New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

HP HPE6-A45 Implementing Aruba Campus Switching Solutions Exam Exam Practice Test

Demo: 25 questions
Total 169 questions

Implementing Aruba Campus Switching Solutions Exam Questions and Answers

Question 1

A network administrator needs to control traffic based on TCP or UDP application, as well as IP protocol, such as GRE or ICMP. What should the administrator configure for this purpose?

Options:

A.

a standard IP ACL and an extended MAC ACL only

B.

both a standard IP ACL and an extended MAC ACL

C.

an extended IP ACL only

D.

both a standard IP ACL and a standard MAC ACL

Question 2

A network administrator applies port security to a port with the send-alarm action. What does the switch do if it detects traffic from an unauthorized MAC address on the port?

Options:

A.

It disables the port, but sends no SNMP trap.

B.

It forwards the traffic, and it logs an event.

C.

It blocks the traffic, but sends no SNMP trap.

D.

It blocks the traffic, and it sends an SNMP trap.

Question 3

The security plan for AOS-Switches calls for ARP protection. For ARP protection to function properly, which other feature should also be implemented?

Options:

A.

MAC lockout

B.

proxy ARP

C.

DHCP snooping

D.

connection-rate filtering

Question 4

A network administrator needs to configure VRRP on VLAN 2 on two AOS-Switches. Which two settings must match on both switches?

Options:

A.

the physical IP address and priority

B.

the VRID and priority

C.

the virtual IP address and the physical IP address

D.

the VRID and the virtual IP address

Question 5

An architect proposes several Aruba 2930M switches, which the customer wants to combine into a single logical switch. What must be included in the proposal to meet this requirement?

Options:

A.

backplane stacking license

B.

QSFP+ fiber transceivers and MPO cable

C.

backplane stacking modules and cables

D.

QSFP+ fiber transceivers and 40GbE to 10GbE cable splitters

Question 6

Which situation requires an AOS-Switch interface to support MAC-based VLANs?

Options:

A.

The interface has an extended MAC ACL applied to it in the outbound direction, and it uses VLAN ID as one of the criteria for rules.

B.

The interface has an extended MAC ACL applied to it in the inbound direction, and it has multiple tagged VLAN assignments.

C.

The interface is configured to support Local MAC Authentication (LMA), authenticates endpoints against a non-default MAC group, and limits the address count to 1.

D.

The interface is configured to support 802.1X in user-based mode, connects to more than one endpoint at a time, and users are assigned to different dynamic VLANs.

Question 7

Refer to the exhibit.

An AOS-Switch connects to an unmanaged switch in a meeting room. The exhibit shows security settings for this port. Users report that they sometimes lose connectivity and then get it back.

Which best practice should network administrators follow to avoid this issue?

Options:

A.

The loop protection and port security actions should be set to match.

B.

Eavesdrop prevention should be disabled when port security is in limited-continuous mode.

C.

Port security and loop protection should not be enabled on the same port.

D.

Loop protection should operate in VLAN mode, rather than port mode, when port security is enabled.

Question 8

What must an OSPF router do to ensure nonstop routing should a standby member take over as commander when the original VSF commander fails?

Options:

A.

It must run the shortest path first algorithm.

B.

It must participate in a new election for the Designated Router.

C.

It must initiate a graceful restart.

D.

It must re-establish adjacency with its Designated Router.

Question 9

An AOS-Switch enforces 802.1X authentication to an Aruba ClearPass server. A user connects but cannot receive network access, even though the ClearPass administrator finds an Access-Accept for the user on this switch. The switch administrator suspects that there is an issue with the dynamic settings returned by ClearPass.

Where should the administrator look for information about these settings?

Options:

A.

in the details for port-access clients

B.

in the detailed RADIUS server statistics

C.

in the interface statistics

D.

in the running-config for the interface

Question 10

Refer to the exhibit.

A network administrator needs to deploy AOS-Switches that implement port-based tunneled node. Their Aruba controller has IP address 10.1.10.5/24. The architect has assigned tunneled-node endpoints to VLAN 20.

What is one issue with the current configuration planned for VLAN 20 on the switch?

Options:

A.

VLAN 20 must have GRE enabled on it.

B.

VLAN 20 cannot have an IP address.

C.

VLAN 20 must have an IP address in the same subnet as the controller.

D.

VLAN 20 must not enable jumbo frames.

Question 11

Refer to the exhibit.

An AOS-Switch has an extended ACL that is applied to several physical interfaces.

- New interfaces have been brought online.

- The ACL has been applied to them as well.

A network administrator sees the output in the exhibit and is concerned that the switch will reach the limit for rules.

What can the administrator do to address this concern?

Options:

A.

