無料で使えるHPE6-A85日本語サンプル問題で100%カバー率のリアル試験問題(更新された115問あります)
今すぐダウンロード!リアルHP HPE6-A85日本語試験問題集テストエンジン試験問題
質問 # 67
あなたは、本社オフィスのローカル サブネットと支社のリモート サブネット間の接続障害のトラブルシューティングを依頼されました。PC1 は PC2 に ping を送信できません。
提供されたトポロジと show コマンドの出力を使用して、失敗の理由を特定します。


- A. ブランチ オフィス L3-SW-2 上 - スイッチには、本社オフィスのローカル サブネットへのスタティック ルートがありません。
- B. 本社オフィス L3-SW-1 上 - スイッチにはインターネットへの静的デフォルト ルートがありません。
- C. ブランチ オフィス - L3-SW-2 - 正しいサブネットにレイヤ 3 SVI が設定されていません。
- D. 本社オフィス L3-SW-1 - ブランチ オフィスへのルートがありません。
正解:A
解説:
Using the provided topology and show command output, it can be determined that L3-SW-2 in the Branch Office does not have a route to reach the subnet where PC1 resides (192.168.1.0/24 in the HQ Office). L3-SW-1 in the HQ Office has a route to the Branch Office subnet (172.16.1.0/24), but without the reciprocal route on L3-SW-2, traffic from the Branch Office will not be able to reach the HQ Office subnet, hence PC1 cannot ping PC2.
質問 # 68
ネットワーク技術者が 802 1X 経由で従業員 SSID に正常に接続しました。接続を成功させるにはどの RADIUS メッセージを探す必要がありますか?
- A. アクセス許可
- B. 認証済み
- C. 成功
- D. 許可されています
正解:A
解説:
The RADIUS message that you should look for to ensure a successful connection via 802.1X is Access-Accept. This message indicates that the RADIUS server has authenticated and authorized the supplicant (the device that wants to access the network) and has granted it access to the network resources. The Access-Accept message may also contain additional attributes such as VLAN ID, session timeout, or filter ID that specify how the authenticator (the device that controls access to the network, such as a switch) should treat the supplicant's traffic.
The other options are not RADIUS messages because:
Authorized: This is not a RADIUS message, but a state that indicates that a port on an authenticator is allowed to pass traffic from a supplicant after successful authentication and authorization.
Success: This is not a RADIUS message, but a status that indicates that an EAP Extensible Authentication Protocol (EAP) is an authentication framework that provides support for multiple authentication methods, such as passwords, certificates, tokens, or biometrics. EAP is used in wireless networks and point-to-point connections to provide secure authentication between a supplicant (a device that wants to access the network) and an authentication server (a device that verifies the credentials of the supplicant). exchange has completed successfully between a supplicant and an authentication server.
Authenticated: This is not a RADIUS message, but a state that indicates that a port on an authenticator has received an EAP-Success message from an authentication server after successful authentication of a supplicant.
質問 # 69
レイヤ 3 ルート ループを軽減するためにレイヤ 3 IPv4 パケット ヘッダーで送信されるのはどれですか?
- A. 宛先IP
- B. Time To Live
- C. チェックサム
- D. Protocol
正解:B
解説:
The field in a Layer 3 IPv4 packet header that is used to mitigate Layer 3 route loops is Time To Live (TTL). TTL is an 8-bit field that indicates the maximum number of hops that a packet can traverse before being discarded. TTL is set by the source device and decremented by one by each router that forwards the packet. If TTL reaches zero, the packet is dropped and an ICMP Internet Control Message Protocol (ICMP) Internet Control Message Protocol (ICMP) is a network protocol that provides error reporting and diagnostic functions for IP networks. ICMP is used to send messages such as echo requests and replies (ping), destination unreachable, time exceeded, parameter problem, source quench, redirect, etc. ICMP messages are encapsulated in IP datagrams and have a specific format that contains fields such as type, code, checksum, identifier, sequence number, data, etc. ICMP messages can be verified by using commands such as ping, traceroute, debug ip icmp, etc. message is sent back to the source device. TTL is used to mitigate Layer
3 route loops because it prevents packets from circulating indefinitely in a looped network topology. TTL also helps to conserve network resources and avoid congestion caused by looped packets.
