HPE7-A06無料問題集「HPE Campus Access Switching Expert Written」

質問 1

What is the correct sequence of events that occurs when a user device connects to a network using Dynamic Segmentation?

正解：

Explanation:

This question asks for the sequence of events when a user device connects to a network utilizing Dynamic Segmentation, which typically involves authentication via ClearPass and role-based policy assignment.
* Authentication:When a device connects (wired or wireless), the first step in gaining secure access is authentication. The switch or AP (authenticator) facilitates this process, usually communicating via RADIUS with ClearPass Policy Manager (RADIUS server). The device provides credentials or uses certificates (e.g., 802.1X, MAC Auth).
* Role Assignment:Upon successful authentication, ClearPass evaluates policies based on the device
/user context (identity, posture, time of day, etc.) and sends back RADIUS attributes to the authenticator. A crucial attribute is the assigned User Role. This role encapsulates the access privileges and network configuration for the device.
* Network Placement/Segmentation:The authenticator (switch/AP) uses the assigned role information received from ClearPass to place the device into the appropriate network segment. This might involve assigning a specific VLAN ID to the port/client or, in User-Based Tunneling (UBT) scenarios, establishing a tunnel to an Aruba Gateway associated with that role. The step "placed on a VLAN based on its role" describes one common method of segmentation based on the assigned role.
* Access Granted:Once the device is authenticated, assigned a role, and placed in the correct network segment (VLAN or tunnel), access is granted according to the firewall rules, QoS settings, and other policies defined within that assigned role. Traffic can now flow subject to these enforced policies.
References:Aruba Dynamic Segmentation Solution Guides, ClearPass Policy Manager Documentation, AOS- CX Security Guide (Roles, Port Access). This relates to "Authentication/Authorization" (9%), "Security" (10%), "Switching" (19%), and "WLAN" (9%) objectives.

質問 2

Which tables arc synchronized between a pair ofCX 8325 switches in a VSX cluster? (Select two.)

（A）IP Routing

（B）Link Layer Discovery Protocol (LLDP)

（C）Spanning-TreeProtocol (STP)

（D）MAC address

（E）BGP Neighbors

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

You want to use OSPF to advertise a only .\16 summary route for the SVlsbelow to a neighbor In the same area (area 0).
Which configuration will achieve this?

（A）

（B）

（C）

（D）

（E）

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A customer has configured eBGP peering using local AS 65000 with two routers from a CX 6300 VSF stack with thefollowing switch ports:
[ports connecting to router-1 10.10.10.2]

The LAGs are connected lo third-party L2 switches, which are used as a transit network for the remote eBGP routers. To optimise the possible BGP peering issues. The AOS-CX switch Is configured with theglobal settings:

What needs to be done on the AOS_CX switch to enable the bidirectional forwarding with the eBGP peers?

（A）Option D

（B）Option B

（C）Option C

（D）Option A

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which issue may becausing the new door locks on the APs to notwork?

（A）BT power to the AP is too much.

（B）AT power to the AP is notenough.

（C）AT power to the AP is too much.

（D）AF power to the AP is not enough.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

You arc about lo deploy a gateway that is on factory default. ZTP cannot be used for different reasons, but you are searching forvalid alternatives. What are two valid alternatives for ZTP? (Select two.)

（A）Use OTP by connecting lo the console port, and use terminal software to complete provisioning. *Static- Activate" should be used.

（B）Use OTP by connecting to port 0/0/1 with a static IP. and use a Web browser to complete provisioning.

（C）Use OTP by connecting to port 0/0/0. and use a Web browser to complete provisioning.

（D）UseOTP by connecting to port 0/0/1. and use a Web browser to completeprovisioning.

（E）Use OTP by connecting to the console port, and use terminal software to complete provisioning. "Full- Setup" should be used.

正解：D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A client is unable to connect to the network, In the HPE Aruba Networking ClearPass access tracker, wo can seean EAP timeout What is a possible cause of this message?

（A）The radius server doesnot trust the client certificate

（B）The client does not trust the radius server certificate.

（C）The client can see that theradiusserver certificateis expired.

（D）The radius server can seethat theclient certificate is expired.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

HPE7-A06 無料問題集「HPE Campus Access Switching Expert Written」

弊社を連絡する

関連リンク

トップ試験