):
Answer
  • L3 Authentication
  • Extensible Authentication Protocol
  • Support of RADIUS external authentication
  • Port based authentication

Question 17

Question
A reboot of the controller is necessary in which of the following scenarios? (Select all that apply)
Answer
  • Changing controller IP
  • Changing the VLAN of a Virtual AP Profile
  • Creating of a new AP Group
  • Changing of Controller Roles

Question 18

Question
Which of the following parameters are not needed by Visual RF Plan in order to Plan APs on a floor region?
Answer
  • AP Type
  • PHY Type
  • Distance to Controller
  • Environment

Question 19

Question
In decrypt-tunneled forwarding mode, which of the following is true?
Answer
  • Client sets up an IPSEC tunnel with the controller
  • The AP converts the 802.11 frame to an Ethernet frame and sends this in a GRE tunnel to the controller
  • The AP decrypts the 802.11 frame and bridges it on the wire
  • The AP decrypts the 802.11 frame, encrypts it as an Ethernet frame and sends it to the controller

Question 20

Question
When a client is blacklisted, the controller will:
Answer
  • Send a message telling the client it has been blacklisted
  • De-authenticate the client from the network but allow it to keep transmitting data
  • Only block the client if it hasn’t yet associated with an AP
  • Stop the client from associating with any SSID on the controller

Question 21

Question
Remote AP in tunnel mode, by default, uses which of the following to encrypt user traffic back to the mobility controller:
Answer
  • L2TP over IPSec is used to carry user traffic and control traffic
  • PPTP is used to tunnel user traffic
  • The AP does not encrypt user traffic. The user's link layer encryption is used.
  • Remote AP traffic is unencrypted

Question 22

Question
The AP Wizard allows the selection of APs to be provisioned using which of the following methods (select all that apply)?
Answer
  • APs in particular AP Group
  • All APs
  • APs designated as Air Monitors
  • APs meeting specified search criteria

Question 23

Question
What is the purpose of the validuser ACL?
Answer
  • When a user transmits data through the controller, the validuser ACL is used to check if the user is in the layer 3 user-table
  • Before a client is added to the controller’s user table, the validuser ACL is checked to make sure the client has a valid IP address
  • The validuser ACL is used during 802.1X authentication to check that the client is in the layer 3 user-table
  • When an AP needs to transmit data to a user, it checks the validuser ACL to make sure the user has a valid IP address

Question 24

Question
When configuring the Mobility Controller’s internal DHCP via the startup wizard which option is not available for configuration?
Answer
  • Pool name
  • Default router
  • Option 43
  • Domain name

Question 25

Question
An Aruba AP 125 is capable of supporting which of the following network types? (choose all that apply)
Answer
  • 802.11b
  • 802.11n
  • 802.11a
  • 802.11w

Question 26

Question
Which of the following cannot be accomplished from the startup wizard?
Answer
  • Basic controller configuration
  • License installation
  • VPN configuration
  • WLAN configuration

Question 27

Question
WPA and WPA2 can use the following authentication methods: (select all that apply)
Answer
  • WEP Keys
  • PSK
  • 802.1X
  • Captive Portal

Question 28

Question
When configuring roles under ‘Access Control’ in the Controller’s Configuration page, what does the ‘show reference’ action tell us?
Answer
  • Which firewall hits were detected that refer to the role
  • Which profiles refer to the role
  • What policies are inside the role
  • What users are currently assigned that role

Question 29

Question
Which of the following is true of an Aruba Mobility Controller acting as a layer 3 router? (select all that apply)
Answer
  • The Mobility Controller is the client's default router.
  • The Mobility Controller acts as a bridge.
  • DHCP can be provided by the network infrastructure or the Mobility Controller
  • The Mobility Controller supports BGP.

Question 30

Question
Which of the following can be configured in the GUI setup wizard: (choose all that apply)
Answer
  • Timezone
  • WLAN
  • WLAN trunck
  • Loopback address

Question 31

Question
Which of the following is not available for configuration in the startup wizard?
Answer
  • RF Plan
  • Administrator and enable passwords
  • Native VLANs on a per port basis
  • WPA-PSK encryption

Question 32

Question
Which of the following is true about configuring a server group?
Answer
  • Server rules are used to send information to the configured servers
  • A server group can have more than 1 server
  • If the internal database is used in the server group, then no external servers can be added
  • If multiple servers are assigned to the server group, all except the 1st will be ignored