The other options are not fields in a Layer 3 IPv4 packet header because:
- Checksum: Checksum is a 16-bit field that is used to verify the integrity of the IP header. Checksum is calculated by the source device and verified by the destination device based on the values of all fields in the IP header. Checksum does not mitigate Layer 3 route loops because it does not limit the number of hops that a packet can traverse.
- Protocol: Protocol is an 8-bit field that indicates the type of payload carried by the IP datagram. Protocol identifies the upper-layer protocol that uses IP for data transmission, such as TCP Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) is a connection-oriented transport layer protocol that provides reliable, ordered, and error-checked delivery of data between applications on different devices. TCP uses a three-way handshake to establish a connection between two endpoints, and uses sequence numbers, acknowledgments, and windowing to ensure data delivery and flow control. TCP also uses mechanisms such as retransmission, congestion avoidance, and fast recovery to handle packet loss and congestion. TCP segments data into smaller units called segments, which are encapsulated in IP datagrams and have a specific format that contains fields such as source port, destination port, sequence number, acknowledgment number, header length, flags, window size, checksum, urgent pointer, options, data, etc. TCP segments can be verified by using commands such as telnet, ftp, ssh, debug ip tcp transactions, etc ., UDP User Datagram Protocol (UDP) User Datagram Protocol (UDP) is a connectionless transport layer protocol that provides
質問 # 70
WPA2-Personal をセキュリティに使用すると、WLAN 環境に導入される弱点は何ですか?
- A. ペアワイズ マスター キー (PMK) はすべてのユーザーによって共有されます
- B. ペアワイズ テンポラル キー (PTK) は各セッションに固有です
- C. WPA 4-Way Handshake を使用しません。
- D. 認証局によって生成された X 509 証明書を使用します
正解:A
解説:
The weakness introduced into WLAN environment when WPA2-Personal is used for security is that PMK Pairwise Master Key (PMK) is a key that is derived from PSK Pre-shared Key (PSK) is a key that is shared between two parties before communication begins , which are both fixed. This means that all users who know PSK can generate PMK without any authentication process. This also means that if PSK or PMK are compromised by an attacker, they can be used to decrypt all traffic encrypted with PTK Pairwise Temporal Key (PTK) is a key that is derived from PMK, ANonce Authenticator Nonce (ANonce) is a random number generated by an authenticator (a device that controls access to network resources, such as an AP), SNonce Supplicant Nonce (SNonce) is a random number generated by supplicant (a device that wants to access network resources, such as an STA), AA Authenticator Address (AA) is MAC address of authenticator, SA Supplicant Address (SA) is MAC address of supplicant using Pseudo-Random Function (PRF). PTK consists of four subkeys: KCK Key Confirmation Key (KCK) is used for message integrity check, KEK Key Encryption Key (KEK) is used for encryption key distribution, TK Temporal Key (TK) is used for data encryption, MIC Message Integrity Code (MIC) key. .
The other options are not weaknesses because:
It uses X 509 certificates generated by a Certification Authority: This option is false because WPA2-Personal does not use X 509 certificates or Certification Authority for authentication. X 509 certificates and Certification Authority are used in WPA2-Enterprise mode, which uses 802.1X and EAP Extensible Authentication Protocol (EAP) is an authentication framework that provides support for multiple authentication methods, such as passwords, certificates, tokens, or biometrics. EAP is used in wireless networks and point-to-point connections to provide secure authentication between a supplicant (a device that wants to access the network) and an authentication server (a device that verifies the credentials of the supplicant). for user authentication with a RADIUS server Remote Authentication Dial-In User Service (RADIUS) is a network protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service .
The Pairwise Temporal Key (PTK) is specific to each session: This option is false because PTK being specific to each session is not a weakness but a strength of WPA2-Personal. PTK being specific to each session means that it changes periodically during communication based on time or number of packets transmitted. This prevents replay attacks and increases security of data encryption.
