Winter Sale Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ex2p65

Exact2Pass Menu

Login / Register

Question # 4

Which authentication server option would the network administrator choose to authenticate a wireless user directly against an Active Directory (AD) domain controller without NPS or IAS?

A.

LDAP server

B.

RFC 3576 server

C.

TACACS server

D.

RADIUS server

Full Access
Question # 5

What is a key difference between an Aruba Air Monitor (AM) and an Aruba Spectrum Analyzer (SA)?

A.

An AM detects threats such as rogue APs, while an SA analyzes RF conditions.

B.

An AM detects rogue APs and provides data services to clients, while an SA only detects rogue APs.

C.

An AM scans on only one 802.11 frequency band, while an SA scans on both 802.11 frequency bands.

D.

An AM both detects wireless intrusion attempts and mitigates them, while an SA only detects wireless intrusion attempts.

Full Access
Question # 6

A network administrator wants to implement MAC filtering for the wireless network of a local financial firm to ensure that only employees can access the wireless network. What is a potential weakness of this solution?

A.

MAC filters cannot be applied with WPA2 encryption.

B.

Authorized MAC addresses are visible in plaintext in the air and can be easily spoofed.

C.

Many popular clients do not have the capability to connect to WLANs that use MAC filters.

D.

MAC filters offer no protection against authorized users who try to connect unauthorized devices.

Full Access
Question # 7

Refer to the exhibit.

A network administrator adds a global rule in the area shown in the exhibit. Where does the global rule take effect?

A.

It immediately applies only to the guest role, as part of the final policy applied to the role. Administrators cannot apply the rule to other roles.

B.

It immediately applies to the guest role and other roles, as part of the first policy applied to the role.

C.

It immediately applies to the guest role and other roles, as part of the final policy applied to the role.

D.

It immediately applies only to the guest role and other roles, as part of the first policy applied to the role. Administrators can choose to apply the rule to other roles.

Full Access
Question # 8

A network administrator needs to create an Aruba firewall rule that permits wireless users to receive DHCP settings when they first connect to the Aruba solution. What are the correct source and destination aliases for the rule?

A.

source = any and destination = user

B.

source = any and destination = any

C.

source = user and destination = user

D.

source = user and destination = any

Full Access
Question # 9

Refer to the exhibit.

A network administrator sets up the Exam_Employees WLAN on an Aruba solution with a default role of guest, as shown in the exhibit. To which users does the guest role apply?

A.

users who successfully authenticate and are assigned to the default role by the RADIUS server

B.

users who successfully authenticate and are not assigned a different role by the RADIUS server

C.

users who have connected to the SSID, but have not yet attempted authentication

D.

users who fail authentication

Full Access
Question # 10

What is one difference between how a network administrator can monitor clients in the Mobility (MM) interface and in the AirWave Management Platform?

A.

AirWave shows trends for the past several minutes, while MM shows longer trends.

B.

AirWave combines information from more sources, such as RADIUS authenticating servers and APs.

C.

AirWave shows the current signal level for the client connection, while MM does not show RF statistics.

D.

MM shows user and role information associated with clients, while AirWave does not.

Full Access
Question # 11

Refer to the exhibits.

Exhibit 1

Exhibit 2

Exhibit 3

A network administrator creates a guest WLAN on an Aruba Mobility Manager (MM). The exhibits show some of the settings for the WLAN. The administrator does not change the policies for those roles.

How does the firewall control guest clients when they first connect to the WLAN?

A.

It permits them to send any DHCP traffic and DNS and web traffic to the Internet. It redirects web traffic destined to the private network to a login portal.

B.

It permits them to send any DHCP and DNS and it redirects all web traffic to a login portal.

C.

It permits them to send any DHCP and RADIUS traffic. It redirects all web traffic destined to the Internet to a login portal and drops web traffic destined to the private network.

D.

It does not permit them to send any traffic until they are authenticated.

Full Access
Question # 12

Which task can an Aruba Air Monitor (AM) perform?

A.

Analyze wireless traffic patterns at the application level.

B.

Optimize RF through the AP channel and transmit power plans.

C.

Analyze RF signals to determine the cause of non-802.11 interference.

D.

Prevent client connections to rogue APs.

Full Access
Question # 13

A company currently uses Instant APs (IAPs), all managed by a virtual controller. The company expects to double in size without the next 18 months. The network manager wants to purchase additional APs to service the increased traffic load. The network manager also wants to deploy a Mobility Controller (MC) to manage all APs.

How should the network administrator adapt the current IAPs to a controlled architecture?

A.

Manage both the MCs and IAP clusters with Aruba Central.

B.

Configure the IAPs to establish CPSec tunnels to the new MCs.

C.

Manage both the MCs and IAP clusters with a Mobility Master (MM).

D.

Convert the IAPs to Campus APs controlled by the new MCs.

Full Access
Question # 14

A customer has a large campus that requires 400 Aruba 335 APs to support a total of 20,000 wireless users and 12Gbps of traffic. Although the customer wants two controllers for redundancy, each controller must be able to support all of the APs and users on its own.

Which Aruba Mobility Controller models meet the customer requirements and DO NOT unnecessarily exceed them?

A.

Aruba 7024 controllers

B.

Aruba 7210 controllers

C.

Aruba 7240 controllers

D.

Aruba 7030 controllers

Full Access
Question # 15

Refer to the exhibit.

The exhibit shows the AAA profile for a WLAN on an Aruba solution. This WLAN uses 802.1X to authenticate users to a RADIUS server. A user successfully authenticates with 802.1X, but the RADIUS server does not send a role assignment.

How does the Aruba firewall handle the role assignment for this user?

A.

It does not assign a role.

B.

It applies the Aruba VSA role employee.

C.

It assigns the logon role.

D.

It assigns the authenticated role.

Full Access
Question # 16

An Aruba solution runs ArubaOS 8 and uses a standalone controller architecture. Which feature can administrators use to optimize the channel and power plan for the APs?

A.

ARM

B.

Rule Based Client Match

C.

AirMatch

D.

AppRF

Full Access
Question # 17

A company has an Aruba solution with a guest WLAN named exam_guest. A network administrator creates the guest WLAN with the wizard and does not change any of the default roles. The authentication server does not send particular role assignments for authorized users. The company wants to deny guest access to specific IP rnages after the guests authenticate.

For which role should the administrator create the rule to deny this traffic?

A.

exam_guest-guest-logon

B.

authorized

C.

guest-logon

D.

guest

Full Access
Question # 18

What is a role fulfilled by an Aruba Mobility Master (MM)?

A.

It forwards and routes traffic for wireless users across multiple sites.

B.

It terminates control tunnels for Aruba APs.

C.

It provides an advanced Web portal for onboarding Bring Your Own Device (BYOD) devices.

D.

It manages VLAN and routing configuration for multiple Mobility Controllers (MCs).

Full Access
Question # 19

An Aruba Remote AP (RAP) operates in split-tunnel mode. How does the AP forward traffic?

A.

It sends all user traffic in a GRE tunnel to a central Mobility Controller (MC), and it sends control traffic in an IPsec tunnel to the controller.

B.

It sends traffic designed to the corporate network in an IPsec tunnel to a central Mobility Controller (MC), and it bridges other traffic locally.

C.

It sends user and control traffic in two separate IPsec tunnels to the Mobility Controller (MC).

D.

It sends all employee and control traffic in a GRE tunnel to a central Mobility Controller (MC), and it bridges all guest traffic locally.

Full Access