Question 33

Question
Which is the strongest encryption type?
Answer
  • AES
  • TKIP
  • WEP
  • MSCHAPv2

Question 34

Question
Which of the following would be appropriate for standalone MAC Authentication?
Answer
  • Guest user
  • Internal user
  • Barcode scanner
  • Admin user

Question 35

Question
What is not a basic configuration in the startup wizard when configuring a WLAN?
Answer
  • SSID
  • VLAN
  • Radio Type
  • Anntena Type

Question 36

Question
What are some best practices when configuring the Aruba Firewall? Select all that apply.
Answer
  • Use aliases when possible
  • Write rules from least specific to most specific
  • Take actions like blacklisting when users violate policies
  • Create a different policy for each unique rule

Question 37

Question
Which firewall action is necessary in a guest pre-authentication role to display the captive portal login screen?
Answer
  • SRC-NAT
  • DST-NAT
  • allow all
  • allow CP

Question 38

Question
Clients connecting to a remote AP at a branch office can get an IP address through which of the following methods? (Select all that apply)
Answer
  • DHCP server connected to the Remote AP’s controller
  • DHCP server at a branch office
  • DHCP server inside the Remote AP
  • All of the above

Question 39

Question
What are the four views available in Visual RF Plan?
Answer
  • User View
  • Controller View
  • Access Point View
  • Floor Plan View
  • Network, Campus and Building View

Question 40

Question
Time range is applied directly to which of the following:
Answer
  • Role
  • Firewall Policy
  • Firewall Rule
  • Profile

Question 41

Question
In what order does the AP dynamically discover the Master controller?
Answer
  • DNS query, ADP Broadcast, ADP Multicast, DHCP option 43
  • DHCP option 43, ADP Multicast, ADP Broadcast, DNS query
  • DHCP option 43, DNS query, ADP Multicast, ADP Broadcast
  • ADP Multicast, ADP Broadcast, DHCP option 43, DNS query

Question 42

Question
Identify the benefits of using aliases when writing firewall policies (select all that apply)
Answer
  • Makes policies more readable
  • Changes to policy rules that use aliases are auto updated.
  • End users are applied to the proper role

Question 43

Question
Which of the following is true of an Aruba Mobility Controller acting as a layer 2 switch? (select all that apply)
Answer
  • The Mobility Controller is the client's default router.
  • The Mobility Controller acts as a bridge.
  • All stations must use the same VLAN
  • Uplink ports on the Mobility Controller can use 802.1q

Question 44

Question
A Remote AP uses which type of secure tunnel to communicate with a controller:
Answer
  • NAT-T
  • IPSec
  • PPTP
  • GRE

Question 45

Question
Which ARM function converts APs with excess capacity into Air Monitors?
Answer
  • Airtime fairness
  • Coordinated access to a single channel
  • Co-channel interference mitigation
  • Client aware scanning

Question 46

Question
Which roles must be configured via the startup wizard when captive portal is being configured (select all that apply)?
Answer
  • Roles are not used on the Aruba system
  • Pre-Authentication role
  • Authenticated role
  • Unauthenticated role

Question 47

Question
Which of the following needs to be done prior to attempting to use the GUI quick setup of a factory defaulted Aruba S3500 Mobility Access Switch?
Answer
  • Set the S3500 IP address to the 172.16.0.0 range
  • Quick-Setup needs to be enabled on the LCD Panel
  • Connect the S3500 to the network for DHCP
  • Set the laptop IP address to the 192.168.0.0 range

Question 48

Question
Which of the following information is gathered by APs during scanning periods? (Select all that apply)
Answer
  • MAC addresses of neighboring APs
  • Security threats in the surroundings
  • Type of non-802.11 interference detected
  • Interfering Clients connected to other APs

Question 49

Question
Which of the following statements about management accounts is false?
Answer
  • The root account can be used to monitor access points connected to the controller
  • The guest-provisioning account can see the controller’s configuration but cannot change it
  • The read-only account cannot delete internal database entries
  • The guest-provisioning account can make changes to the internal database

Question 50

Question
Which of the following deployment types is NOT a valid option when using the AP Wizard?
Answer
  • Campus
  • Mesh
  • Roaming
  • Remote Mesh

Question 51

Question
Which Aruba controllers are able to provide IEEE 802.3af POE? (Choose all the correct answers.)
Answer
  • 3200
  • 620
  • 650
  • 6000

Question 52

Question
Which of the following controllers has an integrated single radio AP?
Answer
  • 3200
  • 620
  • 650
  • 651

