Topic 2: Firewall Roles and Policies2-1 - Policy Design
When creating a firewall rule on an Aruba controller, which parameter is optional?
A.
Destination
B.
Service
C.
Source
D.
Log
E.
Action
Log
What is true about Global Session ACL? (Choose two)
A.
Any rules will apply to all users in the AP-group
B.
Any rules will apply to all users in the Network
C.
Any rules will apply to all users in the controller
D.
Is in the first position in all roles
E.
When added it is in the first position in selected Role
Any rules will apply to all users in the Network
Is in the first position in all roles
Which netdestination aliases are built into the controller? (Choose three)
A.
logon
B.
any
C.
user
D.
guest
E.
localip
any
user
localip
Which may be applied directly to an VLAN interface? (Choose three)
A.
Access List (ACL)
B.
Firewall Policy
C.
Roles
D.
AAA profiles
E.
RF Plan Map
Access List (ACL)
Firewall Policy
AAA profiles
What is the first role a user is given when a user associates to an open WLAN?
A.
the guest post authentication role
B.
the initial role in the captive portal profile
C.
the role in the server group profile
D.
the initial role in the AAA profile
E.
The initial role in the 802.1x profile
the initial role in the AAA profile
The Aruba Policy Enforcement Firewall (PEF-NG) module supports destination network
address translation (dst-nat).
Which is the default use of this statement in an Aruba controller configuration?
A.
source the IP addresses of users to specific IP address
B.
redirect HTTP sessions to Captive Portal
C.
redirect Access Points to another Aruba controller
D.
provide a telnet connection to the controller
E.
redirect a SSH session to terminate on the controller
redirect HTTP sessions to Captive Portal
When configuring ports in the Controller wizard, which of the following are NOT
configuration options?(Choose two)
A.
Inter-VLAN routing
B.
Speed
C.
Trusted
D.
LACP
E.
Trunk
Inter-VLAN routing
LACP
A customer forgot all passwords for a controller. What method could you use to reset the
passwords?
A.
Telnet to the controller and login to the password recovery account
B.
SSH to the controller and login to the password recovery account
C.
Connect directly to the serial console and login to the password recovery account
D.
Interrupt the boot process at CP-boot and select password recovery
E.
Open the controller and press the reset switch
Connect directly to the serial console and login to the password recovery account
With CPSec enabled, which tunnel protocol is used between APs and Controllers in an
Aruba environment?
A.
EAP
B.
SSH
C.
IPinIP
D.
Mobile IP
E.
IPSec
IPSec
View the Server group and User Roles screen shots above.
A user associated to an SSID with 802.1x using this server group. RadiusNY returned a
standard radius attribute of filter-Id with a value of "employee". The user was placed in the
guest Role. What statements below are correct?(Choose two)
A.
The user was placed in the 802.1x authentication default Role guest
B.
The user was placed in the initial Role guest
C.
Role derivation failed because roles are case sensitive
D.
Role derivation failed because the incorrect operation "value-of" was used
The user was placed in the 802.1x authentication default Role guest
Role derivation failed because roles are case sensitive
Page 4 out of 18 Pages |
Previous |