Aruba Certified Mobility Expert 8 Written Exam v1.0 (HPE6-A48)

Page:    1 / 5   
Total 66 questions

Refer to the exhibit.


A user"™s laptop only operates in the 2.4 GHz band and supports 802.11n. This user reports that the network is slow at the cafeteria that is serviced by three APs, and suggests that there might be a problem with the WLAN. The network administrator finds the user in the MM, and obrains the output shown in the exhibit.
What should the network administrator do to optimize the client connection?

  • A. Disable lower transmit rates in the SSID profile.
  • B. Change the channel being used in the radio profile.
  • C. Reduce Min/Max channel bandwidth in the radio profile.
  • D. Reduce Min/Max EIRP in the ARM profile.


Answer : A

Refer to the exhibit.


A network administrator completes the initial configuration dialog of the Mobility Controllers (MCs) and they join the Mobility Master (MM) for the first time. After the
MM-MC association process, the network administrator only creates AP groups, VAPs, and roles. Next, the network administrator proceeds with the configuration of the policies and creates the policy shown in the exhibit.
Which additional steps must be done to make sure this configuration takes effecr over the contractor users?

  • A. Apply the policy in the contractors user role. Enable deep packet inspection.
  • B. Apply the policy in the contractors user role. Enable deep packet inspection. Reload the MCs.
  • C. Enable the firewall visibility. Enable web-content classification Reload the MCs.
  • D. Enable firewall visibility Enable web-content classification Reload the MMs.


Answer : A

A financial institution contacts an Aruba partner to deploy an advanced and secure Mobility Master (MM)-Mobility Controller (MC) WLAN solution in its main campus and 14 small offices/home offices (SOHOs). Key requirements are that users at all locations, including telecommuters with VIA, should be assigned roles with policies that filter undesired traffic. Also, advanced WIPs should be enforced at the campus only.
These are additional requirements for this deployment:
-> RAPs should ship directly to their final destinations without any pre-setup and should come up with the right configuration as soon as they get Internet access.
-> Activate should be configured with devices MACs, serial numbers, and provisioning rules that redirect them to the standalone VMC at the DMZ
-> Users should be able to reach DNS, FTP, Web and telephone servers in the campus as well as send and receive IP telephone calls to and from the voice
10.1.50.0/24 segment.
-> Local Internet access should be granted.
Refer to the exhibit.


Refer to the scenario and the exhibit.

Which command must the network administrator add in the split-tunneling policy to meet the requirements for the RAP employee SSID?

  • A. user any svc-http permit
  • B. user any any src-nat pool dynamic-srcnat
  • C. any user any src-nat pool dynamic-srcnat
  • D. user any any dst-nat


Answer : B

A financial institution contacts an Aruba partner to deploy an advanced and secure Mobility Master (MM)-Mobility Controller (MC) WLAN solution in its main campus and 14 small offices/home offices (SOHOs). Key requirements are that users at all locations, including telecommuters with VIA, should be assigned roles with policies that filter undesired traffic. Also, advanced WIPs should be enforced at the campus only.
These are additional requirements for this deployment:
-> RAPs should ship directly to their final destinations without any pre-setup and should come up with the right configuration as soon as they get Internet access.
-> Activate should be configured with devices MACs, serial numbers, and provisioning rules that redirect them to the standalone VMC at the DMZ
-> Users should be able to reach DNS, FTP, Web and telephone servers in the campus as well as send and receive IP telephone calls to and from the voice
10.1.50.0/24 segment.
-> Local Internet access should be granted.
Refer to the exhibit.


Refer to the scenario and the exhibit.

The standalone VMC will act as a VPN Concentrator of the RAPs. The network administrator configures the Standalone VMC with a pool of addresses and the
SOHOs AP Group from the MM.
Which additional steps must the network administrator perform to allow the RAPs to terminate their IPSec tunnels and associate to the Standalone VMC?

