ACMA_6.3 Online Practice Questions and Answers

Remote AP in tunnel mode, by default, uses which of the following to encrypt user traffic back to the mobility controller?

A. L2TP over IPSec is used to carry user traffic and control traffic

B. PPTP is used to tunnel user traffic

C. The AP does not encrypt user traffic. The user's link layer encryption is used.

D. Remote AP traffic is unencrypted

E. Certificate based tunnel

Which of the following is true about configuring a server group?

A. Server rules are used to send information to the configured servers

B. A server group can have more than 1 server

C. If the internal database is used in the server group, then no external servers can be added

D. If multiple servers are assigned to the server group, all except the 1st will be ignored

E. All the servers in a server group will be used round robin style

Guest access can be provided securely by combining the following components of an Aruba system: (Select two)

A. Use restrictive firewall policies to limit the guest user's access to internal resources

B. Providing guests their own APs and controllers

C. Dedicated APs

D. Authenticate users with the internal captive portal against the internal database or other server

E. DoS guest users off of the system and make them use wired ports

Which of the following core components of ARM enables intelligent distribution of clients across available channel capacity?

A. Multi-band scan

B. Spectrum load balancing

C. Rogue AP detection

D. Band steering

E. Coordinated Access to a Single Channel

Aruba's recommended best option for authenticating guest users is:

A. Temporary employee account

B. Kerberos

C. Captive Portal

D. Windows logon

E. Email address

When a client is blacklisted, the controller will:

A. Send a message telling the client it has been blacklisted

B. De-authenticate the client from the network but allow it to keep transmitting data

C. Only block the client if it hasn't yet associated with an AP

D. Stop the client from associating with any SSID on the controller

E. Block the client from the SSID he was connected to

802.1X authentication takes place:

A. Prior to granting access to L2 media

B. After the user has an IP address

C. After the user sees the captive portal page

D. Prior to the user associating with the AP

E. Once the IPSEC tunnel is up

A Remote AP uses which type of secure tunnel to communicate with a controller:

A. NAT-T

B. IPSec

C. PPTP

D. GRE

E. IP-IP

Firewall policy should be written from:

A. Least specific to most specific

B. Most specific to least specific

C. Most important resources first

D. Order is not important

E. Policies with the most rules 1st

Which of these are supported by the Aruba Controller? (Select two)

A. SNMP

B. HSRP

C. AES Encryption

D. Blowfish encryption E. BGP