Question 53

Question
What is the maximum number of campus APs supported by a 620 controller?
Answer
  • 32
  • 8
  • 16
  • 24

Question 54

Question
Which access point models support concurrent operations in both the “b/g” band as well as the “a” band? (Choose all the correct answers.)
Answer
  • RAP2
  • AP-120
  • AP-105
  • AP-125
  • AP-135

Question 55

Question
Which of the following APs do not support dual radio operations? (Choose all the correct answers.)
Answer
  • RAP-5
  • AP-125
  • AP-120
  • AP-124

Question 56

Question
Which of the following APs support remote AP operation?
Answer
  • AP-105
  • AP-125
  • RAP2
  • All of the above

Question 57

Question
An Aruba based network has a Master and three local controllers. No APs terminate on the Master controller. IDS is desired, so the administrator wants to install the "RFProtect license." On which controller should the license be installed?
Answer
  • master controller since it performs the IDS analysis
  • the local controllers since the APs terminate there
  • all of the controllers
  • this isn't the correct license for this purpose

Question 58

Question
What do you need to generate a feature license key for an Aruba controller?
Answer
  • controller's MAC address and the feature description
  • controller's MAC address and the certificate number
  • controller's Serial Number and the feature description
  • controller's Serial Number and the certificate number

Question 59

Question
What are the PEF-NG license limits based on?
Answer
  • Number of APs
  • Limit One per controller
  • Number of users
  • Number of local controllers

Question 60

Question
Which of the following licenses are consumed by RAP?
Answer
  • AP license
  • PEF-NG license
  • PEF-V license
  • No license required

Question 61

Question
The permanent licenses on the controller will be deleted with the use of which command?
Answer
  • delete license
  • write erase
  • Licenses cannot be deleted once activated
  • write erase all

Question 62

Question
Which statement is true about the Content Security License?
Answer
  • Applied to the master controller
  • Applied to all the controllers in the network
  • It is based on number of users
  • It is based on number of APs

Question 63

Question
What is the best practice regarding licensing for a backup master to support Master Redundancy?
Answer
  • Backup master only requires the AP license
  • License limits should be the same on primary master and backup Master
  • Licenses are pushed from the primary to the backup Master along with the configuration
  • Backup Master does not require licenses to support master redundancy

Question 64

Question
Which may be applied directly to an interface? (Choose all the correct answers.)
Answer
  • Access List (ACL)
  • Firewall Policy
  • Roles
  • RF Plan Map

Question 65

Question
What new firewall action was added specifically for use with Aruba's Content Security Service? VisualRF supports import of floor plans from:
Answer
  • dst-nat
  • dual-nat
  • route dst-nat
  • redirect to tunnel

Question 66

Question
When creating a firewall policy, which of the following parameters are required? (Choose all the correct answers.)
Answer
  • Destination
  • Service
  • Source
  • Log
  • Action

Question 67

Question
In all unmodified default AAA profiles, in which default initial role is the user placed?
Answer
  • trusted-ap
  • guest
  • pre-guest
  • logon

Question 68

Question
When are the system-defined default roles added to the configuration on the controller?
Answer
  • when the controller is first booted
  • when an RF Proctect license is added to the controller
  • when created manually
  • when a PEF-NG license is added to the controller

Question 69

Question
When a user first associates to the WLAN, what role are they given?
Answer
  • the guest role
  • the stateful role
  • the initial role in the server group profile
  • the initial role in the AAA profile

Question 70

Question
Which of the following could be used to set a user's post-authentication role or VLAN association? (Choose all the correct answers.)
Answer
  • AAA default role for authentication method
  • Server Derivation Rule
  • Vendor Specific Attributes
  • AP Derivation Rule

Question 71

Question
Which describe "roles" as used on Aruba Mobility Controllers? (Choose all the correct answers.)
Answer
  • Roles are assigned to users.
  • Roles are applied to interfaces.
  • Policies are built from roles.
  • A user can belong to only one role at a time.