It does not use the WPA 4-Way Handshake: This option is false because WPA2-Personal does use the WPA 4-Way Handshake for key negotiation. The WPA 4-Way Handshake is a process that allows the station and the access point to exchange ANonce and SNonce and derive PTK from PMK. The WPA 4-Way Handshake also allows the station and the access point to verify each other's PMK and confirm the installation of PTK.
質問 # 71
ネットワーク技術者が 802 1X 経由で従業員 SSID に正常に接続しました。接続を成功させるにはどの RADIUS メッセージを探す必要がありますか?
- A. アクセス許可
- B. 認証済み
- C. 成功
- D. 許可されています
正解:A
解説:
Explanation
The RADIUS message that you should look for to ensure a successful connection via 802.1X is Access-Accept. This message indicates that the RADIUS server has authenticated and authorized the supplicant (the device that wants to access thenetwork) and has granted it access to the network resources. The Access-Accept message may also contain additional attributes such as VLAN ID, session timeout, or filter ID that specify how the authenticator (the device that controls access to the network, such as a switch) should treat the supplicant's traffic.
The other options are not RADIUS messages because:
Authorized: This is not a RADIUS message, but a state that indicates that a port on an authenticator is allowed to pass traffic from a supplicant after successful authentication and authorization.
Success: This is not a RADIUS message, but a status that indicates that an EAP Extensible Authentication Protocol (EAP) is an authentication framework that provides support for multiple authentication methods, such as passwords, certificates, tokens, or biometrics. EAP is used in wireless networks and point-to-point connections to provide secure authentication between a supplicant (a device that wants to access the network) and an authentication server (a device that verifies the credentials of the supplicant). exchange has completed successfully between a supplicant and an authentication server.
Authenticated: This is not a RADIUS message, but a state that indicates that a port on an authenticator has received an EAP-Success message from an authentication server after successful authentication of a supplicant.
References: https://en.wikipedia.org/wiki/RADIUS#Access-Accept
https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13838-1
https://en.wikipedia.org/wiki/IEEE_802.1X#Port-based_network_access_control
https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP_exchange
質問 # 72
UXl の 2 つの利点は何ですか? (2つ選択してください。)
- A. UX1 は、HTTP VOIP や Office 365 などのさまざまなアプリケーションをチェックできます。
- B. UX1 は、指定された場所にあるすべての AP の Wi-Fi カバレッジを測定します。
- C. UX1 はクライアント/ユーザーのように動作します。
- D. UXl はインターネット接続なしで使用できます
- E. UXl は、離れた場所で最適な WiFi チャネルを計算するのに役立ちます。
正解:A、C
解説:
Explanation
A UXI (User Experience Insight) is a device that simulates user behavior and tests network performance from the user perspective. It can check different applications, such as HTTP, VOIP, or Office 365, and measure metrics such as latency, jitter, packet loss, and throughput.
References:https://www.arubanetworks.com/products/networking/user-experience-insight/
質問 # 73
Aruba CX スイッチで OSPF ダイナミック ルーティング プロトコルを使用する場合、ルートを交換するには隣接デバイスで何が一致する必要がありますか?
- A. こんにちはタイマー
- B. BDR 構成
- C. DR構成
- D. ECMP方式
正解:A
解説:
Explanation
OSPF Open Shortest Path First. OSPF is a link-state routing protocol that uses a hierarchical structure to create a routing topology for IP networks. OSPF routers exchange routing information with their neighbors using Hello packets, which are sent periodically on each interface. To establish an adjacency Adjacency is a relationship formed between selected neighboring routers for the purpose of exchanging routing information., OSPF routers must agree on several parameters, including Hello timers, which specify how often Hello packets are sent on an interface. If the Hello timers do not match between neighboring routers, they will not form an adjacency and will not exchange routes.
References:https://www.arubanetworks.com/techdocs/ArubaOS_86_Web_Help/Content/arubaos-solutions/osfp/o
質問 # 74
信号強度を測定する場合は、dBm が一般的に使用され、0 dBm は 1 mW の電力に相当します。
-20 dBm は何に相当しますか?
