Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 17: Aruba Certified Mobility Associate Exam

Full screen (f)
exit full mode
Question
An administrator needs to modify a VAP used for a branch office RAP. The VAP's operating mode is currently defined as backup and uses tunnel mode forwarding. The administrator wants to implement split-tunnel forwarding mode in the VAP. Which WLAN operating mode must the administrator define for the VAP before the tunnel forwarding mode can be changed to split-tunnel?

A) Trusted
B) Always
C) Persistent
D) Standard
Use Space or
up arrow
down arrow
to flip the card.
Question
An administrator sets up a cluster of Aruba Mobility Controllers (MCs). What can the administrator determine about the cluster from the command output shown below? <strong>An administrator sets up a cluster of Aruba Mobility Controllers (MCs). What can the administrator determine about the cluster from the command output shown below? </strong> A) This is an L3-connected cluster. B) AP load balancing is enabled. C) This is an L2-connected cluster. D) User load balancing is enabled. <div style=padding-top: 35px>

A) This is an L3-connected cluster.
B) AP load balancing is enabled.
C) This is an L2-connected cluster.
D) User load balancing is enabled.
Question
An administrator creates a user role that department A in a company uses. Various other roles exist for other departments. All employees connect to the same ESSID, which authenticates to an external AAA server. How should the administrator configure the controller to assign the appropriate roles to the employees?

A) Implement default roles.
B) Implement user roles.
C) Implement AAA profile roles.
D) Implement server-derived roles.
Question
The administrator expects the AP to connect to a cluster, but the AP fails to connect. The administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine about the configuration of the AP? <strong>The administrator expects the AP to connect to a cluster, but the AP fails to connect. The administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine about the configuration of the AP? </strong> A) The AP is configured to terminate on a Mobility Controller in a cluster. B) The AP is configured as a RAP to terminate on a stand-alone controller. C) The AP is configured as a RAP to terminate on a Mobility Master. D) The AP is configured to terminate on a non-cluster Mobility Controller. <div style=padding-top: 35px>

A) The AP is configured to terminate on a Mobility Controller in a cluster.
B) The AP is configured as a RAP to terminate on a stand-alone controller.
C) The AP is configured as a RAP to terminate on a Mobility Master.
D) The AP is configured to terminate on a non-cluster Mobility Controller.
Question
An administrator needs to apply a patch to an Aruba environment to implement improvements for AirMatch. What is the Aruba recommended approach for this process without a reboot?

A) Upgrade the AirMatch Loadable Service Module (LSM) on the Mobility Master.
B) Upgrade the ArubaOS by the use of Live Upgrades (in-service upgrades).
C) Upgrade the AirMatch Loadable Service Module (LSM) on each Mobility Controller.
D) Create controller partitions to minimize downtime.
Question
A company opens a new branch office and a RAP is used to connect to a corporate office Aruba Mobility Controller (MC). The company needs to provide connectivity to the office across the street. There is an AP across the street. However, there is no wired connectivity between the buildings. Which actions can the administrator select to provide the required connectivity? (Choose two.)

A) Implement two mesh clusters.
B) Provision the RAP as a Remote Mesh Portal.
C) Provision all APs at the branch offices as Mesh Points.
D) Provision all APs at the branch offices as Mesh Portals.
E) Implement one of the APs as a Mesh Point.
Question
An administrator troubleshoots a roaming problem where a user loses connectivity to the network during the roaming process. To help troubleshoot this problem, which device or devices in a wireless network initiates the roaming process?

A) the AP
B) both the client and the controller
C) the client
D) the controller
Question
Refer to the exhibit. <strong>Refer to the exhibit. Controllers are configured in a cluster as shown in the exhibit. These are the network details. A Mobility Master (MM) manages the cluster. The cluster contains two controllers C1 and C2. AP1 and AP2 use C1 as their Active AP Anchor Controller (A-AAC), with C2 as their Standby AAC (S-AAC). AP3 and AP4 use C2 as their A-AAC, with C1 as their S-AAC. User1 establishes a wireless connection via AP1, where the Active User Anchor Controller (A-UAC) assigned is C1, with C2 as the standby. What happens when User1 roams the wireless network and eventually their session is handled by AP3?</strong> A) The AP3's A-AAC switches to C1, and the user's A-UAC switches to C2. B) The AP3's A-AAC switches to C1, and the user's A-UAC remains on C1. C) The AP3's A-AAC remains on C2, and the user's A-UAC switches to C2. D) The AP3's A-AAC remains on C2, and the user's A-UAC remains on C1. <div style=padding-top: 35px> Controllers are configured in a cluster as shown in the exhibit. These are the network details. A Mobility Master (MM) manages the cluster. The cluster contains two controllers C1 and C2. AP1 and AP2 use C1 as their Active AP Anchor Controller (A-AAC), with C2 as their Standby AAC (S-AAC). AP3 and AP4 use C2 as their A-AAC, with C1 as their S-AAC. User1 establishes a wireless connection via AP1, where the Active User Anchor Controller (A-UAC) assigned is C1, with C2 as the standby. What happens when User1 roams the wireless network and eventually their session is handled by AP3?

A) The AP3's A-AAC switches to C1, and the user's A-UAC switches to C2.
B) The AP3's A-AAC switches to C1, and the user's A-UAC remains on C1.
C) The AP3's A-AAC remains on C2, and the user's A-UAC switches to C2.
D) The AP3's A-AAC remains on C2, and the user's A-UAC remains on C1.
Question
An administrator creates new pre- and post-authentication roles for a new WLAN. For which profile should the administrator assign these new roles under the Managed Network section?

A) 802.1X
B) AAA profile
C) Server Groups
D) Virtual AP
Question
Which configuration command needs to be executed on an Aruba Mobility Controller (MC) to forward AP statistical data to an AirWave Management Platform (AMP)?

A) snmp-server
B) ssh-server
C) mgmt-server
D) tunneled-node-server
Question
Where on the Mobility Master (MM) can an administrator configure the VIA connection profile?

A) User Roles
B) L3 Authentication
C) AAA Profiles
D) L2 Authentication
Question
An administrator configures two Mobility Masters (MMs) for redundancy and database synchronization. Which protocol transports database information between the two MMs?

A) VRRP
B) AMON
C) SNMP
D) IPSec
Question
An administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine from the configuration? <strong>An administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine from the configuration? </strong> A) The RAP terminated on a Mobility Master. B) The AP terminated on a non-cluster Mobility Controller. C) The AP terminated on a Mobility Controller in a cluster. D) The RAP terminated on a stand-alone controller. <div style=padding-top: 35px>

A) The RAP terminated on a Mobility Master.
B) The AP terminated on a non-cluster Mobility Controller.
C) The AP terminated on a Mobility Controller in a cluster.
D) The RAP terminated on a stand-alone controller.
Question
What can the administrator determine from the configuration shown below? <strong>What can the administrator determine from the configuration shown below? </strong> A) ??2 is the Mobility Master. B) All the controllers run in standalone mode. C) All the controllers run in a cluster. D) VRRP is used for Mobility Master redundancy. <div style=padding-top: 35px>

A) ??2 is the Mobility Master.
B) All the controllers run in standalone mode.
C) All the controllers run in a cluster.
D) VRRP is used for Mobility Master redundancy.
Question
An administrator supports a RAP at a branch office. A user's device that is attached to the Ethernet port is assigned an 802.1X AAA policy and is configured for tunneled node. How is the user's traffic transmitted to the corporate office?

A) It is not encapsulated by GRE and not protected with IPSec.
B) It is encapsulated by GRE and protected with IPSec.
C) It is not encapsulated by GRE but is protected with IPSec.
D) It is encapsulated by GRE and not protected with IPSec.
Question
A network of Mobility Controllers (MCs) is managed by a Mobility Master (MM). An administrator misconfigures the IP addressing on an MC and the MC loses connectivity to the MM. How should the administrator fix this problem?

A) Restore the previous configuration on the Mobility Master.
B) Use the disaster recovery mode on the Mobility Master.
C) Use the auto-recovery mode on the Mobility Master.
D) Use the disaster recovery mode on the Mobility Controller.
Question
Which forwarding mode is used for a WLAN if a RAP needs to decrypt all user traffic and forward it locally?

A) Bridge
B) Decrypt-tunnel
C) Tunnel
D) Split-tunnel
Question
Which RAP WLAN operation mode should an administrator configure if the SSID should only be advertised if controller connectivity is lost?

A) Standard
B) Persistent
C) Always
D) Backup
Question
An administrator stages an AP and re-provisions it as a RAP from the Mobility Master (MM). When re-provisioning the RAP, the administrator must enter a user's credentials. What is the purpose of these credentials?

A) to authenticate the RAP device
B) to authenticate users on wireless ports
C) to authenticate users on wired and wireless ports
D) to authenticate users on wired ports
Question
A Microsoft RADIUS server is used to centralize AAA functions by a company. Upon a successful authentication lookup performed by an Aruba Mobility Controller (MC), the administrator wants to have the RADIUS server pass back the correct post-authentication role name that the controller should apply to the user's traffic. Which additional task must the administrator perform for the controller's configuration to implement this process?