  • A. Add RAP MAC addresses into the RAP whitelist, and associate them with the SOHOs AP-Group.
  • B. Add RAP MAC addresses into the CPSec whitelist, and associate them with the SOHOs AP-Group.
  • C. Configure the same IP Pool at the MM group level, then create user accounts for the RAPs in the internal database.
  • D. Create user accounts with the sys-ap-role, and define shared secrets to associate to RAP IP addresses at the MM group level.


Answer : D

A financial institution contacts an Aruba partner to deploy an advanced and secure Mobility Master (MM)-Mobility Controller (MC) WLAN solution in its main campus and 14 small offices/home offices (SOHOs). Key requirements are that users at all locations, including telecommuters with VIA, should be assigned roles with policies that filter undesired traffic. Also, advanced WIPs should be enforced at the campus only.
These are additional requirements for this deployment:
-> RAPs should ship directly to their final destinations without any pre-setup and should come up with the right configuration as soon as they get Internet access.
-> Activate should be configured with devices MACs, serial numbers, and provisioning rules that redirect them to the standalone VMC at the DMZ
-> Users should be able to reach DNS, FTP, Web and telephone servers in the campus as well as send and receive IP telephone calls to and from the voice
10.1.50.0/24 segment.
-> Local Internet access should be granted.
Refer to the exhibit.


Refer to the scenario and the exhibit.
What is the minimal license capacity in use to support this proposal?
A.

B.

C.

D.



Answer : B

Refer to the exhibit.


Help desk staff receive reports from users that there is inefficient wireless service in a location serviced by AP20, AP21, and AP22, and open a ticket. A few hours later, the users report that there is a drastic improvement in service. The staff still wants to determine the cause of the problem so the next day thay start monitoring the tasks.
They access the Mobility Master (MM), and obtain the output shown in the exhibit.
What could be the cause of the problem that the users reported?

  • A. AirMatch was running an initial incremental optimization.
  • B. An operator used AirMatch to manually freeze AP channel and power.
  • C. An operator manually assigned settings in the radio profile.
  • D. AirMatch was running a full on-demand optimization.


Answer : B

Refer to the exhibit.


A network administrator configures a Mobility Master (MM)-Mobility Controller (MC) solution and integrates it with AirWave. The network administrator configures the SNMP and terminal credentials in the MM and MC, and then monitors the mobility devices from AirWave, including Clarity for user association and basic network services verification. However, AirWave does not display any UCC data that is available in the MM dashboard.
Based on the information shown in the exhibit, which configuration step should the network administrator do next in the MM to complete the integration with
AirWave?

  • A. Define AirWave as a management server in the MM.
  • B. Enable the inline network services statistics in the AMP profile.
  • C. Enable UCC monitoring in the AMP profile.
  • D. Verify the papi-security key in the AMP profile.


Answer : B

Refer to the exhibit.


A network administrator configures an Instant AP (IAP) to establish an Aruba IPSec tunnel across the Internet, and configures two DHCP pools for wireless users.
Based on the output shown in the exhibit, which device behaves as a DHCP server for the users?

  • A. Mobility Master
  • B. Mobility Controller
  • C. External server
  • D. DSL modem
  • E. Virtual Controller


Answer : B

A network administrator assists with the migration of a WLAN from a third-party vendor to Aruba in different locations throughout the country. In order to manage the solution from a central point, the network administrator decides to deploy redundant Mobility Masters (MMs) in a datacenter that are reachable through the
Internet.
Since not all locations own public IP addresses, the security team is not able to configure strict firewall policies at the datacenter without disrupting some MM to
Mobility Controller (MC) communications. They are also concerned about exposing the MMs to unauthorized inbound connection attempts.
What should the network administrator do to ensure the solution is functional and secure?

  • A. Deploy an MC at the datacenter as a VPN concentrator.
  • B. Block all ports to the MMs except UDP 500 and 4500.
  • C. Install a PEFV license, and configure firewall policies that protect the MM.
  • D. Block all inbound connections, and instruct the MM to initiate the connection to the MCs.