- A. .01mw
- B. 10mW
- C. .-1mW
- D. 1mW
正解:A
解説:
Explanation
dBm is a unit of power that measures the ratio of a given power level to 1 mW. The formula to convert dBm to mW is: P(mW) = 1mW * 10^(P(dBm)/10). Therefore, -20 dBm corresponds to 0.01 mW, as follows: P(mW) =
1mW * 10^(-20/10) = 0.01 mW References:https://www.rapidtables.com/convert/power/dBm_to_mW.html
質問 # 75
Aruba Central テクノロジーを適切な機能に合わせます。(一致は複数回使用できます。)
正解:
解説:
質問 # 76
管理距離の目的を説明する
- A. 管理距離はルートエントリの信頼度評価として使用されます
- B. 静的ルートの管理距離は10です
- C. 管理距離が大きいほど優先されます
- D. 外部BGP経由でチーム化されたルートは、OSPF経由で学習されたルートよりも管理距離が長くなります。
正解:A
質問 # 77
一般的な Aruba 屋内 AP の理想的な取り付け位置はどれですか?
- A. 水平、吊り天井の上
- B. オフィスの机の下
- C. 水平、吊り天井の下
- D. 垂直、壁に向かって
正解:C
解説:
The ideal mounting position for a typical Aruba indoor AP is horizontally, below a suspended ceiling. This positioning takes advantage of the AP's antenna radiation pattern and helps provide optimal wireless coverage and performance within the indoor environment.
質問 # 78
機能を Aruba OS バージョンに一致させます (一致は複数回使用できます)。
正解:
解説:
Explanation
Features: 1) Clustered Instant Access Points Aruba OS version: a) Aruba OS 8 Features: 2) Dynamic Radius Proxy Aruba OS version: a) Aruba OS 8 Features: 3) Scales to more than 10,000 devices Aruba OS version: b) Aruba OS 10 Features: 4) Unifies wired and wireless management Aruba OS version: a) Aruba OS 8 Features: 5) Wireless controllers Aruba OS version: a) Aruba OS 8 ArubaOS is the operating system for all Aruba Mobility Controllers (MCs) and controller-managed wireless access points (APs). ArubaOS 8 delivers unified wired and wireless access, seamless roaming, enterprise grade security, and a highly available network with the required reliability to support high density environments1.
Some of the features of ArubaOS 8 are:
Clustered Instant Access Points: This feature allows multiple Instant APs to form a cluster and share configuration and state information. This enables seamless roaming, load balancing, and fast failover for clients2.
Dynamic Radius Proxy: This feature allows an MC to act as a proxy for RADIUS authentication requests from clients or APs. This simplifies the configuration and management of RADIUS servers and reduces the network traffic between MCs and RADIUS servers3.
Wireless controllers: Aruba wireless controllers are devices that centrally manage and control the wireless network. They provide functions such as AP provisioning, configuration, security, policy enforcement, and network optimization.
ArubaOS 10 is the next-generation operating system that works with Aruba Central, a cloud-based network management platform. ArubaOS 10 delivers greater scalability, security, and AI-powered optimization across large campuses, branches, and remote work environments. Some of the features of ArubaOS 10 are:
Scales to more than 10,000 devices: ArubaOS 10 can support up to 10,000 devices per cluster, which is ten times more than ArubaOS 8. This enables customers to scale their networks without compromising performance or reliability.
Unifies wired and wireless management: ArubaOS 10 provides a single platform for managing both wired and wireless devices across the network. Customers can use Aruba Central to configure, monitor, troubleshoot, and update their devices from anywhere.