A) Configure the server-derived rules on the controller.
B) Install ClearPass's VSA file on the controller.
C) Install Microsoft's VSA file on the controller.
D) Enable AAA on the controller.
Question
A VIA client tries to initially connect to a corporate office controller through an intermediate firewall. However, the VPN connection fails. The administrator examines the firewall rules and determines that rules for UDP 4500 and UDP 500 are configured. Which additional protocol must be allowed in the firewall rules to resolve this connection failure?

A) TCP 22
B) UDP 8200
C) ESP
D) TCP 443
Question
Refer to the exhibit. <strong>Refer to the exhibit. The Branch office RAP shown in the exhibit provides secure wireless employee access. Because of security concerns, the company's security policy does not allow wireless guest access. Some customers that visit the Branch office need Internet access. A RAP's Ethernet Port 3 is used for wired guest access and Port 2 is used for wired employee access. When employees connect to Port 2, they are authenticated successfully and a split-tunnel policy allows them access to both corporate and Internet resources from the Branch office. Guest users, however, cannot access Internet resources on Port 3. How can the administrator provide guest users Internet access?</strong> A) Create a guest VAP that allows wired RAP port access. B) Implement ClientMatch to handle the employee and guest user traffic correctly. C) Configure a bridge role for the wired RAP port. D) Implement the MultiZone feature on the RAP. <div style=padding-top: 35px> The Branch office RAP shown in the exhibit provides secure wireless employee access. Because of security concerns, the company's security policy does not allow wireless guest access. Some customers that visit the Branch office need Internet access. A RAP's Ethernet Port 3 is used for wired guest access and Port 2 is used for wired employee access. When employees connect to Port 2, they are authenticated successfully and a split-tunnel policy allows them access to both corporate and Internet resources from the Branch office. Guest users, however, cannot access Internet resources on Port 3. How can the administrator provide guest users Internet access?

A) Create a guest VAP that allows wired RAP port access.
B) Implement ClientMatch to handle the employee and guest user traffic correctly.
C) Configure a bridge role for the wired RAP port.
D) Implement the MultiZone feature on the RAP.
Question
An administrator at Campus A manages Aruba Mobility Controllers (MCs). The administrator defines a server group that includes a local ClearPass server and a remote Microsoft RADIUS server. The ClearPass server has the credentials for users at Campus A and the Microsoft RADIUS server has the credentials for users at Campus ?. Users at Campus A successfully authenticate and connect to the Campus A wireless network. However, when users from Campus ? visit Campus A they fail authentication. What can the administrator do to solve this problem?

A) Enable EAP termination on the ClearPass server.
B) Enable machine authentication on the Mobility Controllers.
C) Enable EAP-TTLS with EAP Termination on the Mobility Controllers.
D) Enable FastConnect on the Campus A Mobility Controllers.
Question
An administrator configures the MultiZone feature for a company network, where a mobility cluster is the primary zone and a standalone controller in the company's DMZ represents a secondary data zone. The administrator configures two AP Groups and respective VAPs for the zones on the Mobility Master (MM) in the primary zone. When the APs boot up and establish connections to both zones, the administrator notices that no data connections are established to the data zone. What must the administrator do to fix this problem?

A) Configure the same AP Groups and VAPs on the standalone controller, and associate the MultiZone APs to both groups.
B) Configure the same AP Group in the data zone as it is in the primary zone, and configure the VAPs in the data zone.
C) Have the MultiZone APs initially boot from the standalone controller in the data zone.
D) Create different AP Groups and VAPs on the Mobility Master and standalone controllers, and associate the MuttiZone APs to both groups.
Question
An administrator supports a cluster of four Aruba Mobility Controllers (MCs) with management addresses of 10.1.100.101, 10.1.100.102, 10.1.100.103, and 10.1.305.114. The administrator accesses an AP associated with this cluster, reboots it, and accesses apboot mode. The administrator executes the printenv command. Which AP parameter contains the IP addresses of the cluster members that the AP should use to connect to the cluster?

A) master_ip
B) cfg_lms
C) servername
D) nodelist
Question
What is true about the operation of the Aruba Mobility Controller (MC) shown below? <strong>What is true about the operation of the Aruba Mobility Controller (MC) shown below? </strong> A) The disaster recovery mode is enabled, and changes will be sent to the Mobility Master. B) The disaster recovery mode is disabled, and changes will be sent to the Mobility Master. C) The disaster recovery mode is enabled, and no changes will be forwarded to the Mobility Master. D) The Mobility Master is in disaster recovery mode and will push changes to a Managed Controller. <div style=padding-top: 35px>

A) The disaster recovery mode is enabled, and changes will be sent to the Mobility Master.
B) The disaster recovery mode is disabled, and changes will be sent to the Mobility Master.
C) The disaster recovery mode is enabled, and no changes will be forwarded to the Mobility Master.
D) The Mobility Master is in disaster recovery mode and will push changes to a Managed Controller.
Question
Which Aruba Mobility Controller (MC) administrative role should an administrator assign to a receptionist so that they can create and manage guest accounts?

A) network-operations
B) guest-provisioning
C) guest-operator
D) receptionist
Question
An administrator wants to implement a Live Upgrade (in-service upgrade) of a cluster in an Aruba wireless solution. Which ArubaOS feature does the Mobility Master (MM) use to ensure RF redundancy, so that when one or more APs are rebooted there is no loss of wireless coverage for users?

A) AirMatch
B) Mobility Controller load balancing
C) AP image verification
D) AP image preload
Question
A guest establishes an authenticated wireless session to an Aruba Mobility Controller (MC). The controller uses a ClearPass server for all AAA functions. Which AAA component disconnects the user when the guest exceeds their allowed duration?

A) SNMP Disconnect
B) Active Directory Session Limits
C) RADIUS Authorization Profile
D) RADIUS Change of Authorization
Question
An administrator supports an Aruba wireless solution that uses ClearPass to implement server role assignment. A user reports that they are not able to access the correct department resources. The administrator determines from the connected controller that the user is associated to the login user profile instead of the department user profile. What should the administrator examine on the ClearPass server to determine the Aruba VSA User Role value that ClearPass returns to the controller?

A) Accounting
B) Audit Viewer
C) Event Viewer
D) Access Tracker
Question
Refer to the exhibit. <strong>Refer to the exhibit. Which controller shown in the exhibit is elected as the cluster leader?</strong> A) Controller A B) Controller ? C) Controller C D) Controller D <div style=padding-top: 35px> Which controller shown in the exhibit is elected as the cluster leader?

A) Controller A
B) Controller ?
C) Controller C
D) Controller D
Question
An administrator wants to reduce downtime of the wireless network when controllers are upgraded. Which ArubaOS feature should the administrator implement to reduce the amount of downtime the APs will experience at the time of the upgrade process?

A) AP image preload
B) Centralized upgrades
C) AP fast start
D) AP apboot mode bypass
Question
What must the administrator configure on AirWave to monitor and run operational commands on the Aruba Mobility Masters (MMs) and Mobility Controllers (MCs)?

A) PAPI and SNMP
B) PAPI and SSH/telnet
C) SNMP and HTTPS
D) SNMP and SSH/telnet
Question
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements AP licensing on a Mobility Master (MM). Each campus is responsible to purchase its own AP licenses. There are 900 AP licenses deployed in the global pool. There are three dedicated pools. From the global pool, 300 AP licenses are assigned to each dedicated pool. Network engineers at CampusA want to deploy an additional 100 APs. Currently all of the AP licenses in CampusA and CampusB are allocated, but only 200 of the AP licenses in CampusC are allocated. What can the administrator do to add capacity for CampusA in alignment with campus policies?</strong> A) Add 100 more AP licenses and assign them to the CampusA pool. B) Allow CampusA to share from the CampusC pool. C) Move 100 licenses from the CampusC pool to the global pool. D) Add 100 more AP licenses to the global pool. <div style=padding-top: 35px> An administrator implements AP licensing on a Mobility Master (MM). Each campus is responsible to purchase its own AP licenses. There are 900 AP licenses deployed in the global pool. There are three dedicated pools. From the global pool, 300 AP licenses are assigned to each dedicated pool. Network engineers at CampusA want to deploy an additional 100 APs. Currently all of the AP licenses in CampusA and CampusB are allocated, but only 200 of the AP licenses in CampusC are allocated. What can the administrator do to add capacity for CampusA in alignment with campus policies?

A) Add 100 more AP licenses and assign them to the CampusA pool.
B) Allow CampusA to share from the CampusC pool.
C) Move 100 licenses from the CampusC pool to the global pool.
D) Add 100 more AP licenses to the global pool.
Question
An administrator wants to temporarily deny login access to users who fail 802.1x authentication functions three or more times. Which process will the administrator need to configure?

