New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

HP HPE7-A01 Aruba Certified Campus Access Professional Exam Exam Practice Test

Page: 1 / 12
Total 119 questions

Aruba Certified Campus Access Professional Exam Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Which statements regarding Aruba NAE agents are true? (Select two )

Options:

A.

A single NAE script can be used by multiple NAE agents

B.

NAE agents are active at all times

C.

NAE agents will never consume more than 10% of switch processor resources

D.

NAE scripts must be reviewed and signed by Aruba before being used

E.

A single NAE agent can be used by multiple NAE scripts.

Question 2

With the Aruba CX switch configuration, what is the Active Gateway feature that is used for and is unique to VSX configuration?

Options:

A.

VRRP and Active gateway are mutually exclusive on a VLAN

B.

VRID is set automatically as SVI vlan id

C.

VRIDs need to be non-overlapping with VRRP

D.

VRRP and Active Gateway can be configured on a single VLAN for interoperability

Question 3

In AOS 10. which session-based ACL below will only allow ping from any wired station to wireless clients but will not allow ping from wireless clients to wired stations"? The wired host ingress traffic arrives on a trusted port.

Options:

A.

ip access-list session pingFromWired any user any permit

B.

ip access-list session pingFromWired user any svc-icmp deny any any svc-icmp permit

C.

ip access-list session pingFromWired any any svc-icmp permit user any svc-icmp deny

D.

ip access-list session pingFromWired any any svc-icmp deny any user svc-icmp permit

Question 4

What is enabled by LLDP-MED? (Select two.)

Options:

A.

Voice VLANs can be automatically configured for VoIP phones

B.

APs can request power as needed from PoE-enabled switch ports

C.

iSCSl client devices can request to have flow control enabled

D.

GVRP VLAN information can be used to dynamically add VLANs to a trunk

E.

iSCSl client devices can set the required MTU setting for the port.

Question 5

Match the topics of an AOS10 Tunneled mode setup between an AP and a Gateway. (Options may be used more than once or not at all.)

Options:

Question 6

Your Director of Security asks you to assign AOS-CX switch management roles to new employees based on their specific job requirements. After the configuration was complete, it was noted that a user assigned with the auditors role did not have the appropriate level of access on the switch.

The user was not allowed to perform firmware upgrades and a privilege level of 15 was not assigned to their role. Which default management role should have been assigned for the user?

Options:

A.

sysadmin

B.

sysops

C.

administrators

D.

config

Question 7

With the Aruba CX 6200 24G switch with uplinks or 1/1/25 and 1/1/26, how do you protect client ports from forming layer-2 loops?

Options:

A.

int 1/1/1-1/1/24, loop-protect

B.

int 1/1/1-1/1/28. loop-protect

C.

int 1/1/1-1/1/28. loop-guard

D.

int 1/1/1-1/1/24. loop-guard

Question 8

A customer just upgraded aggregation layer switches and noticed traffic dropping for 120 seconds after the aggregation layer came online again. What is the best way to avoid having this traffic dropped given the topology below?

Options:

A.

Configure the linkup delay timer to 240 seconds to double the amount of lime for the initial phase to sync

B.

Configure the linkup delay timer to exclude LAGS 101 and 102, which will allow time for routing adjacencies to form and to learn upstream routes

C.

Configure the linkup delay timer to include LAGs 101 and 102, which will allow time for routing adjacencies lo form and to learn upstream routes

D.

Configure the linkup delay timer to 120 seconds, which will allow the right amount of time for the initial phase to sync

Question 9

What is the best practice for handling voice traffic with dynamic segmentation on AOS-CX switches?

Options:

A.

Switch authentication and local forwarding of the voice traffic

B.

Switch authentication and user-based tunneling of the voice traffic.

C.

Central authentication and port-based tunneling of the voice traffic.

D.

Controller authentication and port-based tunneling of all traffic

Question 10

You need to ensure that voice traffic sent through an ArubaOS-CX switch arrives with minimal latency What is the best scheduling technology to use for this task?

Options:

A.

Strict queuing

B.

Rate limiting

C.

QoS shaping

D.

DWRR queuing

Question 11

A customer is using Aruba Cloud Guest, but visitors keep complaining that the captive portal page keeps coming up after devices go to sleep Which solution should be enabled to deal with this issue?

Options:

A.

MAC Caching under the splash page

B.

MAC Caching under the user-role

C.

Wireless Caching under the splash page

D.

MAC Caching under the WLAN

Question 12

Your customer is interested in hearing more about how roles can help keep consistent policy enforcement in a distributed overlay fabric How would you explain this concept to them''

Options:

A.

Group Based Policy ID is applied on egress VTEP after device authentication and policy is enforced on ingress VTEP

B.

