ACMP_6.4 Exam Questions

Total 172 Questions

Last Updated Exam : 16-Dec-2024

Topic 2: Firewall Roles and Policies2-1 - Policy Design

When creating a firewall rule on an Aruba controller, which parameter is optional?


A.

Destination


B.

Service


C.

Source


D.

Log


E.

Action





D.
  

Log



What is true about Global Session ACL? (Choose two)


A.

Any rules will apply to all users in the AP-group


B.

Any rules will apply to all users in the Network


C.

Any rules will apply to all users in the controller


D.

Is in the first position in all roles


E.

When added it is in the first position in selected Role





B.
  

Any rules will apply to all users in the Network



D.
  

Is in the first position in all roles



Which netdestination aliases are built into the controller? (Choose three)


A.

logon


B.

any


C.

user


D.

guest


E.

 localip





B.
  

any



C.
  

user



E.
  

 localip



Which may be applied directly to an VLAN interface? (Choose three)


A.

Access List (ACL)


B.

Firewall Policy


C.

Roles


D.

AAA profiles


E.

RF Plan Map





A.
  

Access List (ACL)



B.
  

Firewall Policy



D.
  

AAA profiles



What is the first role a user is given when a user associates to an open WLAN?


A.

the guest post authentication role


B.

the initial role in the captive portal profile


C.

the role in the server group profile


D.

the initial role in the AAA profile


E.

The initial role in the 802.1x profile





D.
  

the initial role in the AAA profile



The Aruba Policy Enforcement Firewall (PEF-NG) module supports destination network
address translation (dst-nat).
Which is the default use of this statement in an Aruba controller configuration?


A.

 source the IP addresses of users to specific IP address


B.

redirect HTTP sessions to Captive Portal


C.

redirect Access Points to another Aruba controller


D.

provide a telnet connection to the controller


E.

redirect a SSH session to terminate on the controller





B.
  

redirect HTTP sessions to Captive Portal



When configuring ports in the Controller wizard, which of the following are NOT
configuration options?(Choose two)


A.

Inter-VLAN routing


B.

Speed


C.

Trusted


D.

LACP


E.

Trunk





A.
  

Inter-VLAN routing



D.
  

LACP



A customer forgot all passwords for a controller. What method could you use to reset the
passwords?


A.

Telnet to the controller and login to the password recovery account


B.

SSH to the controller and login to the password recovery account


C.

Connect directly to the serial console and login to the password recovery account


D.

Interrupt the boot process at CP-boot and select password recovery


E.

Open the controller and press the reset switch





C.
  

Connect directly to the serial console and login to the password recovery account



With CPSec enabled, which tunnel protocol is used between APs and Controllers in an
Aruba environment?


A.

EAP


B.

SSH


C.

IPinIP


D.

Mobile IP


E.

IPSec





E.
  

IPSec





View the Server group and User Roles screen shots above.
A user associated to an SSID with 802.1x using this server group. RadiusNY returned a
standard radius attribute of filter-Id with a value of "employee". The user was placed in the
guest Role. What statements below are correct?(Choose two)


A.

The user was placed in the 802.1x authentication default Role guest


B.

The user was placed in the initial Role guest


C.

Role derivation failed because roles are case sensitive


D.

Role derivation failed because the incorrect operation "value-of" was used





A.
  

The user was placed in the 802.1x authentication default Role guest



C.
  

Role derivation failed because roles are case sensitive




Page 4 out of 18 Pages
Previous