A) fail through
B) captive portal
C) EAP termination
D) blacklisting
Question
In a cluster-controller environment, which Aruba component in a network builds a cache table of mDNS records that can be used to help user devices access Apple Bonjour services?

A) the Mobility Master
B) the Mobility Master and cluster members
C) the Mobility Controllers that are cluster members
D) any Aruba Mobility Controller
Question
A user uses Microsoft Windows for a wireless session. Based on the output shown in the exhibit for the selected Aruba AP, what is the possible problem with this user's wireless session? <strong>A user uses Microsoft Windows for a wireless session. Based on the output shown in the exhibit for the selected Aruba AP, what is the possible problem with this user's wireless session? </strong> A) The controller cannot reach the AAA server to perform the authentication. B) The user misconfigured the Managed Network Settings profile in Windows. C) The AP has reached the limit for number of users that are allowed to connect to the radio. D) The user is configured for PEAP, but the WLAN profile on the controller implemented EAP-TLS. <div style=padding-top: 35px>

A) The controller cannot reach the AAA server to perform the authentication.
B) The user misconfigured the Managed Network Settings profile in Windows.
C) The AP has reached the limit for number of users that are allowed to connect to the radio.
D) The user is configured for PEAP, but the WLAN profile on the controller implemented EAP-TLS.
Question
What can be determined from the command output shown below? <strong>What can be determined from the command output shown below? </strong> A) The synchronized data is protected by VRRP. B) The command was executed on the standby Mobility Master (MM). C) The synchronization period is at its default value. D) The other Mobility Master (MM) is the active license server. <div style=padding-top: 35px>

A) The synchronized data is protected by VRRP.
B) The command was executed on the standby Mobility Master (MM).
C) The synchronization period is at its default value.
D) The other Mobility Master (MM) is the active license server.
Question
An administrator deploys an Aruba wireless solution comprised of: a pair of Mobility Masters (MMs) multiple Mobility Controllers (MCs) and Virtual Mobility Controllers (VMCs) an AirWave server a ClearPass server The Aruba Mobility solution runs ArubaOS 8.X. Which component in this environment globally defines and deploys VLANs for wireless users?

A) ClearPass server
B) AirWave server
C) Mobility Master
D) Mobility Controller or Virtual Mobility Controller
Question
An administrator wants to implement bandwidth limits for guest users to restrict their Internet usage. On the Mobility Master (MM), where would the administrator define these limits?

A) Firewall policy
B) AAA policy
C) User role
D) 802.1X policy
Question
Refer to the exhibit. <strong>Refer to the exhibit. An administrator wants to verify the operation of MultiZone in a network. The administrator uses the command show ap debug multizone to generate the output shown in the exhibit. Based on the output, which statement is true?</strong> A) Zone 1 is the primary zone, and zone 0 is the data zone. B) The MultiZone APs are in a cluster. C) The maximum VAPs in the MultiZone is 15. D) The primary zone has limited the data zone to one WLAN. <div style=padding-top: 35px> An administrator wants to verify the operation of MultiZone in a network. The administrator uses the command show ap debug multizone to generate the output shown in the exhibit. Based on the output, which statement is true?

A) Zone 1 is the primary zone, and zone 0 is the data zone.
B) The MultiZone APs are in a cluster.
C) The maximum VAPs in the MultiZone is 15.
D) The primary zone has limited the data zone to one WLAN.
Question
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements the MultiZone feature. The administrator sets up five zones as shown in the exhibit. Zone A has six controllers that form a cluster. Zone B has three controllers that form a cluster. Zones C, D, and E have a single standalone controller each. A total of 13 VAPs are created across the five zones. A zone needs to accept RAP connections from branch offices. All zones have the same AP Group name. One of the zones will not accept connections from the MultiZone APs. What could be a cause of this problem?</strong> A) RAPs are used in the configuration. B) The number of zones exceeds the maximum limit of four zones. C) The number of VAPs exceeds the maximum limit of 12 VAPs. D) AP Group names are different for each zone. <div style=padding-top: 35px> An administrator implements the MultiZone feature. The administrator sets up five zones as shown in the exhibit. Zone A has six controllers that form a cluster. Zone B has three controllers that form a cluster. Zones C, D, and E have a single standalone controller each. A total of 13 VAPs are created across the five zones. A zone needs to accept RAP connections from branch offices. All zones have the same AP Group name. One of the zones will not accept connections from the MultiZone APs. What could be a cause of this problem?

A) RAPs are used in the configuration.
B) The number of zones exceeds the maximum limit of four zones.
C) The number of VAPs exceeds the maximum limit of 12 VAPs.
D) AP Group names are different for each zone.
Question
An administrator moves an AP from Campus 1 to Campus 2. At the Campus 2, the moved AP does not connect to a controller and download an AP Group configuration. Which process should the administrator perform to reset the AP back to its initial default state?

A) From the AP's ArubaOS CLI, execute write erase all . From the AP's ArubaOS CLI, execute write erase all .
B) From apboot mode, execute factory_reset . From apboot mode, execute factory_reset
C) From the controller's ArubaOS CLI, execute write erase all . From the controller's ArubaOS CLI, execute
D) From apboot mode, execute reset . reset
Question
An administrator implements blacklisting of users that fail authentication functions three or more times. By default, how long will these users have to wait before they can successfully log into the network again?

A) 15 minutes
B) 1 hour
C) 4 hours
D) 24 hours
Question
A branch office location has two buildings: an office and a small warehouse that are within 20 meters of each other. A RAP at the branch office provides connectivity to the corporate office network. This RAP is also configured as a Remote Mesh Portal (RMP). Which solution should the administrator implement to provide connectivity between the office and small warehouse buildings at the branch office location?

A) Deploy a Remote Mesh Point AP in the warehouse building to connect to the Remote Mesh Portal in the office building.
B) Deploy an ArubaOS-Switch in the warehouse building with tunneled node to connect to the Remote Mesh Portal in the office building.
C) Deploy a Mesh Point AP in the warehouse building to connect to the Remote Mesh Portal in the office building.
D) Deploy a Remote Mesh Portal in the warehouse building to connect to the Remote Mesh Portal in the office building.
Question
An administrator wants to change the default roles for the pre- and post-authentication user roles for a WLAN on a Mobility Master (MM). The controllers in the network perform all authentication. Under the Managed Network hierarchy, where can the administrator assign these roles?

A) AAA Server Group
B) AAA Profiles
C) VLAN
D) RADIUS attributes
Question
An administrator supports Aruba Mobility Controllers (MCs) managed by a Mobility Master (MM) in a non-cluster deployment. The administrator performs these tasks on the MM for the MCs: Enables L3 IP mobility for the respective VAPs on the MCs Creates a L3 domain and places the MCs in the domain However, roaming does not work when users roam from an AP connected to one controller in the domain to an AP connected to a different controller in the domain. What must the administrator do to fix this problem?

A) Configure the same VLANs on the Mobility Controllers in the L3 domain.
B) Re-provision the APs associated with the Mobility Controllers.
C) Enable L3 IP Mobility globally on the Mobility Controllers.
D) Create a home-agent-to-foreign-agent mapping table.
Question
Which Aruba Unified Communications and Collaboration (UCC) deployment mode should be used when UCC is disabled on the Mobility Controllers (MCs)?

A) Heuristics mode
B) ALG mode
C) SDN-API mode
D) WMM mode
Question
An administrator manages an Aruba wireless network. ClearPass is used to centralize AAA functions. The administrator wants to implement server role derivation. Which information will the ClearPass server return in regards to the user role assignment?

A) RADIUS VSA Firewall-Role
B) Aruba VSA Aruba-User-Role
C) RADIUS VSA User-Role
D) Aruba VSA Firewall-Role
Question
Which network components are tracked by Aruba Clarity? (Choose two.)

A) WLAN health
B) Wireless associations
C) Client health
D) DNS lookups
E) AP and controller health
Question
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements an L2 cluster of Aruba Mobility Controllers (MCs) as shown in the exhibit. An external RADIUS AAA server authentication clients associated with the Active User Anchor Controller (A-UAC), where the NAS IP address sent from Controller B is 10.254.1.2. By default, what happens to the user's session when it is handed over to the Standby UAC (S-UAC) after a failover?</strong> A) The user's session remains active and RADIUS messages can still be processed between the S-UAC and AAA server. B) The user's session remains active, but the AAA server cannot implement RADIUS Change of Authorization (CoA). C) The user's session is disconnected and has to reconnect, but the S-UAC automatically updates the NAS-IP address on the AAA server to record the event. D) The user's session is disconnected and has to reconnect, and no record of this process is stored on the AAA server. <div style=padding-top: 35px> An administrator implements an L2 cluster of Aruba Mobility Controllers (MCs) as shown in the exhibit. An external RADIUS AAA server authentication clients associated with the Active User Anchor Controller (A-UAC), where the NAS IP address sent from Controller B is 10.254.1.2. By default, what happens to the user's session when it is handed over to the Standby UAC (S-UAC) after a failover?