Question 72

Question
Which netdestination aliases are built into the controller? (Choose all the correct answers.)
Answer
  • mswitch
  • any
  • user
  • guest

Question 73

Question
What are aliases used for?
Answer
  • improve performance
  • simplify the configuration process
  • tie IP addresses to ports
  • assign rules to policies

Question 74

Question
Which of the following statements allows a user to initiate an HTTP session to other devices?
Answer
  • any alias internal-nets svc-dns permit
  • user any svc-http permit
  • user user svc-http permit
  • any any svc-http permit

Question 75

Question
The Aruba Policy Enforcement Firewall (PEF) module supports destination network address translation (dst-nat). Which is a common use of this statement in an Aruba configuration?
Answer
  • source the IP addresses of users to specific IP address
  • redirect HTTP sessions to Captive Portal
  • redirect Access Points to another Aruba controller
  • provide a telnet connection to the controller

Question 76

Question
The Aruba Policy Enforcement Firewall (PEF) module supports source network address translation (src-nat). Which is a common use of this statement in an Aruba configuration?
Answer
  • provide a single source IP address for users in a role
  • redirect Captive Portal HTTP sessions
  • redirect Access Points to another Aruba controller
  • provide IP addresses to clients

Question 77

Question
The network administrator wishes to terminate the VPN encryption on the Aruba controller. When writing a firewall rule to accomplish the task of automatically moving the VPN traffic for the wireless clients from a third party VPN concentrator to an Aruba controller, which action needs to be configured in the rule?
Answer
  • redirect to ESI group
  • source NAT
  • destination NAT
  • redirect to tunnel

Question 78

Question
Review the following truncated output from an Aruba controller for this item. Based on the above output from an Aruba controller, an unauthenticated user assigned to the logon role attempts to start an http session to IP address 172.16.43.170. What will happen?
Answer
  • the user's traffic will be passed to the IP address because of the policy statement: user any svc-http dst-nat 8080
  • the user's traffic will be passed to the IP address because of the policy statement: user any svc-https dst-nat 8081
  • the user's traffic will be passed to the IP address because of the policy statement: user any svc-http-proxy1 dst-nat 8088
  • the user will not reach the IP address because of the policy statement: user any svc-http dst-nat 8080
  • the user will not reach the IP address because of the implicit deny any any at the end of the policy.

Question 79

Question
Refer to the following configuration segment for this item. ip access-list session anewone user network 10.1.1.0 255.255.255.0 any permit user host 10.1.1.1 any deny user any any permit Based on the above Aruba Mobility Controller configuration segment, which statements best describe this policy? (Choose all the correct answers.)
Answer
  • The rule user host 10.1.1.1 any deny is redundant because of the implicit deny all at the end.
  • The rule user network 10.1.1.0 255.255.255.0 any permit is redundant because of the user any any permit at the end.
  • The two rules user network 10.1.1.0 255.255.255.0 any permit and user host 10.1.1.1 any deny need to be re-sequenced.
  • This list is fine as is.

Question 80

Question
Refer to the following configuration segment for this item. netdestination "internal" no invert network 172.16.43.0 255.255.255.0 position 1 range 172.16.11.0 172.16.11.16 position 2 ! ip access-list session "My-Policy" alias "user" alias "internal" service_any permit queue low ! A user frame is evaluated against this access-list with the following attributes: Source IP: 172.17.49.3 Destination IP: 10.100.86.37 Destination Port: 80 Referring to the above file segment, how will the frame be handled by this access-list?
Answer
  • The frame will be dropped because of the implicit deny all at the end of the netdestination definition
  • The frame will be dropped because of the implicit deny all at the end of the access list.
  • The frame will be forwarded because of the implicit permit all at the end of the access list.
  • The frame will be passed because there is no service specified in the access list.
  • The frame will be dropped because there is no service specified in the access list.

Question 81

Question
ip access-list session anewone user network 10.1.1.0 255.255.255.0 any permit user any any permit host 10.1.1.1 host 10.2.2.2 any deny A user sends a frame with the following attributes: Source IP: 10.1.1.1 Destination IP: 10.2.2.2 Destination Port: 25 Based on the above Mobility Controller configuration file segment, what will this policy do with the user frame?
Answer
  • The frame is discarded because of the implicit deny all at the end of the policy.
  • The frame is discarded because of the statement: user host 10.1.1.1 host 10.2.2.2 deny.
  • The frame is accepted because of the statement: user any any permit.
  • The frame is accepted because of the statement: user network 10.1.1.0 255.255.255.0 any permit.
  • This is not a valid policy.

Question 82

Question
ip access-list session anewone user network 10.1.1.0 255.255.255.0 any permit user host 10.1.1.1 any deny user any any permit Referring to the above portion of a Mobility Controller configuration file, what can you conclude? (Choose all of the correct answers.)
Answer
  • This is a session firewall policy.
  • This is an extended Access Control List (ACL).
  • Any traffic going to destination 10.1.1.1 will be denied.
  • Any traffic going to destination 10.2.2.2 will be denied.
  • Any traffic going to destination 172.16.100.100 will be permitted.

