clapgeek logo
An administrator implements interim accounting for guest users so that ClearPass can track the amount of bandwidth that guests upload and download. Guests that abuse bandwidth consumption should be disconnected from the network. The administrator configures the following on the AOS-CX access switches:
After performing this configuration, the administrator notices that guest users that have exceeded the guest bandwidth limit are not being disconnected. Upon further investigation, Access Tracker in ClearPass indicates a disconnect CoA message is being sent to the AOS-CX switch.
What is causing this issue?
An administrator in a company of 349 users has a pair of AOS-CX switches with connections to external
networks. Both switches are configured for OSPF. The administrator wants to import external routes on both switches, but assigns different seed metrics to the routes, as well as imports them as external type-1 routes.
What is the best way for the administrator to accomplish this?
An administrator wants to implement a virtual switching technology that implements a single control-plane solution. Which S-CX switches would meet these criteria?
An administrator will be replacing a campus switching infrastructure with AOS-CX switches that support VSX capabilities. The campus involves a core, as well as multiple access layers. Which feature should the
administrator implement to allow both VSX-capable core switches to process traffic sent to the default gateway in the campus VLANs?
A company has just purchased AOS-CX switches. The company has a free and open-source AAA solution.
The company wants to implement access control on the Ethernet ports of the AOS-CX switches.
Which security features can the company implement given the equipment that they are using?
An administrator is looking for a data center switching solution that will greatly reduce the likelihood of dropped
frames when uplink congestion is experienced. Which AOS-CX switch queuing feature meets the
administrator’s needs?
Examine the network topology.
Company XYZ has two connections to a service provider (ISP1). Here is the configuration of Router1:
Here is the configuration of Router2:
Based on configuration of Router1 and Router2, which BGP metric is being manipulated?
How should a network administrator add NAE scripts and implement NAE agents that will run on an AOS-CX switch?
A network engineer is using NetEdit to manage AOS-CX switches. The engineer notices that a lot of thirdparty VoIP phones are showing up in the NetEdit topology. The engineer deletes these, but they are
automatically rediscovered by NetEdit and added back in.
What should the administrator do to solve this problem?
An access layer AOS-CX has no OoS configuration on it. The switch receives an 802.1Q tagged VoIP frame on a port. The frame has an 802.1p value of 6. The IP header has a DSCP value of EF46 How will the switch forward this frame?
MAC authentication is enabled on port 1/1/27 of an AOS-CX switch. The following MAC addresses are defined on the AAA server:
* 88:3a:30:97:b6:00
* 00:50:56:b1:fc:9b
Examine the AOS-CX switch output:
Based on this information, what is true concerning port 1/1/27?
An administrate is managing a VSX pair of AOS-CX switches. The administrator configures the following on the secondary switch:
secondary (config)# vlan 100
secondary (conflg. vlan-100) # description BBB
Currently VLAN 100 does not exist on the primary switch. The administrator then accesses the primary switch and configures the following:
Primary(config) vlan 100 primary(config-v1an-100) # description AAA
What Is correct regarding the results of this configuration?
An administrator has an AOS-CX switch configured with:
router ospf 1
area 0
area 1 stub no-summary
It is the only ABR for area 1. The switch has the appropriate adjacencies to routing switches in areas 0 and 1.
The current routes in each area are:
Area 0: 5 routes (LSA Type 1 and 2)
Area 1: 10 routes (LSA Type 1 and 2)
External routes: 2 (LSA Type 5)
Based on the above configuration, how many OSPF routes will routing switches see in Area 1?
A network engineer is setting up BGP on AOS-CX switches. The engineer is establishing two different eBGP peering’s to two different service providers. The engineer has dozens of contiguous C-class public networks that need to be advertised to the two service providers. The engineer manually defines the networks to be advertised individually with the "network" command.
How can an administrator advertise only a summarized route to the two service providers?
Examine the network exhibit.
A company has a guest implementation for wireless and wired access. Wireless access is implemented
through a third-party vendor. The company is concerned about wired guest traffic traversing the same network as the employee traffic. The network administrator has established a GRE tunnel between AOS-CX switches where guests are connected to a routing switch in the DMZ.