Both ArubaOS 8 and ArubaOS 10 share some common features, such as:
Unifies wired and wireless management: Both operating systems provide unified wired and wireless access for customers who use Aruba switches and APs. Customers can use a single interface to manage their entire network infrastructure
https://www.arubanetworks.com/resource/arubaos-8-fundamental-guide/ 2
https://www.arubanetworks.com/techdocs/Instant_86_WebHelp/Content/instant-ug/iap-maintenance/clust
3
https://www.arubanetworks.com/techdocs/ArubaOS_86_Web_Help/Content/arubaos-solutions/1-overview
https://www.arubanetworks.com/products/networking/controllers/
https://www.arubanetworks.com/products/network-management-operations/arubaos/
https://blogs.arubanetworks.com/solutions/making-the-switch/
https://www.arubanetworks.com/products/network-management-operations/aruba-central/
質問 # 79
要求どおりにエッジ スイッチのアップリンクを設定した後、同僚がコアへの ping に失敗したと言います。 あなたは同僚に、接続が差し込まれており、スイッチの電源が入っていることを確認するように依頼します。同僚は両方が正しいことを確認します。 あなたはコア スイッチに ping を試みます。 ping が失敗していることを確認します。
この展開の性質を理解した上で、この問題のトラブルシューティングにどのようなコマンドを使用できるか
- A. Ping 10.11 1 - コアに ping して、接続性を確認します。 トランクを表示 - LAG インターフェイスがスイッチに正しく追加されたかどうかを確認します。 スパニング ツリーを表示します。 - スパニング ツリーのブロック状態を確認します。 ポート アクセス クライアント インターフェイスをすべて表示します。 - すべてのインターフェイスでポート アクセスのブロック状態または失敗した認証試行を表示します。 show runinterface vlan20 - l_3 接続に対してレイヤ 3 SVI 設定が正しいことを再確認します。 Show lldp neighors - コアをL2 ネイバーは、正しいリンクが正しいポートに接続されているかどうかを確認します。
- B. 10.1.1.1 に ping - コアに ping を実行して、接続を確認します。 show lacp agg - どのリンク アグリゲーションが現在どの物理ポートを使用して設定されているかを確認します。 show lacp int - LACP ステータスと、リンクがブロックされているかどうかを確認します。トポロジ show lldp neighors - コアを L2 ネイバーとして認識できるかどうかを確認し、正しいリンクが正しいポートに接続されているかどうかを確認します。 show runinterface 1/1/51.1/1/52 - 物理インターフェイスを確認します。 no-shut であり、ラグのメンバーである show runinterface lag 1 - 正しい VLAN トランキング設定が論理インターフェイスに適用されていることを確認するため show run int vlan 20 - L3 SVI が no shut であり、正しいサブネットに設定されていることを確認するため
- C. Diag diag Cable-diag 1/1/51 diag Cable-diag 1/1/52 - 物理リンクの診断情報を表示して、レイヤー 1 接続の中断に関するステータスを取得するには、show ip Route - 確認します。デフォルト ゲートウェイがルーティング テーブルに存在すること show ip ospf - レイヤ 3 ルーティング プロトコルが有効になっているかどうかを確認する show ip dns - 有効な DNS ソースがあるかどうかを表示する
- D. Show run - スイッチの実行構成を表示します。 Show run | begin 20 "vlan 20" - VLAN 20 がデータベースに正しく追加されたことを確認するには、show run | begin 20 'interface vlan 20' - L3 SVI 設定を表示します Show runinterface 1/1/51.1/1/52 - 物理インターフェイスがシャットされておらず、LAG 1 のメンバーとして追加されていることを確認します Show run int lag 1 - LACP ブロック状態を解消するために LACP モードがアクティブに設定されていることを確認します
正解:B
解説:
These commands might help troubleshoot this issue as they check various aspects of the connectivity between the edge switch and the core switch, such as Layer 3 reachability, Layer 2 adjacency, LACP configuration and status, VLAN trunking configuration, and interface status. Reference: https://www.arubanetworks.com/techdocs/AOS-CX_10_04/CLI/GUID-8F0E7E8B-0F4B-4A3C-AE7F-0F1B5A7F9C5D.html
質問 # 80
レイヤ 2 MAC 認証を使用する利点は何ですか?