Question 83

Question
As a user moves through the authentication process, which of the following is not used in a derivation rule?
Answer
  • MAC address
  • OS version
  • SSID
  • Radius attribute

Question 84

Question
Other than a user role, what attribute can be applied to a user with a derivation rule?
Answer
  • SSID
  • MAC
  • VLAN
  • IP Address

Question 85

Question
Which is an Aruba specific DSA that can be used in a user derivation rule?
Answer
  • user login name
  • authentication server
  • location
  • controller Loopback address

Question 86

Question
Which match condition can be used by a server derivation rule?
Answer
  • greater than
  • less than
  • inverse of
  • contains

Question 87

Question
Where are Aruba Vendor Specific Attributes (VSA) programmed?
Answer
  • controller
  • client
  • authentication server
  • Internal user database

Question 88

Question
View the Server group screen shot above. A company has provisioned the same VAP, AAA and SSID profiles at both its Miami and NY offices. This Server Group is applied for 802.1x authentication at both locations. The user's credentials are only found in the Miami Radius server “RadiusMiami”. There is no Radius synchronization. What happens when the user attempts to authenticate?
Answer
  • The controller recognizes the users Domain and sends the authentication request directly to RadiusMiami.
  • The request is initially sent to RadiusNY1 then RadiusNY1 redirects, the controller, to send the authentication request to RadiusMiami
  • RadiusNY1 receives the request and returns a deny. No other action is taken.
  • RadiusNY1 receives the request and returns a deny. The authentications request will then be sent to RadiusMiami.

Question 89

Question
View the Server group and User Roles screen shots above. A user associated to an SSID with 802.1x using this server group. RadiusNY returned a standard radius attribute of filter-Id with a value of “employee”. The user was placed in the guest Role. What statements below are correct?
Answer
  • The user was placed in the 802.1x authentication default Role guest
  • The user was placed in the initial Role guest
  • Role derivation failed because roles are case sensitive
  • Role derivation failed because the incorrect operation “value-of” was used
  • 802.1x authentication failed so the user was automatically placed in the guest Role

Question 90

Question
A user associated to an SSID with 802.1x using this server group. RadiusNY returned a standard radius attribute of filter-Id with a value of “employee”. What Role will the user get?
Answer
  • The User will get the Emp Role
  • The user will get the 802.1x authentication default Role
  • The User will get the employee Role
  • The User will get the Employee Role
  • The User will get the initial Role

Question 91

Question
Which profiles are required in an AP Group to enable an SSID with VLAN 1, WPA2 and LMSIP?
Answer
  • Virtual-ap ap mesh-radio-profile ap system profile
  • Wlan ssid-profile ap-system-profile virtual-ap profile
  • Virtual-ap profile ap-system profile aaa profile
  • 802.1X authentication profile wlan ssid-profile virtual-ap profile

Question 92

Question
A user connected to a Captive Portal VAP successfully. When the user opens their browser and tries to access their homepage, they get redirected as expected to another URL on the Aruba Controller. However, they see an error message that web authenticatio n has been disabled. What might be a cause of this?
Answer
  • The Captive portal profile has not been assigned to the initial role
  • The Captive portal profile has not been assigned to the AAA profile
  • A server group has not been assigned to the captive portal profile
  • An initial role has not been assigned to the AAA profile

Question 93

Question
A customer has configured a 3000 controller with the following commands: Vlan 55 Vlan 56 Vlan 57 Interface gigabitethernet 1/0 switchport mode trunk switchport trunk native vlan 55 switchport trunk allowed vlan 55-57 Which of the following sentences best describes this port?
Answer
  • All traffic in vlan 55 will be dropped and all traffic in vlan 56 and 57 will be trunked with and 802.1Q tag
  • All traffic in vlan 55, 56 and 57 will be trunked with an 802.1Q tag
  • All traffic in vlan 55 will be sent with an 802.1Q tag while vlan 56 and 57 traffic will be trunked untagged
  • All traffic in vlan 56 and 57 will be sent with an 802.1Q tag while vlan 55 traffic will be trunked untagged

Question 94

Question
A customer has a remote AP deployment, where each remote AP has an IPSEC VPN tunnel with L2TP to the controller. 1 of the remote APs is stuck in the user table and hasn't yet transitioned to the AP active table in the controller. The customer suspects that the AP is not setting up its VPN connection successfully. Which of the following commands might be useful in troubleshooting this? Select all that apply.
Answer
  • Logging level debugging security process localdb
  • Logging level debugging security process l2tp
  • Logging level debugging security process dot1x
  • Logging level debugging security process crypto