Resequence the ACL with less space in between the entries.

B.

Enable ACL grouping, and apply ACLs as shared ACLs.

C.

Reconfigure the ACL as a standard ACL, and then reapply it.

D.

Remove static ACLs, and have the RADIUS server send dynamic ACLs.

Question 12

Refer to the exhibits.

Exhibit 1

Exhibit 2

Switch-1(config)# spanning-tree

Switch-1(config)# spanning-tree config-name “exam”

Switch-1(config)# spanning-tree instance 1 vlan 10-19

Switch-1(config)# spanning-tree instance 2 vlan 20-29

Switch-2(config)# spanning-tree

Switch-2(config)# spanning-tree config-name “exam”

Switch-2(config)# spanning-tree instance 1 vlan 10-19

Switch-2(config)# spanning-tree instance 2 vlan 20-29

Switch-2(config)# spanning-tree priority 0

Switch-2(config)# spanning-tree instance 1 priority 0

Switch-2(config)# spanning-tree instance 2 priority 1

Switch-3(config)# spanning-tree

Switch-3(config)# spanning-tree config-name “exam”

Switch-3(config)# spanning-tree instance 1 vlan 10-19

Switch-3(config)# spanning-tree instance 2 vlan 20-29

Switch-3(config)# spanning-tree priority 1

Switch-3(config)# spanning-tree instance 1 priority 1

Switch-3(config)# spanning-tree instance 2 priority 0

Switch-4(config)# spanning-tree

Switch-4(config)# spanning-tree config-name “exam”

Switch-4(config)# spanning-tree instance 1 vlan 10-19

Switch-4(config)# spanning-tree instance 2 vlan 20-29

The network administrator enters the commands shown in Exhibit 2. What is the spanning tree status on A1 and A2?

Options:

A.

Both A1 and A2 forward traffic.

B.

A1 blocks traffic, and A2 forwards traffic.

C.

Both A1 and A2 block traffic.

D.

A1 forwards traffic, and A2 blocks traffic.

Question 13

A network administrator needs to configure an AOS-Switch to classify traffic. Comparing QoS policy and global policy, what is one function that only a class-based QoS policy can fulfill?

Options:

A.

Apply a DSCP to HTTP traffic from some sources but not other sources.

B.

Apply a DSCP rather than an 802.1p value to classified traffic.

C.

Override the incoming DSCP in the received traffic.

D.

Override the DSCP or priority applied directly to an interface.

Question 14

Refer to the exhibits.

Exhibit 1

Exhibit 2

A company has attempted to implement OSPF without success. The devices in Area 1 need to be able to reach Area 2. Routes should be aggregated for advertisement in other areas. What must be changed to meet these requirements?

Options:

A.

Change Area 3 to Area 0; remove Area 1 from Switch-2 and Area 2 from Switch-1.

B.

Move the 10.1.0.0/16 range to Area 2 on Switch-1 and the 10.2.0.0/16 range to Area 1 on Switch-2.

C.

Add Area 1 and Area 2 on VLAN 100 on both Switch-1 and Switch-2. Remove Area 3.

D.

Add the 10.2.0.0/16 range on Switch-1 and the 10.1.0.0/16 range on Switch-2.

Question 15

Refer to the exhibits.

Exhibit 1

Exhibit 2

In the exhibits, VLAN 20 under a device name indicates that the device is configured with that VLAN. The exhibits also indicate whether VLAN 20 is statically configured on each link, either as an untagged or a tagged VLAN. If the link has no label, VLAN 20 is not statically configured on that link.

A network administrator needs to deploy AOS-Switches that use port-based tunneled node. The plan calls for tunneled-node endpoints to be assigned to VLAN 20 and for the Aruba Mobility Controller to handle the tunneled-node traffic at Layer 2. Which exhibit shows the correct plan for VLAN 20 in the wired infrastructure?

Options:

A.

A

B.

B

C.

C

D.

D

Question 16

A company wants to implement RADIUS authentication of all managers who log in to AOS-Switches via SSH. The RADIUS server also sends VSAs that indicate which commands users can enter, and switches must honor these.

What must the administrator do to meet the company’s requirements?

Options:

A.

Set the command access level to manager mode; also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable.

B.

Set RADIUS for aaa authentication ssh login, also enable authentication privilege-login mode, which allows the switch to accept all RADIUS VSAs.

C.

Set command authorization to RADIUS, also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable.

D.

Set RADIUS for aaa authentication ssh login and aaa authentication ssh enable, which allows the switch to accept all RADIUS VSAs.

Question 17

A network administrator needs to control traffic based on Ethertype and Class of Service. What should the administrator configure for this purpose?