- A. クライアントでの設定は必要ありません。
- B. ユーザー名と MAC アドレスを照合します。
- C. MAC 許可リストは長期にわたって簡単に維持されます
- D. MAC 識別子はなりすましが困難です
正解:A
解説:
Explanation
Layer 2 MAC authentication is a method of authenticating devices based on their MAC addresses without requiring any client-side configuration or credentials. The switch sends the MAC address of the device to an authentication server such as ClearPass or RADIUS, which checks if the MAC address is authorized to access the network. If yes, the switch grants access to the device based on the assigned role and policies. If no, the switch denies access or redirects the device to a captive portal for further authentication.
References:https://www.arubanetworks.com/techdocs/ArubaOS_86_Web_Help/Content/arubaos-solutions/1-ove
質問 # 81
AP 信号強度 0.0000001 ミリワットは何 dBm に相当しますか?
- A. -60 dBm
- B. -90 dBm
- C. -70 dBm
- D. -80 dBm
正解:D
解説:
An AP signal strength of .0000001 milliwatts is equivalent to -80 dBm. The dBm scale is logarithmic, with every 10 dBm representing a tenfold increase or decrease in power. A signal strength of 1 milliwatt (mW) is 0 dBm, so a signal strength of .0000001 mW is 80 decibels less than 1 mW, which is -80 dBm.
質問 # 82
分散ラックごとに 200 ~ 380 台のクライアント、プリンタ、AP にコスト効率よく接続するための理想的な Aruba アクセス スイッチは何ですか?
- A. アルバ CX 6300
- B. アルバ CX 6400
- C. アルバ CX 6000
- D. アルバ CX 6200
正解:A
解説:
The ideal Aruba access switch for a cost-effective connection to 200-380 clients, printers and APs per distribution rack is the Aruba CX 6200. This switch series is a cloud-manageable, stackable access switch series that is ideal for enterprise branch offices and campus networks, as well as SMBs.
The CX 6200 series offers the following benefits:
- Enterprise-class connectivity: The CX 6200 series supports ACLs, robust QoS, and common protocols such as static and Access OSPF routing.
- Power and speed for users and IoT: The CX 6200 series provides built-in 1/10GbE uplinks and 30W to
60W of Class 4 to Class 6 PoE for powering devices such as APs and cameras.
- Scalable growth made simple: The CX 6200 series supports Aruba Virtual Switching Framework (VSF) that allows you to quickly grow your network to eight members in a single stack using high-performance built-in 10G SFP ports.
- Management flexibility: The CX 6200 series supports a choice of management, including cloud-based and on-prem Central, CLI, switch Web GUI and programmability with AOS-CX operating system, and REST APIs.
The other options are not ideal because:
- Aruba CX 6400: This switch series is a high-availability modular switch series that is ideal for versatile edge access to data center deployments. It offers more performance, scalability, and modularity than the CX 6200 series, but it is also more expensive and complex to deploy and manage. It may not be cost- effective for connecting 200-380 clients per distribution rack.
- Aruba CX 6300: This switch series is a layer 3 stackable access and aggregation switch series that offers Smart Rate and High Power PoE. It offers more features and performance than the CX 6200 series, but it is also more expensive and may not be necessary for connecting 200-380 clients per distribution rack.
- Aruba CX 6000: This switch series is a layer 2 access switch series that offers PoE. It offers less features and performance than the CX 6200 series, and it does not support VSF stacking or routing protocols. It may not be sufficient for connecting 200-380 clients per distribution rack.