Question 95

Question
The screen captures above show the 802.1X authentication profile and AAA profile settings for a VAP. If machine authentication passes and user authentication passes, which role will be assigned?
Answer
  • employee
  • guest
  • contractor
  • logon
  • you can't tell

Question 96

Question
The screen captures above show the 802.1X authentication profile and AAA profile settings for a VAP. If machine authentication fails and user authentication fails, which role will be assigned?
Answer
  • employee
  • guest
  • contractor
  • Captive Portal
  • Logon
  • no role will be assigned

Question 97

Question
What cannot be configured from the Initial Configuration wizards?
Answer
  • Controller name.
  • Syslog server and levels.
  • User firewall policy.
  • User derivation rules

Question 98

Question
When you create a WLAN SSID in the WLAN/LAN wizard what AP group is it automatically added to?
Answer
  • The air-monitors group
  • The first configured AP group
  • The Default AP group
  • It is only added to the 'All Profiles' section

Question 99

Question
The reusable wizards are accessible in which one of the following ways?
Answer
  • On startup through the CLI
  • Through the CLI, after the initial CLI wizard has been completed
  • In the Web UI under maintenance.
  • In the Web UI under configuration

Question 100

Question
What additional fields must be configured in the configuration wizard if the controller role is selected as a local instead of a standalone controller?
Answer
  • The Local's SNMPv3 user name and password
  • The Master IP address
  • The Local's loopback address
  • The IPSec PSK for Master/Local communication

Question 101

Question
The configuration wizard enables which of the following controller clock configurations?
Answer
  • NTP to a time server
  • Manually setting the date time
  • Daylight savings time
  • Only GMT can be configured

Question 102

Question
When configuring ports in the configuration wizard, which of the following are not options for configuration?
Answer
  • Inter-VLAN routing
  • Source NAT
  • Trusted
  • LACP

Question 103

Question
What Wizards can be used to create a new AP Group?
Answer
  • AP Wizard
  • Controller Wizard
  • WLAN/LAN Wizard
  • License Wizard
  • AP configurations Wizard

Question 104

Question
By default, which CLI based remote access method is enabled on Aruba controllers?
Answer
  • rsh
  • Telnet
  • SSH
  • Telnet and SSH
  • Telnet, SSH and rsh

Question 105

Question
An Aruba controller can be configured to support which CLI based remote access methods?
Answer
  • RSH
  • Telnet
  • SSH
  • Telnet and SSH
  • SSH and RSH

Question 106

Question
The Aruba controller's Command Line Interface can be accessed from WITHIN the browser based Web User Interface using which method?
Answer
  • It's not possible to access the CLI from within the WebUI
  • Embedded Telnet client
  • Java based SSH client
  • Proprietary serial over Ethernet client

Question 107

Question
As an admin/root user, what other types of role-based management users can be created on Aruba controllers? (Choose all the correct answers)
Answer
  • Auditing-compliance user
  • Read only user
  • Location-api-management user
  • Guest provisioning user

Question 108

Question
Which log type should be enabled to troubleshoot IPSec authentication issues on Aruba Controllers?
Answer
  • Security Logs
  • Management Logs
  • Wireless Logs
  • IDS Logs

Question 109

Question
Referring to the above screen capture, if an administrator desires to change a specific AP into an AM without assigning the AP to a new group, which menus could be used?
Answer
  • Network > Controller
  • Wireless > AP Configuration
  • Wireless > AP Installation
  • Advanced Services > Wireless
  • Advanced Services > All Profiles
Show full summary Hide full summary

Similar

MATEMÁTICAS PRIMARIA
Ulises Yo
MATEMÁTICAS PRIMARIA
Adriana Aguilar
MATEMÁTICAS PRIMARIA
Adriana Aguilar
MATEMÁTICAS Primaria...
Ulises Yo
PRUEBA de LENGUA - 6º NIVEL de PRIMARIA...
Ulises Yo
MATEMÁTICAS PRIMARIA
Edward Villarroel
MATEMÁTICAS PRIMARIA
CESAR SANCHEZ FELIX
MATEMÁTICAS PRIMARIA
Ramon Enrique Valverde Peregrina
MATEMÁTICAS Primaria...
Itziar Oloriz Lara
MATEMÁTICAS PRIMARIA
Luis Estevez