A) The user's session remains active and RADIUS messages can still be processed between the S-UAC and AAA server.
B) The user's session remains active, but the AAA server cannot implement RADIUS Change of Authorization (CoA).
C) The user's session is disconnected and has to reconnect, but the S-UAC automatically updates the NAS-IP address on the AAA server to record the event.
D) The user's session is disconnected and has to reconnect, and no record of this process is stored on the AAA server.
Question
Refer to the exhibit. <strong>Refer to the exhibit. An administrator wants to centralize administrative access to the Aruba Mobility Controllers (MC) and Mobility Master (MM). ClearPass is set up and the preferred authentication protocol is TACACS+. Where should the administrator perform this configuration in the MM hierarchy shown in the exhibit?</strong> A) at the Managed Network level B) at both the Mobility Master and Managed Network levels C) at the two campus levels D) at the controller levels <div style=padding-top: 35px> An administrator wants to centralize administrative access to the Aruba Mobility Controllers (MC) and Mobility Master (MM). ClearPass is set up and the preferred authentication protocol is TACACS+. Where should the administrator perform this configuration in the MM hierarchy shown in the exhibit?

A) at the Managed Network level
B) at both the Mobility Master and Managed Network levels
C) at the two campus levels
D) at the controller levels
Question
An administrator adds local administrative accounts to manage the Aruba Mobility Controllers (MCs). Which role should be assigned to an administrator who needs to only generate reports and monitor WLANS and ports?

A) root
B) network-operations
C) location-api-management
D) AP-provisioning
Question
An administrator implements a ClearPass solution to authenticate Aruba wireless users. The Aruba wireless solution is an ArubaOS 8.x Mobility Master (MM) deployment. ClearPass sends an Aruba VSA role name for an authenticated user. However, the administrator notices that the role assigned to the user is different from the one assigned by the ClearPass server. Which two items should the administrator verify that might be the cause of this problem? (Choose two.)

A) role existence on the Managed Network
B) order assignment that the controller uses to select a user role
C) server-derived role assignment on the ClearPass server
D) spelling of the role on the ClearPass server
E) enablement of user roles on the controller
Question
Which device can terminate to a cluster of Aruba Mobility Controllers (MCs) that run ArubaOS 8.x?

A) IAP
B) RAP
C) BLE Beacon
D) Mobility Master
Question
An administrator creates a User Rule for role derivation on the Mobility Master (MM). Which client information can an administrator specify to identify that a particular user should be assigned a different role from the initial role?

A) IP address
B) VLAN
C) MAC address
D) Profiling information
Question
An administrator needs to authenticate users connected to an ArubaOS-Switch where the switch authenticates the user, assigns the firewall policies to the user, and processes some of the users' traffic. Which connection method should the administrator configure on the ArubaOS-Switch?

A) Per-port tunneled node
B) Per-user tunneled node
C) VLAN tunneled mode
D) Split-tunneled mode
Question
An administrator sets up a network scan set in AirWave to scan a subnet to identify devices for a firmware upgrade. The scan completes and AirWave successfully uses the SNMP credentials to validate SNMP access. However, SSH access fails and the administrator must manually configure the SSH credentials used for all of these devices. What should the administrator have done before running the network scan?

A) Monitor the devices for needed firmware upgrades.
B) Define a scan credentials set for the devices.
C) Change the default credentials of the devices.
D) Manually upgrade the firmware of the devices.
Question
An administrator needs to implement multiple configuration changes on a set of Aruba Mobility Controllers (MCs) that involve both VLAN and interface configurations at the same time. The controllers are deployed in a cluster. How can the administrator accomplish this task?

A) Apply pending changes, and schedule the changes to occur at a similar time.
B) Create a template and deploy the changes by use of the bulk configuration update feature.
C) Use AirWave to deploy the changes to respective controllers in the cluster.
D) Use the Live Update (in-service update) feature for a cluster of controllers.
Question
An administrator implements the MultiZone feature and uses two clusters that utilize CPSec. A primary and a data zone are created. MultiZone APs successfully build sessions to the primary cluster but fail to establish sessions to the data zone cluster. What must the administrator do to solve this problem?

A) Enable MultiZone booting in the MultiZone AP apboot configuration mode.
B) Enable CPSec in the MultiZone profile for both the primary and data zone.
C) Add the MultiZone APs to the data zone's CPSec whitelist.
D) Use different AP Group names for the two zones.
Question
An administrator uses a ClearPass server to perform user authentication and download the role configuration that should be applied to the user's session. The server is associated to an AAA profile of a VAP. However, when a user connects to the SSID of the VAP, they are assigned the default role. What must the administrator do to ensure that the role is downloaded and used?

A) Enable server derivation in the AAA Server Group.
B) Enable server derivation in the server group.
C) Enable server derivation in the ClearPass' RADIUS configuration.
D) Enable download role for CPPM in the VAP's WLAN profile.
Question
What must an administrator configure in order for the ClearPass server to execute a RADIUS Change of Authorization (CoA) to Aruba Mobility Controllers (MCs) in a cluster?

A) Primary and backup LMS IP addresses
B) Active and Standby AAC with clustering
C) IPSec High Availability (HA) between two cluster members
D) VRRP IP on each cluster member
Question
Which protocol is used between Aruba Mobility Controllers (MC) and ArubaOS-Switches to negotiate tunneled node?

A) PAPI
B) GRE
C) IPSec
D) SNMP
Question
A VIA client tries to connect to a corporate office controller through an intermediate firewall. However, the VPN connection fails. The administrator examines the firewall rules and determines that rules for TCP 443 and UDP 500 are configured. Which additional protocol must be allowed in the firewall rules to resolve this connection failure?

A) TCP 389
B) UDP 4500
C) UDP 8200
D) TCP 993
Question
An administrator suspects that the network drops frames between a wireless client and an Aruba Mobility Controller (MC). The administrator wants to examine the frames between the AP and the controller to determine if any frames are missing. Which solution allows the administrator to use a protocol analyzer to examine the contents of the 802.11 frames between the AP and controller?

A) Implement decrypt-tunnel mode.
B) Implement GRE mode.
C) Implement bridge mode.
D) Implement split-tunnel mode.
Question
Which protocol is used to tunnel user traffic when an administrator implements tunneled node between an ArubaOS-Switch and an Aruba Mobility Controller (MC)?

A) IPSec
B) PAPI
C) GRE
D) AMON
Question
An administrator mistakenly configures the wrong VLAN setting on a managed controller's interface. This causes the controller to lose management access to the Mobility Master (MM). The administrator knows that the auto roll-back feature will revert the managed controller to a previous configuration that was used prior to the change. Which command can the administrator use to validate that the rollback process is successful?

A) show debug
B) show switches
C) show config status
D) show controller-ip
Question
An AP connects to a controller. Then, the AP loses power and reboots. Which parameters will the AP remember and use from its initial connection? (Choose two.)

A) Server IP
B) AP group
C) AirWave server name
D) AP IP address and subnet mask
E) Mobility Master IP
Question
On the Aruba Mobility Master (MM), when is an AP configured to act as a Mesh Portal or Mesh Point?

A) at the time of the AP's apboot mode CLI
B) when the mesh radio profile is created
C) when the APs are provisioned
D) when the mesh cluster profile is created
Question
Which configuration command enables an Aruba Mobility Controller (MC) to send AMON messages to an AirWave System?

A) snmp-server
B) auth-server
C) mgmt-server
D) tunneled-node-server
Question
Refer to the exhibit. <strong>Refer to the exhibit. An AP is connected to a cluster of controllers. An AAA server provides all authentication and authorization functions for wireless users. A wireless user connects to an AP, and Active User Anchor Controller (A-UAC) and Standby UAC (S-UAC) tunnels are built from the AP to the respective controllers in the cluster. Why would an administrator create four VRRP groups with four Virtual IP (VIP) addresses in the cluster?</strong> A) to allow the AAA Server to enforce RADIUS CoA in case the A-UAC experiences an outage B) to allow High Availability (HA) Fast Failover to function in case a controller experiences an outage C) to allow the AP to establish redundant AP Anchor Controller (AAC) connections to the cluster D) to provide a VRRP group for election of the cluster leader <div style=padding-top: 35px> An AP is connected to a cluster of controllers. An AAA server provides all authentication and authorization functions for wireless users. A wireless user connects to an AP, and Active User Anchor Controller (A-UAC) and Standby UAC (S-UAC) tunnels are built from the AP to the respective controllers in the cluster. Why would an administrator create four VRRP groups with four Virtual IP (VIP) addresses in the cluster?

A) to allow the AAA Server to enforce RADIUS CoA in case the A-UAC experiences an outage
B) to allow High Availability (HA) Fast Failover to function in case a controller experiences an outage
C) to allow the AP to establish redundant AP Anchor Controller (AAC) connections to the cluster
D) to provide a VRRP group for election of the cluster leader
Question
An administrator sets up a firewall policy that implements split-tunneling for RAPs. Which firewall rule action should the administrator specify for traffic that the RAP should forward directly to the Internet?