Role-based policies are tied to IP addresses which have an advantage over IP-based policies and role names are sent between VTEPs

C.

Group Based Policy ID is applied on ingress VTEP after device authentication and policy is enforced on egress VTEP

D.

Role-based policies enhance User Based Tunneling across the campus network and the policy traffic is protected with iPsec

Question 13

What does the 802.3bz standard describe?

Options:

A.

2.5Gb and 5Gb Ethernet ports

B.

60 W and 90W PoE

C.

AP directed roaming between APs

D.

60 GHz P2P Wi-Fi

Question 14

A company deployed Dynamic Segmentation with their CX switches and Gateways After performing a security audit on their network, they discovered that the tunnels built between the CX switch and the Aruba Gateway are not encrypted. The company is concerned that bad actors could try to insert spoofed messages on the Gateway to disrupt communications or obtain information about the network.

Which action must the administrator perform to address this situation?

Options:

A.

Enable Secure Mode Enhanced

B.

Enable Enhanced security

C.

Enable Enhanced PAPI security

D.

Enable GRE security

Question 15

What is an Aruba-recommended best practice for hardening that only applies to Aruba CX 6300 series switches with dedicated management ports?

Options:

A.

Implement a control plane ACL to limit access to approved IPs and/or subnets

B.

Manually enable Enhanced Security Mode from a console session.

C.

Disable all management services on the default VRF.

D.

Create a dedicated management VRF, and assign the management port to it.

Question 16

You are working on a network where the customer has a dedicated router with redundant Internet connections Tor outbound high-importance real-time audio streams from their datacenter All of this traffic.

• originates from a single subnet

• uses a unique range of UDP ports

• is required to be routed to the dedicated router

All other traffic should route normally The SVI for the subnet containing the servers originating the traffic is located on the core routing switch in the datacenter What should be configured?

Options:

A.

Configure a new OSPF area including both the core routing switch and the dedicated router

B.

Configure a BGP link between the core routing switch and the dedicated router and route filtering.

C.

Configure Policy Based Routing (PBR) on the core routing switch for the VRF with the servers’ SVI

D.

Configure a dedicated VRF on the core routing switch and make the dedicated router the default route.

Question 17

Describe the difference between Class of Service (CoS) and Differentiated Services Code Point (DSCP).

Options:

A.

CoS has much finer granularity than DSCP

B.

CoS is only contained in VLAN Tag fields DSCP is in the IP Header and preserved throughout the IP packet flow

C.

They are similar and can be used interchangeably.

D.

CoS is only used to determine CLASS of traffic DSCP is only used to differentiate between different Classes.

Question 18

You are setting up a customer's 15 headless loT devices that do not support 802.1X. What should you use?

Options:

A.

Multiple Pre-Shared Keys (MPSK) Local

B.

Clearpass with WPA3-PSK

C.

Clearpass with WPA3-AES

D.

Multiple Pre-Shared Keys (MPSK) with WPA3-AES

Question 19

How is Dynamic Multicast Optimization (DMO) implemented in an HPE Aruba wireless network?

Options:

A.

DMO is configured individually tor each SSID in use in the network.

B.

The AP uses OOS to provide equal air time for multicast traffic,

C.

DMO is configured globally for each SSID in use in the network.

D.

The controller converts multicast streams into unicast streams.

Question 20

Due to a shipping error, five (5) Aruba AP-515S and one (1) Aruba CX 6300 were sent directly to your new branch office You have configured a new group persona for the new branch office devices in Central, but you do not know their MAC addresses or serial numbers The office manager is instructed via text message on their smartphone to onboard all the new hardware into Aruba Central

What application must the office manager use on their phone to complete this task?

Options:

A.

Aruba Onboard App

B.

Aruba Central App

C.

Aruba CX Mobile App

D.

Aruba installer App

Question 21

Refer to the image.

Your customer is complaining of weak Wi-Fi coverage in their office. They mention that the office on the other side of the hall has much better signal What is the likely cause of this issue7

Options:

A.

The AP is a remote access point.

B.

The AP is using a directional antenna.

C.

The AP is an outdoor access point.

D.

The AP is configured in Mesh mode

Question 22

How is Multicast Transmission Optimization implemented in an HPE Aruba wireless network?

Options:

A.

"The optimal rate for sending multicast frames is based on the highest broadcast rate across all associated clients

B.

When this option is enabled the minimum default rate for multicast traffic is set to 12 Mbps for 5 GHz

C.

The optimal rate for sending multicast frames is based on the lowest broadcast rate across all associated clients.

D.

The optimal rate for sending multicast frames is based on the lowest unicast rate across all associated clients.