References:
https://www.arubanetworks.com/products/switches/access/
https://www.arubanetworks.com/products/switches/access/6200-series/
https://www.arubanetworks.com/products/switches/access/6400-series/
https://www.arubanetworks.com/products/switches/access/6300-series/
https://www.arubanetworks.com/products/switches/access/6000-series/
質問 # 83
メッセージ処理のフェーズをオープン システム相互接続 (OSl) 層と一致させます。
正解:
解説:
Explanation
Layer: 1) Physical layer Phase of Message Processing: d) Organize the data into bits Layer: 2) Data Link layer Phase of Message Processing: c) Organize the data into frames Layer: 3) Network layer Phase of Message Processing: b) Organize the data into packets Layer: 4) Transport layer Phase of Message Processing: a) Organize the data into segments The OSI model divides the networking process into seven layers, each representing a different step of the transmission chain. Each layer has its own function and is responsible for well-defined tasks. User data passes sequentially from the highest layer down through the lower layers until the device transmits it externally. The lowest layer, the physical layer, converts the data into bits that can be sent over a physical medium. The second layer, the data link layer, organizes the bits into frames that can be transmitted over a link between two nodes. The third layer, the network layer, organizes the frames into packets that can be routed across a network of nodes. The fourth layer, the transport layer, organizes the packets into segments that can provide reliable and error-free communication between two end points12. References: 1
https://www.linode.com/docs/guides/introduction-to-osi-networking-model/ 2
https://en.wikipedia.org/wiki/OSI_model
質問 # 84
お客様は、2 つの Aruba CX 6200F 48G スイッチをワイヤリング クローゼット間の距離 80 m/252 フィートで相互に接続する必要があります。スイッチは、各キャビネットでリング トポロジによる VSF 拡張を予約する必要があります。
冗長リンクアグリゲーションポート構成の有効な構成は何ですか?
- A. LAG 用の SFP28 を備えたポート 1/1/49 および 1/1/50
- B. LAG のポート 1/1/47 および 1/1/48
- C. LAG のポート 1/1/1 および 1/1/2
- D. LAG 用の SFP+ を備えたポート 1/1/51 および 1/1/52
正解:A
解説:
For an 80m distance between wiring closets, using SFP+ transceivers is appropriate as they can support longer distances than standard copper interfaces. Ports 1/1/51 and 1/1/52 are typically reserved for uplinks on Aruba CX 6200F 48G switches and can support SFP+ transceivers, making them suitable for a redundant link-aggregation port configuration.
質問 # 85
データの暗号化および/または復号化に WPA キー階層のどの部分が使用されるか
- A. 1回使用される数値(ノンス)
- B. ペアワイズ マスター キー (PMK)
- C. ペアワイズ一時キー (PTK)
- D. キー確認キー(KCK)
正解:C
解説:
Explanation
The part of WPA Key Hierarchy that is used to encrypt and/or decrypt data is Pairwise Temporal Key (PTK).
PTK is a key that is derived from PMK Pairwise Master Key (PMK) is a key that is derived from PSK Pre-shared Key (PSK) is a key that is shared between two parties before communication begins , ANonce Authenticator Nonce (ANonce) is a random number generated by an authenticator (a device that controls access to network resources, such as an AP) , SNonce Supplicant Nonce (SNonce) is a randomnumber generated by supplicant (a device that wants to access network resources, such as an STA) , AA Authenticator Address (AA) is MAC address of authenticator , SA Supplicant Address (SA) is MAC address of supplicant using Pseudo-Random Function (PRF). PTK consists of four subkeys:
KCK Key Confirmation Key (KCK) is used for message integrity check
KEK Key Encryption Key (KEK) is used for encryption key distribution
TK Temporal Key (TK) is used for data encryption
MIC Message Integrity Code (MIC) key
The subkey that is specifically used for data encryption is TK Temporal Key (TK). TK is also known as Pairwise Transient Key (PTK). TK changes periodically during communication based on time or number of packets transmitted.
The other options are not part of WPA Key Hierarchy because:
PMK: PMK is not part of WPA Key Hierarchy, but rather an input for deriving PTK.
KCK: KCK is part of WPA Key Hierarchy, but it is not used for data encryption, but rather for message integrity check.
Nonce: Nonce is not part of WPA Key Hierarchy, but rather an input for deriving PTK.
References: https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#WPA_key_hierarchy_and_management
https://www.cwnp.com/wp-content/uploads/pdf/WPA2.pdf
質問 # 86
......
最新HPE6-A85日本語テスト問題集を試そう!更新されたHP試験が合格できます:https://www.jpntest.com/shiken/HPE6-A85J-mondaishu