A) route:dst-nat
B) route:src-nat
C) permit
D) split-tunnel
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/72
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 17: Aruba Certified Mobility Associate Exam
1
An administrator needs to modify a VAP used for a branch office RAP. The VAP's operating mode is currently defined as backup and uses tunnel mode forwarding. The administrator wants to implement split-tunnel forwarding mode in the VAP. Which WLAN operating mode must the administrator define for the VAP before the tunnel forwarding mode can be changed to split-tunnel?

A) Trusted
B) Always
C) Persistent
D) Standard
Standard
2
An administrator sets up a cluster of Aruba Mobility Controllers (MCs). What can the administrator determine about the cluster from the command output shown below? <strong>An administrator sets up a cluster of Aruba Mobility Controllers (MCs). What can the administrator determine about the cluster from the command output shown below? </strong> A) This is an L3-connected cluster. B) AP load balancing is enabled. C) This is an L2-connected cluster. D) User load balancing is enabled.

A) This is an L3-connected cluster.
B) AP load balancing is enabled.
C) This is an L2-connected cluster.
D) User load balancing is enabled.
AP load balancing is enabled.
3
An administrator creates a user role that department A in a company uses. Various other roles exist for other departments. All employees connect to the same ESSID, which authenticates to an external AAA server. How should the administrator configure the controller to assign the appropriate roles to the employees?

A) Implement default roles.
B) Implement user roles.
C) Implement AAA profile roles.
D) Implement server-derived roles.
Implement user roles.
4
The administrator expects the AP to connect to a cluster, but the AP fails to connect. The administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine about the configuration of the AP? <strong>The administrator expects the AP to connect to a cluster, but the AP fails to connect. The administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine about the configuration of the AP? </strong> A) The AP is configured to terminate on a Mobility Controller in a cluster. B) The AP is configured as a RAP to terminate on a stand-alone controller. C) The AP is configured as a RAP to terminate on a Mobility Master. D) The AP is configured to terminate on a non-cluster Mobility Controller.

A) The AP is configured to terminate on a Mobility Controller in a cluster.
B) The AP is configured as a RAP to terminate on a stand-alone controller.
C) The AP is configured as a RAP to terminate on a Mobility Master.
D) The AP is configured to terminate on a non-cluster Mobility Controller.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
5
An administrator needs to apply a patch to an Aruba environment to implement improvements for AirMatch. What is the Aruba recommended approach for this process without a reboot?

A) Upgrade the AirMatch Loadable Service Module (LSM) on the Mobility Master.
B) Upgrade the ArubaOS by the use of Live Upgrades (in-service upgrades).
C) Upgrade the AirMatch Loadable Service Module (LSM) on each Mobility Controller.
D) Create controller partitions to minimize downtime.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
6
A company opens a new branch office and a RAP is used to connect to a corporate office Aruba Mobility Controller (MC). The company needs to provide connectivity to the office across the street. There is an AP across the street. However, there is no wired connectivity between the buildings. Which actions can the administrator select to provide the required connectivity? (Choose two.)

A) Implement two mesh clusters.
B) Provision the RAP as a Remote Mesh Portal.
C) Provision all APs at the branch offices as Mesh Points.
D) Provision all APs at the branch offices as Mesh Portals.
E) Implement one of the APs as a Mesh Point.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
7
An administrator troubleshoots a roaming problem where a user loses connectivity to the network during the roaming process. To help troubleshoot this problem, which device or devices in a wireless network initiates the roaming process?

A) the AP
B) both the client and the controller
C) the client
D) the controller
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
8
Refer to the exhibit. <strong>Refer to the exhibit. Controllers are configured in a cluster as shown in the exhibit. These are the network details. A Mobility Master (MM) manages the cluster. The cluster contains two controllers C1 and C2. AP1 and AP2 use C1 as their Active AP Anchor Controller (A-AAC), with C2 as their Standby AAC (S-AAC). AP3 and AP4 use C2 as their A-AAC, with C1 as their S-AAC. User1 establishes a wireless connection via AP1, where the Active User Anchor Controller (A-UAC) assigned is C1, with C2 as the standby. What happens when User1 roams the wireless network and eventually their session is handled by AP3?</strong> A) The AP3's A-AAC switches to C1, and the user's A-UAC switches to C2. B) The AP3's A-AAC switches to C1, and the user's A-UAC remains on C1. C) The AP3's A-AAC remains on C2, and the user's A-UAC switches to C2. D) The AP3's A-AAC remains on C2, and the user's A-UAC remains on C1. Controllers are configured in a cluster as shown in the exhibit. These are the network details. A Mobility Master (MM) manages the cluster. The cluster contains two controllers C1 and C2. AP1 and AP2 use C1 as their Active AP Anchor Controller (A-AAC), with C2 as their Standby AAC (S-AAC). AP3 and AP4 use C2 as their A-AAC, with C1 as their S-AAC. User1 establishes a wireless connection via AP1, where the Active User Anchor Controller (A-UAC) assigned is C1, with C2 as the standby. What happens when User1 roams the wireless network and eventually their session is handled by AP3?

A) The AP3's A-AAC switches to C1, and the user's A-UAC switches to C2.
B) The AP3's A-AAC switches to C1, and the user's A-UAC remains on C1.
C) The AP3's A-AAC remains on C2, and the user's A-UAC switches to C2.
D) The AP3's A-AAC remains on C2, and the user's A-UAC remains on C1.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
9
An administrator creates new pre- and post-authentication roles for a new WLAN. For which profile should the administrator assign these new roles under the Managed Network section?

A) 802.1X
B) AAA profile
C) Server Groups
D) Virtual AP
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
10
Which configuration command needs to be executed on an Aruba Mobility Controller (MC) to forward AP statistical data to an AirWave Management Platform (AMP)?

A) snmp-server
B) ssh-server
C) mgmt-server
D) tunneled-node-server
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
11
Where on the Mobility Master (MM) can an administrator configure the VIA connection profile?

A) User Roles
B) L3 Authentication
C) AAA Profiles
D) L2 Authentication
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
12
An administrator configures two Mobility Masters (MMs) for redundancy and database synchronization. Which protocol transports database information between the two MMs?

A) VRRP
B) AMON
C) SNMP
D) IPSec
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
13
An administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine from the configuration? <strong>An administrator examines the configuration of an AP from apboot mode shown in the exhibit. What can the administrator determine from the configuration? </strong> A) The RAP terminated on a Mobility Master. B) The AP terminated on a non-cluster Mobility Controller. C) The AP terminated on a Mobility Controller in a cluster. D) The RAP terminated on a stand-alone controller.

A) The RAP terminated on a Mobility Master.
B) The AP terminated on a non-cluster Mobility Controller.
C) The AP terminated on a Mobility Controller in a cluster.
D) The RAP terminated on a stand-alone controller.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
14
What can the administrator determine from the configuration shown below? <strong>What can the administrator determine from the configuration shown below? </strong> A) ??2 is the Mobility Master. B) All the controllers run in standalone mode. C) All the controllers run in a cluster. D) VRRP is used for Mobility Master redundancy.

A) ??2 is the Mobility Master.
B) All the controllers run in standalone mode.
C) All the controllers run in a cluster.
D) VRRP is used for Mobility Master redundancy.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
15
An administrator supports a RAP at a branch office. A user's device that is attached to the Ethernet port is assigned an 802.1X AAA policy and is configured for tunneled node. How is the user's traffic transmitted to the corporate office?

A) It is not encapsulated by GRE and not protected with IPSec.
B) It is encapsulated by GRE and protected with IPSec.
C) It is not encapsulated by GRE but is protected with IPSec.
D) It is encapsulated by GRE and not protected with IPSec.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
16
A network of Mobility Controllers (MCs) is managed by a Mobility Master (MM). An administrator misconfigures the IP addressing on an MC and the MC loses connectivity to the MM. How should the administrator fix this problem?

A) Restore the previous configuration on the Mobility Master.
B) Use the disaster recovery mode on the Mobility Master.
C) Use the auto-recovery mode on the Mobility Master.
D) Use the disaster recovery mode on the Mobility Controller.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
17
Which forwarding mode is used for a WLAN if a RAP needs to decrypt all user traffic and forward it locally?

A) Bridge
B) Decrypt-tunnel
C) Tunnel
D) Split-tunnel
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
18
Which RAP WLAN operation mode should an administrator configure if the SSID should only be advertised if controller connectivity is lost?

A) Standard
B) Persistent
C) Always
D) Backup
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
19
An administrator stages an AP and re-provisions it as a RAP from the Mobility Master (MM). When re-provisioning the RAP, the administrator must enter a user's credentials. What is the purpose of these credentials?

A) to authenticate the RAP device
B) to authenticate users on wireless ports
C) to authenticate users on wired and wireless ports
D) to authenticate users on wired ports
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
20
A Microsoft RADIUS server is used to centralize AAA functions by a company. Upon a successful authentication lookup performed by an Aruba Mobility Controller (MC), the administrator wants to have the RADIUS server pass back the correct post-authentication role name that the controller should apply to the user's traffic. Which additional task must the administrator perform for the controller's configuration to implement this process?