Question 23

your customer has asked you to assign a switch management role for a new user The customer requires the user role to View switch configuration information and have access to the PUT and POST meth0ds for REST API.

Which default AOS-CX user role meets these requirements?

Options:

A.

administrators

B.

auditors

C.

sysops

D.

helpdesk

Question 24

By default, Best Effort is higher priority than which priority traffic type?

Options:

A.

All queues

B.

Background

C.

Internet Control

D.

Network Control

Question 25

When configuring UBT on a switch what will happen when a gateway role is not specified?

Options:

A.

The switch will put the client on the access VLAN

B.

The gateway will assign a default role to the client

C.

The switch will assign the default deny role to the client.

D.

The gateway will send back the deny role to the client.

Question 26

Which statement best describes QoS?

Options:

A.

Determining which traffic passes specified quality metrics

B.

Scoring traffic based on the quality of the contents

C.

Identifying specific traffic for special treatment

D.

Identifying the quality of the connection

Question 27

Your customer has asked you to assign a switch management role for a new user The customer requires the user role to only have Web Ul access to the System > Log page and only have access to the GET method for REST API for the /logs/event resource

Which default AOS-CX user role meets these requirements?

Options:

A.

administrators

B.

auditors

C.

sysops

D.

operators

Question 28

A company recently upgraded its campus switching infrastructure with Aruba 6300 CX switches. They have implemented 802.1X authentication on edge ports where laptop and loT devices typically connect An administrator has noticed that for PoE devices the pons are delivering the maximum wattage instead of what the device actually needs Upon connecting the loT devices, the devices request their specific required wattage through information exchange

Options:

A.

Concerned about this waste of electricity, what should the administrator implement to solve this problem?

B.

Enable AAA authentication to exempt LLDP and/or CDP information

C.

Globally enable the QoS trust setting for LLDP and/or CDP

D.

Create device profiles with the correct power definitions.

E.

implement a classifier policy with the correct power definitions.

Question 29

Using Aruba best practices what should be enabled for visitor networks where encryption is needed but authentication is not required?

Options:

A.

Wi-Fi Protected Access 3 Enterprise

B.

Opportunistic Wireless Encryption

C.

Wired Equivalent Privacy

D.

Open Network Access

Question 30

You are configuring Policy Based Routing (PBR) for a subnet that will be used to test a new default route for your network Traffic originating from 10.2.250.0/24 should use a new default route to 10.1.1.253. Other non-default routes for this subnet should not be affected by this change.

What are two parts of the solution for these requirements? (Select two.)

A)

B)

C)

D)

E)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 31

A customer is using a legacy application that communicates at layer-2. The customer would like to keep this application working across the campus which is connected via layer-3. The legacy devices are connected to Aruba CX 6300 switches throughout the campus.

Which technology minimizes flooding so the legacy application can work efficiently?

Options:

A.

Generic Routing Encapsulation (GRE)

B.

EVPN-VXLAN

C.

Ethernet over IP (EolP)

D.

Static VXLAN

Question 32

What is an OSPF transit network?

Options:

A.

a network that uses tunnels to connect two areas

B.

a special network that connects two different areas

C.

a network on which a router discovers at least one neighbor

D.

a network that connects to a different routing protocol

Question 33

A system engineer needs to preconfigure several Aruba CX 6300 switches that will be sent to a remote office An untrained local field technician will do the rollout of the switches and the mounting of several AP-515s and AP-575S. Cables running to theAPs are not labeled.

The VLANs are already preconfigured to VLAN 100 (mgmt), VLAN 200 (clients), and VLAN 300 (guests)

What is the correct configuration to ensure that APs will work properly?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 34

A customer is using a legacy application that communicates at layer-2. The customer would like to keep this application working to a remote site connected via layer-3 All legacy devices are connected to a dedicated Aruba CX 6200 switch at each site.

What technology on the Aruba CX 6200 could be used to meet this requirement?

Options:

A.

Inclusive Multicast Ethernet Tag (IMET)

B.

Ethernet over IP (EolP)

C.

Generic Routing Encapsulation (GRE)

D.

Static VXLAN

Question 35

A network engineer recently identified that a wired device connected to a CX Switch is misbehaving on the network To address this issue, a new ClearPass policy has been put in place to prevent this device from connecting to the network again.

Which steps need to be implemented to allow ClearPass to perform a CoA and change the access for this wired device? (Select two.)

Options:

A.

Confirm that NTP is configured on the switch and ClearPass

B.

Configure dynamic authorization on the switch.

C.

Bounce the switchport

D.

Use Dynamic Segmentation.

E.

Configure dynamic authorization on the switchport

Page: 1 / 12
Total 119 questions