Options:

A.

both a standard IP ACL and a standard MAC ACL

B.

both a standard IP ACL and an extended MAC ACL

C.

an extended IP ACL only

D.

an extended MAC ACL only

Question 18

Which technologies can prevent split brain in a VSF fabric that includes Aruba 2930F switches?

Options:

A.

ARP MAD or OOBM MAD

B.

VLAN MAD or ARP MAD

C.

OOBM MAD or LLDP MAD

D.

LLDP MAD or VLAN MAD

Question 19

Refer to the exhibits.

Exhibit 1

Exhibit 2

Exhibit 1 shows a portion of the BGP routing table when the BGP solution was first deployed. Exhibit 2 shows the same portion at the current time. What can explain the current state?

Options:

A.

Due to changes in the private network, Switch-1 can no longer reach 192.168.2.1.

B.

Switch-1 can no longer reach ISP 1 at 192.168.1.1.

C.

Due to changes at ISP 1, Switch-1 now selects a different best route.

D.

An administrator has applied a route map on Switch-1 that filters advertised routes.

Question 20

Refer to the exhibit.

AOS-Switches will enforce 802.1X authentication on edge ports. The company has two RADIUS servers, which are meant to provide redundancy and load sharing of requests. The exhibit shows the planned RADIUS settings to deploy to the switches.

What should customers understand about this plan?

Options:

A.

AOS switches do not support two RADIUS servers for redundancy, instead, a secondary authentication method is required.

B.

Dynamic authentication is only permitted on one of the RADIUS servers and must be removed from the other.

C.

Each RADIUS server must use a unique port number for the authentication and dynamic authorization port.

D.

Each AOS-Switch will send all RADIUS requests to the first server on the list unless that server becomes unreachable.

Question 21

A customer wants to authenticate AOS-Switch managers to a RADIUS server. The CIO wants to assign different rights to different management users for granular control over their rights and privileges. What must the network administrator enable on the AOS-Switches to ensure they comply with this plan?

Options:

A.

RADIUS-based command authorization

B.

a manager and operator password

C.

authentication login privileges

D.

SNMPv3 and SNMPv3 restricted access.

Question 22

A network administrator needs to create a backplane stack with four AOS-Switches. The administrator wants to choose which switch becomes the commander. Which procedure meets those needs?

Options:

A.

Boot all of the switches at the same time and then connect the backplane stacking links. Then, access the desired commander, and make sure it has member ID 1.

B.

Configure backplane switches settings on each switch while disconnected. Make sure the desired commander has priority value 1. Then, connect the switches.

C.

Boot up the desired commander first and make sure stacking is enabled on it. Then, connect the stacking links and boot the other switches.

D.

Configure backplane switching settings on each switch while disconnected. Make sure the desired commander has member ID 1. Then, connect the switches.

Question 23

Refer to the exhibits.

Exhibit 1.

Exhibit 2.

The exhibits show the current operational state for routes on Switch-3 to send all traffic to 172.16.0.0/16 through Switch-2 during normal operation.

Which single configuration change creates the desired behavior?

Options:

A.

Set a cost of 100 in the redistribute static command on Switch-2 to change the external LSA metric.

B.

Change the OSPF external metric type to 1 on Switch-1, and set a cost of 100 on Switch-3 VLAN 104.

C.

Change the OSPF external metric type to 1 on Switch-1, and set a cost of 100 on Switch-3 VLAN 108.

D.

Set a cost of 100 in the redistribute static command on Switch-1 to change the external LSA metric.

Question 24

A customer wants access layer switches that support routing, ACLs, backplane stacking, and Smart rate ports. The customer asks about Aruba 5400R z 12 switches.

Which Aruba Switch model would better meet the customer’s requirements?

Options:

A.

2530

B.

2930F

C.

3810

D.

8400

Question 25

Network administrators need to inspect all traffic that arrives on an AOS-Switch in VLAN 2 and is destined to TCP ports 50000-50010. They want to send the traffic to a protocol analyzer connected to the switch for deeper inspection.

What else must they create to achieve their goal?

Options:

A.

an extended IP ACL that selects the TCP traffic, apply the ACL to interfaces VLAN 2, and specify interfaces in VLAN 2 as monitor ports

B.

a traffic class that selects the TCP traffic, map the class to the mirror session in a policy to VLAN 2

C.

a traffic class that selects the TCP traffic, and apply the traffic class directly to the interface that connects to the protocol analyzer

D.

a traffic class that selects the TCP traffic, and apply the traffic class directly to the interface that connects to the protocol analyzer

E.

an extended IP ACL that selects the TCP traffic, apply the ACL to the mirror session, and specify interfaces in VLAN 2 as monitor ports

Demo: 25 questions
Total 169 questions