A) Configure the server-derived rules on the controller.
B) Install ClearPass's VSA file on the controller.
C) Install Microsoft's VSA file on the controller.
D) Enable AAA on the controller.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
21
A VIA client tries to initially connect to a corporate office controller through an intermediate firewall. However, the VPN connection fails. The administrator examines the firewall rules and determines that rules for UDP 4500 and UDP 500 are configured. Which additional protocol must be allowed in the firewall rules to resolve this connection failure?

A) TCP 22
B) UDP 8200
C) ESP
D) TCP 443
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
22
Refer to the exhibit. <strong>Refer to the exhibit. The Branch office RAP shown in the exhibit provides secure wireless employee access. Because of security concerns, the company's security policy does not allow wireless guest access. Some customers that visit the Branch office need Internet access. A RAP's Ethernet Port 3 is used for wired guest access and Port 2 is used for wired employee access. When employees connect to Port 2, they are authenticated successfully and a split-tunnel policy allows them access to both corporate and Internet resources from the Branch office. Guest users, however, cannot access Internet resources on Port 3. How can the administrator provide guest users Internet access?</strong> A) Create a guest VAP that allows wired RAP port access. B) Implement ClientMatch to handle the employee and guest user traffic correctly. C) Configure a bridge role for the wired RAP port. D) Implement the MultiZone feature on the RAP. The Branch office RAP shown in the exhibit provides secure wireless employee access. Because of security concerns, the company's security policy does not allow wireless guest access. Some customers that visit the Branch office need Internet access. A RAP's Ethernet Port 3 is used for wired guest access and Port 2 is used for wired employee access. When employees connect to Port 2, they are authenticated successfully and a split-tunnel policy allows them access to both corporate and Internet resources from the Branch office. Guest users, however, cannot access Internet resources on Port 3. How can the administrator provide guest users Internet access?

A) Create a guest VAP that allows wired RAP port access.
B) Implement ClientMatch to handle the employee and guest user traffic correctly.
C) Configure a bridge role for the wired RAP port.
D) Implement the MultiZone feature on the RAP.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
23
An administrator at Campus A manages Aruba Mobility Controllers (MCs). The administrator defines a server group that includes a local ClearPass server and a remote Microsoft RADIUS server. The ClearPass server has the credentials for users at Campus A and the Microsoft RADIUS server has the credentials for users at Campus ?. Users at Campus A successfully authenticate and connect to the Campus A wireless network. However, when users from Campus ? visit Campus A they fail authentication. What can the administrator do to solve this problem?

A) Enable EAP termination on the ClearPass server.
B) Enable machine authentication on the Mobility Controllers.
C) Enable EAP-TTLS with EAP Termination on the Mobility Controllers.
D) Enable FastConnect on the Campus A Mobility Controllers.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
24
An administrator configures the MultiZone feature for a company network, where a mobility cluster is the primary zone and a standalone controller in the company's DMZ represents a secondary data zone. The administrator configures two AP Groups and respective VAPs for the zones on the Mobility Master (MM) in the primary zone. When the APs boot up and establish connections to both zones, the administrator notices that no data connections are established to the data zone. What must the administrator do to fix this problem?

A) Configure the same AP Groups and VAPs on the standalone controller, and associate the MultiZone APs to both groups.
B) Configure the same AP Group in the data zone as it is in the primary zone, and configure the VAPs in the data zone.
C) Have the MultiZone APs initially boot from the standalone controller in the data zone.
D) Create different AP Groups and VAPs on the Mobility Master and standalone controllers, and associate the MuttiZone APs to both groups.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
25
An administrator supports a cluster of four Aruba Mobility Controllers (MCs) with management addresses of 10.1.100.101, 10.1.100.102, 10.1.100.103, and 10.1.305.114. The administrator accesses an AP associated with this cluster, reboots it, and accesses apboot mode. The administrator executes the printenv command. Which AP parameter contains the IP addresses of the cluster members that the AP should use to connect to the cluster?

A) master_ip
B) cfg_lms
C) servername
D) nodelist
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
26
What is true about the operation of the Aruba Mobility Controller (MC) shown below? <strong>What is true about the operation of the Aruba Mobility Controller (MC) shown below? </strong> A) The disaster recovery mode is enabled, and changes will be sent to the Mobility Master. B) The disaster recovery mode is disabled, and changes will be sent to the Mobility Master. C) The disaster recovery mode is enabled, and no changes will be forwarded to the Mobility Master. D) The Mobility Master is in disaster recovery mode and will push changes to a Managed Controller.

A) The disaster recovery mode is enabled, and changes will be sent to the Mobility Master.
B) The disaster recovery mode is disabled, and changes will be sent to the Mobility Master.
C) The disaster recovery mode is enabled, and no changes will be forwarded to the Mobility Master.
D) The Mobility Master is in disaster recovery mode and will push changes to a Managed Controller.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
27
Which Aruba Mobility Controller (MC) administrative role should an administrator assign to a receptionist so that they can create and manage guest accounts?

A) network-operations
B) guest-provisioning
C) guest-operator
D) receptionist
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
28
An administrator wants to implement a Live Upgrade (in-service upgrade) of a cluster in an Aruba wireless solution. Which ArubaOS feature does the Mobility Master (MM) use to ensure RF redundancy, so that when one or more APs are rebooted there is no loss of wireless coverage for users?

A) AirMatch
B) Mobility Controller load balancing
C) AP image verification
D) AP image preload
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
29
A guest establishes an authenticated wireless session to an Aruba Mobility Controller (MC). The controller uses a ClearPass server for all AAA functions. Which AAA component disconnects the user when the guest exceeds their allowed duration?

A) SNMP Disconnect
B) Active Directory Session Limits
C) RADIUS Authorization Profile
D) RADIUS Change of Authorization
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
30
An administrator supports an Aruba wireless solution that uses ClearPass to implement server role assignment. A user reports that they are not able to access the correct department resources. The administrator determines from the connected controller that the user is associated to the login user profile instead of the department user profile. What should the administrator examine on the ClearPass server to determine the Aruba VSA User Role value that ClearPass returns to the controller?

A) Accounting
B) Audit Viewer
C) Event Viewer
D) Access Tracker
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
31
Refer to the exhibit. <strong>Refer to the exhibit. Which controller shown in the exhibit is elected as the cluster leader?</strong> A) Controller A B) Controller ? C) Controller C D) Controller D Which controller shown in the exhibit is elected as the cluster leader?

A) Controller A
B) Controller ?
C) Controller C
D) Controller D
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
32
An administrator wants to reduce downtime of the wireless network when controllers are upgraded. Which ArubaOS feature should the administrator implement to reduce the amount of downtime the APs will experience at the time of the upgrade process?

A) AP image preload
B) Centralized upgrades
C) AP fast start
D) AP apboot mode bypass
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
33
What must the administrator configure on AirWave to monitor and run operational commands on the Aruba Mobility Masters (MMs) and Mobility Controllers (MCs)?

A) PAPI and SNMP
B) PAPI and SSH/telnet
C) SNMP and HTTPS
D) SNMP and SSH/telnet
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
34
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements AP licensing on a Mobility Master (MM). Each campus is responsible to purchase its own AP licenses. There are 900 AP licenses deployed in the global pool. There are three dedicated pools. From the global pool, 300 AP licenses are assigned to each dedicated pool. Network engineers at CampusA want to deploy an additional 100 APs. Currently all of the AP licenses in CampusA and CampusB are allocated, but only 200 of the AP licenses in CampusC are allocated. What can the administrator do to add capacity for CampusA in alignment with campus policies?</strong> A) Add 100 more AP licenses and assign them to the CampusA pool. B) Allow CampusA to share from the CampusC pool. C) Move 100 licenses from the CampusC pool to the global pool. D) Add 100 more AP licenses to the global pool. An administrator implements AP licensing on a Mobility Master (MM). Each campus is responsible to purchase its own AP licenses. There are 900 AP licenses deployed in the global pool. There are three dedicated pools. From the global pool, 300 AP licenses are assigned to each dedicated pool. Network engineers at CampusA want to deploy an additional 100 APs. Currently all of the AP licenses in CampusA and CampusB are allocated, but only 200 of the AP licenses in CampusC are allocated. What can the administrator do to add capacity for CampusA in alignment with campus policies?

A) Add 100 more AP licenses and assign them to the CampusA pool.
B) Allow CampusA to share from the CampusC pool.
C) Move 100 licenses from the CampusC pool to the global pool.
D) Add 100 more AP licenses to the global pool.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
35
An administrator wants to temporarily deny login access to users who fail 802.1x authentication functions three or more times. Which process will the administrator need to configure?

A) fail through
B) captive portal
C) EAP termination
D) blacklisting
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
36
In a cluster-controller environment, which Aruba component in a network builds a cache table of mDNS records that can be used to help user devices access Apple Bonjour services?

