HPE7-A07 Aruba Certified Campus Access Mobility Expert Written Exam Practice Test

Page: 1 / 14
Total 70 questions
Question 1

A customer has deployed an AOS 10 mobility gateway cluster consisting of three controllers at a single site The WLAN is configured to tunnel wireless device traffic to the AOS 10 mobility cluster. The clients are authorized to use WPA2-Personal. An end-user has opened a ticket with the helpdesk stating they cannot connect their client device to the network. There are other devices currently associated with the SSID with no issues.

Reviewing the output, what Is the issue?



Answer : C

The issue indicated by the output is an invalid pre-shared key (PSK). The logs show multiple failures during the WPA2 key exchange process, which points to a mismatch between the PSK configured on the client device and the PSK expected by the AOS 10 mobility gateway.


Question 2

You configured a tunneled SSID with captive portal and a ClearPass Guest Self Registration workflow when testing and launching the self-registration workflow, after successful registration, the login action shows the following error:

What is the best solution to resolve this error?



Answer : D

Including the root and intermediate certificates in the captive portal certificate for the gateway will resolve the error seen during the login action after successful registration. This is necessary to ensure the SSL/TLS handshake can be completed successfully, as the client browser needs to validate the entire certificate chain.


Question 3

Exhibit.

Which wireless connection phase has Just been completed?



Answer : D

The wireless connection phase that has just been completed is L2 authentication and encryption. This phase includes processes such as the Extensible Authentication Protocol (EAP) exchange, RADIUS requests and responses, and the 4-way handshake which is characteristic of WPA2-AES encryption.


Question 4

Exhibit.

Which would explain this issue?



Answer : D

The correct address for the ClearPass Guest should match the FQDN of the HTTPS certificate installed on the device, which is often the FQDN of the vendor's product. This ensures secure and proper redirection to the captive portal during the authentication process. The FQDN should be entered in the Address field for ClearPass Guest configuration.


Question 5

A network administrator accesses HPE Aruba Networking Central and notices that visitors consume too much internet bandwidth starving employee traffic when accessing an external service. Therefore, the administrator wants to limit wireless bandwidth to 60 Mops in both directions among all users in the voice rote and no more than 10 Mops in both directions for YouTube traffic. Deep packet inspection, web content classification, and firewall visibility are enabled.

Which configurations are required to accomplish this task? (Select two.)

A)

B)

C)

D)



Answer : B, D

To achieve the bandwidth limits set by the network administrator, both per-application and total limits need to be configured. Option B shows the configuration for setting a per-application bandwidth limit, which can restrict YouTube traffic to 10 Mbps in both directions. Option D shows the configuration for setting a total bandwidth limit for all users within the voice role to 50000 Kbps (or 50 Mbps), satisfying the requirement to restrict total wireless bandwidth. By applying these configurations in HPE Aruba Networking Central, the administrator will successfully implement the necessary controls to ensure that visitor traffic does not impede the network performance for employee traffic, aligning with the capabilities of Aruba solutions to manage and prioritize network resources effectively.


Question 6

A customer is running out of IP addresses in a network segment. What will happen If they add an additional IPsubnet to the same VLAN?



Answer : D

Adding an additional IP subnet to the same VLAN means that devices configured with either subnet can communicate at Layer 2 without the need for routing. This is because they are on the same VLAN and thus in the same broadcast domain. However, to communicate between subnets, an L3 device or inter-VLAN routing would be required.


Question 7

A campus topology uses VSX with a collapsed core topology. The customer added redundant SFP+ transceivers and reconfigured their mobility gateways from a single link to an aggregate Link. You are asked to verify the CLI output for the link aggregation configuration for one of the mobility gateway cluster members below.

What is a valid configuration?

A)

B)

C)

D)



Answer : A

The configuration shown in Option A is a valid configuration for a multi-chassis link aggregation (MC-LAG) setup. It specifies the use of LACP (Link Aggregation Control Protocol) with a fast rate of LACP PDUs exchange, which is appropriate for creating a resilient and high-throughput link aggregation. The 'vlan trunk allowed all' command allows all VLANs across the trunk, and 'vlan trunk native 100' sets VLAN 100 as the native VLAN for untagged traffic.


Page:    1 / 14   
Total 70 questions