- Email support@dumps4free.com
Topic 1: Product Knowledge
By default Centralized licensing messages between master and local controllers are sent
___________________.
A.
In the clear unencrypted since the master and local controllers already share IPSEC
tunnels.
B.
Using CPSec
C.
Using IPSec site to site VPN tunnels
D.
Encrypted using GRE
E.
PAPI
In the clear unencrypted since the master and local controllers already share IPSEC
tunnels.
Review the following truncated output from an Aruba controller for this item.
(example) #show rights logon
access-list List
--------
Position Name Location
---- -- ----
1 logon-control
2 captiveportal
logon-control
-------
Priority Source Destination Service Action
---- --- ------ ---- ---
1 user any udp 68 deny
2 any any svc-icmp permit
3 any any svc-dns permit
4 any any svc-dhcp permit
5 any any svc-natt permit
captiveportal
Priority Source Destination Service Action
---- --- ------ ---- ---
1 user controller svc-https dst-nat 8081
2 user any svc-http dst-nat 8080
3 user any svc-https dst-nat 8081
4 user any svc-http-proxy1 dst-nat 8088
5 user any svc-http-proxy2 dst-nat 8088
6 user any svc-http-proxy3 dst-nat 8088
Based on the above output from an Aruba controller, an unauthenticated user assigned to
the logon role attempts to start an http session to IP address 172.16.43.170.
What will happen?
A.
the user's traffic will be passed to the IP address because of the policy statement:user
any svc-http dst-nat 8080
B.
the user's traffic will be passed to the IP address because of the policy statement:user
any svc-https dst-nat 8081
C.
the user's traffic will be passed to the IP address because of the policy statement:user
any svc-http-proxy1 dst-nat 8088
D.
the user will not reach the IP address because of the policy statement:user any svc-http
dst-nat 8080
E.
the user will not reach the IP address because of the implicit deny any any at the end of
the policy.
the user will not reach the IP address because of the policy statement:user any svc-http
dst-nat 8080
An administrator creates a WLAN with an unmodified default AAA profile. What is the
default role the user is placed in?
A.
default-logon
B.
logon
C.
guest-logon
D.
default-ap
E.
AP-Role
logon
ip access-list session anewone
user network 10.1.1.0 255.255.255.0 any permit
user host 10.1.1.1 any deny
user any any permit
Referring to the above portion of a Mobility Controller configuration file, what can you
conclude? (Choose two)
A.
This is a session firewall policy.
B.
This is an extended Access Control List (ACL).
C.
Any traffic going to destination 10.1.1.1 will be denied.
D.
Any traffic going to destination 10.2.2.2 will be denied.
E.
Any traffic going to destination 172.16.100.100 will be permitted.
This is a session firewall policy.
Any traffic going to destination 172.16.100.100 will be permitted.
The Aruba Policy Enforcement Firewall (PEF) module supports source network address
translation (src-nat).
Which is a use of this statement in an Aruba configuration?
A.
provide a single source IP address for users in a role
B.
redirect Captive Portal HTTP sessions
C.
redirect Access Points to another Aruba controller
D.
provide IP addresses to clients
E.
redirects clients to Aruba Firewall
provide a single source IP address for users in a role
| Page 4 out of 35 Pages |
| Previous |