A) the Mobility Master
B) the Mobility Master and cluster members
C) the Mobility Controllers that are cluster members
D) any Aruba Mobility Controller
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
37
A user uses Microsoft Windows for a wireless session. Based on the output shown in the exhibit for the selected Aruba AP, what is the possible problem with this user's wireless session? <strong>A user uses Microsoft Windows for a wireless session. Based on the output shown in the exhibit for the selected Aruba AP, what is the possible problem with this user's wireless session? </strong> A) The controller cannot reach the AAA server to perform the authentication. B) The user misconfigured the Managed Network Settings profile in Windows. C) The AP has reached the limit for number of users that are allowed to connect to the radio. D) The user is configured for PEAP, but the WLAN profile on the controller implemented EAP-TLS.

A) The controller cannot reach the AAA server to perform the authentication.
B) The user misconfigured the Managed Network Settings profile in Windows.
C) The AP has reached the limit for number of users that are allowed to connect to the radio.
D) The user is configured for PEAP, but the WLAN profile on the controller implemented EAP-TLS.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
38
What can be determined from the command output shown below? <strong>What can be determined from the command output shown below? </strong> A) The synchronized data is protected by VRRP. B) The command was executed on the standby Mobility Master (MM). C) The synchronization period is at its default value. D) The other Mobility Master (MM) is the active license server.

A) The synchronized data is protected by VRRP.
B) The command was executed on the standby Mobility Master (MM).
C) The synchronization period is at its default value.
D) The other Mobility Master (MM) is the active license server.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
39
An administrator deploys an Aruba wireless solution comprised of: a pair of Mobility Masters (MMs) multiple Mobility Controllers (MCs) and Virtual Mobility Controllers (VMCs) an AirWave server a ClearPass server The Aruba Mobility solution runs ArubaOS 8.X. Which component in this environment globally defines and deploys VLANs for wireless users?

A) ClearPass server
B) AirWave server
C) Mobility Master
D) Mobility Controller or Virtual Mobility Controller
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
40
An administrator wants to implement bandwidth limits for guest users to restrict their Internet usage. On the Mobility Master (MM), where would the administrator define these limits?

A) Firewall policy
B) AAA policy
C) User role
D) 802.1X policy
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
41
Refer to the exhibit. <strong>Refer to the exhibit. An administrator wants to verify the operation of MultiZone in a network. The administrator uses the command show ap debug multizone to generate the output shown in the exhibit. Based on the output, which statement is true?</strong> A) Zone 1 is the primary zone, and zone 0 is the data zone. B) The MultiZone APs are in a cluster. C) The maximum VAPs in the MultiZone is 15. D) The primary zone has limited the data zone to one WLAN. An administrator wants to verify the operation of MultiZone in a network. The administrator uses the command show ap debug multizone to generate the output shown in the exhibit. Based on the output, which statement is true?

A) Zone 1 is the primary zone, and zone 0 is the data zone.
B) The MultiZone APs are in a cluster.
C) The maximum VAPs in the MultiZone is 15.
D) The primary zone has limited the data zone to one WLAN.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
42
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements the MultiZone feature. The administrator sets up five zones as shown in the exhibit. Zone A has six controllers that form a cluster. Zone B has three controllers that form a cluster. Zones C, D, and E have a single standalone controller each. A total of 13 VAPs are created across the five zones. A zone needs to accept RAP connections from branch offices. All zones have the same AP Group name. One of the zones will not accept connections from the MultiZone APs. What could be a cause of this problem?</strong> A) RAPs are used in the configuration. B) The number of zones exceeds the maximum limit of four zones. C) The number of VAPs exceeds the maximum limit of 12 VAPs. D) AP Group names are different for each zone. An administrator implements the MultiZone feature. The administrator sets up five zones as shown in the exhibit. Zone A has six controllers that form a cluster. Zone B has three controllers that form a cluster. Zones C, D, and E have a single standalone controller each. A total of 13 VAPs are created across the five zones. A zone needs to accept RAP connections from branch offices. All zones have the same AP Group name. One of the zones will not accept connections from the MultiZone APs. What could be a cause of this problem?

A) RAPs are used in the configuration.
B) The number of zones exceeds the maximum limit of four zones.
C) The number of VAPs exceeds the maximum limit of 12 VAPs.
D) AP Group names are different for each zone.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
43
An administrator moves an AP from Campus 1 to Campus 2. At the Campus 2, the moved AP does not connect to a controller and download an AP Group configuration. Which process should the administrator perform to reset the AP back to its initial default state?

A) From the AP's ArubaOS CLI, execute write erase all . From the AP's ArubaOS CLI, execute write erase all .
B) From apboot mode, execute factory_reset . From apboot mode, execute factory_reset
C) From the controller's ArubaOS CLI, execute write erase all . From the controller's ArubaOS CLI, execute
D) From apboot mode, execute reset . reset
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
44
An administrator implements blacklisting of users that fail authentication functions three or more times. By default, how long will these users have to wait before they can successfully log into the network again?

A) 15 minutes
B) 1 hour
C) 4 hours
D) 24 hours
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
45
A branch office location has two buildings: an office and a small warehouse that are within 20 meters of each other. A RAP at the branch office provides connectivity to the corporate office network. This RAP is also configured as a Remote Mesh Portal (RMP). Which solution should the administrator implement to provide connectivity between the office and small warehouse buildings at the branch office location?

A) Deploy a Remote Mesh Point AP in the warehouse building to connect to the Remote Mesh Portal in the office building.
B) Deploy an ArubaOS-Switch in the warehouse building with tunneled node to connect to the Remote Mesh Portal in the office building.
C) Deploy a Mesh Point AP in the warehouse building to connect to the Remote Mesh Portal in the office building.
D) Deploy a Remote Mesh Portal in the warehouse building to connect to the Remote Mesh Portal in the office building.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
46
An administrator wants to change the default roles for the pre- and post-authentication user roles for a WLAN on a Mobility Master (MM). The controllers in the network perform all authentication. Under the Managed Network hierarchy, where can the administrator assign these roles?

A) AAA Server Group
B) AAA Profiles
C) VLAN
D) RADIUS attributes
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
47
An administrator supports Aruba Mobility Controllers (MCs) managed by a Mobility Master (MM) in a non-cluster deployment. The administrator performs these tasks on the MM for the MCs: Enables L3 IP mobility for the respective VAPs on the MCs Creates a L3 domain and places the MCs in the domain However, roaming does not work when users roam from an AP connected to one controller in the domain to an AP connected to a different controller in the domain. What must the administrator do to fix this problem?

A) Configure the same VLANs on the Mobility Controllers in the L3 domain.
B) Re-provision the APs associated with the Mobility Controllers.
C) Enable L3 IP Mobility globally on the Mobility Controllers.
D) Create a home-agent-to-foreign-agent mapping table.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
48
Which Aruba Unified Communications and Collaboration (UCC) deployment mode should be used when UCC is disabled on the Mobility Controllers (MCs)?

A) Heuristics mode
B) ALG mode
C) SDN-API mode
D) WMM mode
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
49
An administrator manages an Aruba wireless network. ClearPass is used to centralize AAA functions. The administrator wants to implement server role derivation. Which information will the ClearPass server return in regards to the user role assignment?

A) RADIUS VSA Firewall-Role
B) Aruba VSA Aruba-User-Role
C) RADIUS VSA User-Role
D) Aruba VSA Firewall-Role
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
50
Which network components are tracked by Aruba Clarity? (Choose two.)

A) WLAN health
B) Wireless associations
C) Client health
D) DNS lookups
E) AP and controller health
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
51
Refer to the exhibit. <strong>Refer to the exhibit. An administrator implements an L2 cluster of Aruba Mobility Controllers (MCs) as shown in the exhibit. An external RADIUS AAA server authentication clients associated with the Active User Anchor Controller (A-UAC), where the NAS IP address sent from Controller B is 10.254.1.2. By default, what happens to the user's session when it is handed over to the Standby UAC (S-UAC) after a failover?</strong> A) The user's session remains active and RADIUS messages can still be processed between the S-UAC and AAA server. B) The user's session remains active, but the AAA server cannot implement RADIUS Change of Authorization (CoA). C) The user's session is disconnected and has to reconnect, but the S-UAC automatically updates the NAS-IP address on the AAA server to record the event. D) The user's session is disconnected and has to reconnect, and no record of this process is stored on the AAA server. An administrator implements an L2 cluster of Aruba Mobility Controllers (MCs) as shown in the exhibit. An external RADIUS AAA server authentication clients associated with the Active User Anchor Controller (A-UAC), where the NAS IP address sent from Controller B is 10.254.1.2. By default, what happens to the user's session when it is handed over to the Standby UAC (S-UAC) after a failover?