Which feature should the administrator implement to ensure that the guest traffic is tunneled to the DMZ while the employee traffic is forwarded using OSPF?
What are best practices when implementing VSX on AOS-CX switches? (Choose two.)
What is correct regarding the tunneling of user traffic between AOS-CX switches and Aruba Mobility
Controllers (MCs)?
An administrator wants to leverage always-on PoE on AOS-CX switches. Which statement is correct regarding this feature?
Examine the output from an AOS-CX switch implementing a dynamic segmentation solution involving
downloadable user roles:
Switch# show port-access role clearpass
Role information:
Name : icxarubadur_employee-3044-2
Type : clearpass
Status: failed, parsing_failed
Reauthentication Period :
Authentication Mode :
Session Timeout :
The downloadable user roles are not being downloaded to the AOS-CX switch. Based on the above output,
what is the problem?
A company has a few servers in a secure, remote location storing highly-confidential documents connected to two AOS-CX 6400 switches configured in a VSX pair The AOS-CX switches perform access control with 802 1X and will be implementing user-based tunneling (UBT) so that Aruba gateway application inspection and stateful firewall policies can be applied to the traffic. The gateways are running version 84 and implement the AP, PEF, and RFP licenses
Which licensing is needed for the two AOS-CX switches?
An administrator is implementing a downloadable user role solution involving AOS-CX switches. The AAA
solution and the AOS-CX switches can successfully authenticate users; however, the role information fails to
download to the switches. What policy should be added to an intermediate firewall to allow the downloadable
role function to succeed?
An administrator is designing an access layer solution in a data center. A key requirement is to dual-home mission-critical server connections to two different switches, ensuring that the servers always have network access, even during switch software upgrades. This feature should support strictly-controlled provisioning.
What would best meet the administrator's needs when deploying AOS-CX switches?
A customer has twenty AOS-CX switches that will be managed by NetEdit and would like support for NetEdit these switches will exist in the network for at least five years.
Which type of licensing should be used by this customer?
The AOS-CX mobile app allows a network engineer or technician to perform which tasks? (Choose two.)
A switch will apply a device profile to a port based on which pieces of information? (Select two.)
A network administrator is installing NetEdit. In order for NetEdit to manage the AOS-CX switches in the network, what must be defined on the AOS-CX switches? (Choose two.)
A company has an existing wireless solution involving Aruba APs and Mobility controllers running 8.4 code.
The solution leverages a third-party AAA solution. The company is replacing existing access switches with AOS-CX 6300 and 6400 switches. The company wants to leverage the same security and firewall policies for both wired and wireless traffic.
Which solution should the company implement?
An administrator is implementing a multi-area OSPF network. The network contains a backbone (area 0) and two other areas (1 and 2) connected to ABRs in the backbone The network has one routing switch connected to a service provider located in area 2 Which network design would minimize the number of routes in the routing switches' link state databases (LSDBs) while still allowing full connectivity?
A network has an ABR that connects area 0 and 1. A network engineer configures a summarized route for area 0. The ABR is a designated router (DR) for the segment it uses to connect to area 1.
Which LSA type is assigned to this route when the summarized route is advertised into area 1 by the ABR?
Examine the following ACL rule policies:
Permit traffic from 10.2.2.1 through 10.2.2.30 to anywhere
Permit traffic from 10.2.2.40 through 10.2.2.55 to anywhere
Deny all others
Based on this policy, place the following ACL rule statements in the correct order to accomplish the above
filtering policy.
A network administrator is implementing NAE on AOS-CX switches. When attempting to create an agent on a particular switch, the agent appears in the NAE Agents panel with a red triangle error symbol and a status of “Unknown”.
What is the cause of this issue?
Examine the attached diagram
Two AOS-CX switches are configured for VSX at the access layer, where servers attached to them. An SVI interface is configured for VLAN 10 and serves as the default gateway for VLAN 10. The ISL link between the switches fails, but the keepalive interface functions. Active gateway has been configured on the switches.
What is correct about access from the servers to the Core?
TESTED 23 Nov 2024