Answer : C

An airline wants to invest in an Aruba Mobility (MM)-Mobility Controller (MC) solution for the three hubs it has throughout the country. A single MM is located in the datacenter at one of the hubs. The MCs in the other two hubs reach the MM through a site-to-site IPSec VPN.
The operations team does not want to lose monitoring and configuration control of the MCs if something happens to the datacenter where the MM resides.
Which solution ensures that there is management access to the MCs in case of an MM failure due to a datacenter outage?

  • A. Deploy another MM in a different location, and enable L2 redundancy.
  • B. Install AirWave Management Platform, and enable Read and Write Management access on devices.
  • C. Deploy another MM in a different location, and enable L3 redundancy.
  • D. Deploy a local MM on each hub, and synchronize the configuration between all MMs.


Answer : B

A network administrator deploys APs with radios in Air Monitor mode and detects several APs and SSIDs that belong to stores next door. The Mobility Master
(MM) classifies the APs and SSIDs as potential rogues. The network administrator wants to prevent the Air Monitor from applying countermeasures against these
APs.
How can the network administrator accomplish this?

  • A. Select the BSSID and click reclassify, then select neighbor.
  • B. Run the Define WIP Policy task, and define the BSSIDs of the neighboring APs as interfering.
  • C. Select the BSSID and click reclassify, then select interfering.
  • D. Run the Define WIP Policy task, and define the BSSIDs of the neighboring APs as Authorized.


Answer : A

Refer to the exhibit.


A network administrator deploys a new WLAN named Corp-Network. The security suite is WPA2 with 802.1X. A new ClearPass server is used as the authentication server. Connection attempts to this WLAN are rejected, and no trace of the attempt is seen in the ClearPass Policy Manager Access Tracker.
However, the network administrator is able to see the logs shown in the exhibit.
What must the network administrator do to solve the problem?

  • A. Add the correct network device IP address in ClearPass.
  • B. Change the ClearPass server IP address in the MC.
  • C. Fix the RADIUS shared secret in the MC.
  • D. Disable machine authentication in the MC and client PC.


Answer : D

A network administrator needs to deploy L2 Mobility Master (MM) redundancy. MM1 uses IP address 10.201.0.10 and MAC address 1c:98:ec:25:48:50, and MM2 uses IP address 10.201.0.20 and MAC 1c:98:ec:99:8a:80. Both run VRRP process with VRID 201.
Which configuration should the network administrator use to accomplish this task?

  • A. /mm (MM1): database synchronize period 30 /mm/mynode (MM1): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.20 ipsec key123 /mm/mynode (MM2): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.10 ipsec key123
  • B. /mm (MM1): master-redundancy master-vrrp 10 peer-ip-address 10.201.0.20 ipsec key123 database synchronize period 30 /mm/mynode (MM2): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.10 ipsec key123
  • C. /mm/mynode (MM1): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.20 ipsec key123 database synchronize period 30 /mm/mynode (MM2): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.20 ipsec key123 database synchronize period 30
  • D. /mm (MM1): database synchronize period 30 /mm/mynode (MM1): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.10 ipsec key123 /mm/mynode (MM2): master-redundancy master-vrrp 201 peer-ip-address 10.201.0.20 ipsec key123


Answer : C

Refer to the exhibit.


A network engineer configures some VAPs in customer groups and creates a pool of licenses with enough units for seven APs. The network engineer deploys the first two APs, looks at the ap database, and notices the APs are inactive and experience licensing-related issues.
Based on the show command outputs shown in the exhibit, what must the engineer do to solve the problem?

  • A. Allocate two more MM-VA licenses to the pool.
  • B. Allocate two more MC-VA-US licenses to the pool.
  • C. Allocate seven more MM-VA licenses to the pool.
  • D. Allocate seven more MC-VA-US licenses to the pool.


Answer : A

Refer to the exhibit.


A network administrator evaluates a deployment to validate that users are assigned to the proper roles. Based on the output shown in the exhibit, what can the network administrator conclude?

  • A. The MC assigned the machine authentication default user role.
  • B. The MC assigned the role based on user-derivation rules.
  • C. The MC assigned the role based on server-derivation rules.
  • D. The MC assigned the default role of the authentication method.


Answer : D

Page:    1 / 5   
Total 66 questions