A) The user's session remains active and RADIUS messages can still be processed between the S-UAC and AAA server.
B) The user's session remains active, but the AAA server cannot implement RADIUS Change of Authorization (CoA).
C) The user's session is disconnected and has to reconnect, but the S-UAC automatically updates the NAS-IP address on the AAA server to record the event.
D) The user's session is disconnected and has to reconnect, and no record of this process is stored on the AAA server.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
52
Refer to the exhibit. <strong>Refer to the exhibit. An administrator wants to centralize administrative access to the Aruba Mobility Controllers (MC) and Mobility Master (MM). ClearPass is set up and the preferred authentication protocol is TACACS+. Where should the administrator perform this configuration in the MM hierarchy shown in the exhibit?</strong> A) at the Managed Network level B) at both the Mobility Master and Managed Network levels C) at the two campus levels D) at the controller levels An administrator wants to centralize administrative access to the Aruba Mobility Controllers (MC) and Mobility Master (MM). ClearPass is set up and the preferred authentication protocol is TACACS+. Where should the administrator perform this configuration in the MM hierarchy shown in the exhibit?

A) at the Managed Network level
B) at both the Mobility Master and Managed Network levels
C) at the two campus levels
D) at the controller levels
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
53
An administrator adds local administrative accounts to manage the Aruba Mobility Controllers (MCs). Which role should be assigned to an administrator who needs to only generate reports and monitor WLANS and ports?

A) root
B) network-operations
C) location-api-management
D) AP-provisioning
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
54
An administrator implements a ClearPass solution to authenticate Aruba wireless users. The Aruba wireless solution is an ArubaOS 8.x Mobility Master (MM) deployment. ClearPass sends an Aruba VSA role name for an authenticated user. However, the administrator notices that the role assigned to the user is different from the one assigned by the ClearPass server. Which two items should the administrator verify that might be the cause of this problem? (Choose two.)

A) role existence on the Managed Network
B) order assignment that the controller uses to select a user role
C) server-derived role assignment on the ClearPass server
D) spelling of the role on the ClearPass server
E) enablement of user roles on the controller
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
55
Which device can terminate to a cluster of Aruba Mobility Controllers (MCs) that run ArubaOS 8.x?

A) IAP
B) RAP
C) BLE Beacon
D) Mobility Master
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
56
An administrator creates a User Rule for role derivation on the Mobility Master (MM). Which client information can an administrator specify to identify that a particular user should be assigned a different role from the initial role?

A) IP address
B) VLAN
C) MAC address
D) Profiling information
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
57
An administrator needs to authenticate users connected to an ArubaOS-Switch where the switch authenticates the user, assigns the firewall policies to the user, and processes some of the users' traffic. Which connection method should the administrator configure on the ArubaOS-Switch?

A) Per-port tunneled node
B) Per-user tunneled node
C) VLAN tunneled mode
D) Split-tunneled mode
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
58
An administrator sets up a network scan set in AirWave to scan a subnet to identify devices for a firmware upgrade. The scan completes and AirWave successfully uses the SNMP credentials to validate SNMP access. However, SSH access fails and the administrator must manually configure the SSH credentials used for all of these devices. What should the administrator have done before running the network scan?

A) Monitor the devices for needed firmware upgrades.
B) Define a scan credentials set for the devices.
C) Change the default credentials of the devices.
D) Manually upgrade the firmware of the devices.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
59
An administrator needs to implement multiple configuration changes on a set of Aruba Mobility Controllers (MCs) that involve both VLAN and interface configurations at the same time. The controllers are deployed in a cluster. How can the administrator accomplish this task?

A) Apply pending changes, and schedule the changes to occur at a similar time.
B) Create a template and deploy the changes by use of the bulk configuration update feature.
C) Use AirWave to deploy the changes to respective controllers in the cluster.
D) Use the Live Update (in-service update) feature for a cluster of controllers.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
60
An administrator implements the MultiZone feature and uses two clusters that utilize CPSec. A primary and a data zone are created. MultiZone APs successfully build sessions to the primary cluster but fail to establish sessions to the data zone cluster. What must the administrator do to solve this problem?

A) Enable MultiZone booting in the MultiZone AP apboot configuration mode.
B) Enable CPSec in the MultiZone profile for both the primary and data zone.
C) Add the MultiZone APs to the data zone's CPSec whitelist.
D) Use different AP Group names for the two zones.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
61
An administrator uses a ClearPass server to perform user authentication and download the role configuration that should be applied to the user's session. The server is associated to an AAA profile of a VAP. However, when a user connects to the SSID of the VAP, they are assigned the default role. What must the administrator do to ensure that the role is downloaded and used?

A) Enable server derivation in the AAA Server Group.
B) Enable server derivation in the server group.
C) Enable server derivation in the ClearPass' RADIUS configuration.
D) Enable download role for CPPM in the VAP's WLAN profile.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
62
What must an administrator configure in order for the ClearPass server to execute a RADIUS Change of Authorization (CoA) to Aruba Mobility Controllers (MCs) in a cluster?

A) Primary and backup LMS IP addresses
B) Active and Standby AAC with clustering
C) IPSec High Availability (HA) between two cluster members
D) VRRP IP on each cluster member
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
63
Which protocol is used between Aruba Mobility Controllers (MC) and ArubaOS-Switches to negotiate tunneled node?

A) PAPI
B) GRE
C) IPSec
D) SNMP
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
64
A VIA client tries to connect to a corporate office controller through an intermediate firewall. However, the VPN connection fails. The administrator examines the firewall rules and determines that rules for TCP 443 and UDP 500 are configured. Which additional protocol must be allowed in the firewall rules to resolve this connection failure?

A) TCP 389
B) UDP 4500
C) UDP 8200
D) TCP 993
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
65
An administrator suspects that the network drops frames between a wireless client and an Aruba Mobility Controller (MC). The administrator wants to examine the frames between the AP and the controller to determine if any frames are missing. Which solution allows the administrator to use a protocol analyzer to examine the contents of the 802.11 frames between the AP and controller?

A) Implement decrypt-tunnel mode.
B) Implement GRE mode.
C) Implement bridge mode.
D) Implement split-tunnel mode.
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
66
Which protocol is used to tunnel user traffic when an administrator implements tunneled node between an ArubaOS-Switch and an Aruba Mobility Controller (MC)?

A) IPSec
B) PAPI
C) GRE
D) AMON
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
67
An administrator mistakenly configures the wrong VLAN setting on a managed controller's interface. This causes the controller to lose management access to the Mobility Master (MM). The administrator knows that the auto roll-back feature will revert the managed controller to a previous configuration that was used prior to the change. Which command can the administrator use to validate that the rollback process is successful?

A) show debug
B) show switches
C) show config status
D) show controller-ip
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
68
An AP connects to a controller. Then, the AP loses power and reboots. Which parameters will the AP remember and use from its initial connection? (Choose two.)

A) Server IP
B) AP group
C) AirWave server name
D) AP IP address and subnet mask
E) Mobility Master IP
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
69
On the Aruba Mobility Master (MM), when is an AP configured to act as a Mesh Portal or Mesh Point?

A) at the time of the AP's apboot mode CLI
B) when the mesh radio profile is created
C) when the APs are provisioned
D) when the mesh cluster profile is created
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
70
Which configuration command enables an Aruba Mobility Controller (MC) to send AMON messages to an AirWave System?

A) snmp-server
B) auth-server
C) mgmt-server
D) tunneled-node-server
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
71
Refer to the exhibit. <strong>Refer to the exhibit. An AP is connected to a cluster of controllers. An AAA server provides all authentication and authorization functions for wireless users. A wireless user connects to an AP, and Active User Anchor Controller (A-UAC) and Standby UAC (S-UAC) tunnels are built from the AP to the respective controllers in the cluster. Why would an administrator create four VRRP groups with four Virtual IP (VIP) addresses in the cluster?</strong> A) to allow the AAA Server to enforce RADIUS CoA in case the A-UAC experiences an outage B) to allow High Availability (HA) Fast Failover to function in case a controller experiences an outage C) to allow the AP to establish redundant AP Anchor Controller (AAC) connections to the cluster D) to provide a VRRP group for election of the cluster leader An AP is connected to a cluster of controllers. An AAA server provides all authentication and authorization functions for wireless users. A wireless user connects to an AP, and Active User Anchor Controller (A-UAC) and Standby UAC (S-UAC) tunnels are built from the AP to the respective controllers in the cluster. Why would an administrator create four VRRP groups with four Virtual IP (VIP) addresses in the cluster?

A) to allow the AAA Server to enforce RADIUS CoA in case the A-UAC experiences an outage
B) to allow High Availability (HA) Fast Failover to function in case a controller experiences an outage
C) to allow the AP to establish redundant AP Anchor Controller (AAC) connections to the cluster
D) to provide a VRRP group for election of the cluster leader
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
72
An administrator sets up a firewall policy that implements split-tunneling for RAPs. Which firewall rule action should the administrator specify for traffic that the RAP should forward directly to the Internet?

A) route:dst-nat
B) route:src-nat
C) permit
D) split-tunnel
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 72 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree