Refer to the exhibits.
A network administrator has fully deployed a WPA3 based WLAN with 802.1X authentication. Later
he defined corp-employee as the default user-role for the 802.1X authentication method in the aaa
profile. When testing the setup he realizes the client gets the guest role.
What is the reason corp-employee user role was not assigned?
A company with 535 users deploys an Aruba solution with more than 1000 Aruba APs, two 7220
Mobility Controllers, and a single Mobility Master (MM) virtual appliance at the campus server farm.
The MCs run a HA Fast failover group in dual mode and operate at 50% AP capacity.
If there is an MM or MC failure, the network administrator must ensure that the network is fully
manageable and the MC load does not exceed 80%.
What can the network administrator do to meet these requirements?
Users run Skype for Business on wireless clients with no WMM support over an Aruba Mobility
Master (MM) - Mobility Controller (MC) based network. When traffic arrives at the wired network, it
does not include either L2 or L3 markings.
Which configuration steps should the network administrator take to classify and mark voice and
video traffic with UCC heuristics mode?
A network administrator wants to permit explicit SSH, FTP and HHTP(s) access to servers in the
10.100.20.5 to 10.100.20.31 range, all devices in 10.100.21.0/24 network, and a host with IP address
10.100.22.70. The services must work properly at all times.
Which configuration scripts accomplish this task with the fewer number of lines, while avoiding
access to other devices not included in these ranges? (Choose two.)
Refer to the exhibits.
A network administrator adds a new Mobility Controller (MC) to the production Mobility Master
(MM) and deploys APs that start broadcasting the employee SSID in the West wing of the building.
Suddenly, the employees report client disconnects. When accessing the MM the network
administrator notices that the MC is unreachable, then proceeds to access the MCs console and
obtains the outputs shown in the exhibits.
What should the network administrator do next to solve the current problem?
Refer to the exhibit.
A network administrator has a Mobility Master (MM) Mobility Controller (MC) architecture along
with the MC in the DMZ for terminating RAPs. The network firewall has been provisioned to allow
access to the MC in the DMZ for both UDP 500 and 4500. Then he proceeds to provision an AP as
shown in the exhibit.
Which additional configuration steps must the administrator to assure RAPs successfully contact the
MC? (Choose two.)
Refer to the exhibit
A network administrator deploys a standalone Mobility Controller (MC) and configures some VAPs
within the CAMPUS AP group. The network administrator realizes that none of the VAPs are being
Based on the output shown in the exhibit, what should the network administrator do to solve this
Refer to the exhibit.
Based on the output shown in the exhibit, with which Aruba devices has Access-1 established
Refer to the exhibit.
A network administrator wants to allow contractors to access the WLAN named EmployeesNet. In
order to restrict network access, the network administrator wants to assign this category of users to
the contractor user role. To do this, the network administrator configures ClearPass in a way that it
returns the Aruba-User-Role with the contractor value.
When testing the solution, the network administrator receives the wrong role.
What should the network administrator do to assign the contractor role to contractor users without
affecting any other role assignment?
A network administrator has deployed an Airwave Management Platform (AMP) server and
integrated it with a Mobility Master (MM) Mobility Controller (MC) based WLAN. The AMP server
already has all Aruba Mobility devices including Access Points (APs) in the UP devices list.
What are two actions the administrator can execute upon the APs under
Airwave>Devices>Monitor? (Choose two.)
A network administrator assists with the migration of a WLAN from a third-party vendor to Aruba in
different locations throughout the country. In order to manage the solution from a central point, the
network administrator decides to deploy redundant Mobility Masters (MMs) in a datacenter that are
reachable through the Internet.
Since not all locations own public IP addresses, the security team is not able to configure strict
firewall polices at the datacenter without disrupting some MM to Mobility Controller (MC)
communications. They are also concerned about exposing the MMs to unauthorized inbound
What should the network administrator do to ensure the solution is functional and secure?
A software development company has 764 employees who work from home. The company also has
small offices located in different cities throughout the world. During working hours, they use RAPs to
connect to a datacenter to upload software code as well as interact with databases.
In the past two month, cabling issues have occurred connection to the 7240XM Mobility Controller
(MC) that runs ArubaOS 8 and terminates the RAPs. These RAPs disconnect, affecting the users
connected to the RAPs. This also causes problems with code uploads and database synchronizations.
Therefore, the company decides to add a second 7240XM controller for redundancy.
How should the network administrator deploy both controllers in order to provide the redundancy
while preventing failover events from disconnecting users?
A network administrator has updated the ArubaOS code of a standalone Mobility Controller (MC)
that is used for User-Based Tunneling (UBT) to a newer early release. Ever since the MC seems to
reject PAPI sessions from the switch with the 10.1.10.10 IP address. Also the controllers prompt is
now followed by a star mark: (MC_VA) [mynode] *#
When opening a support ticket, an Aruba TAC engineer asks the administrator to gather the crash
logs and if possible replicate UBT connection attempts from the switch while running packet captures
of PAPI traffic on the controller and obtain the PCAP files. The administrator has a PC with Wireshark
and TFTP server using the 10.0.20.20 IP address.
What commands must the administrator issue to accomplish these requests? (Choose two.)
An organization wants to deploy a WLAN infrastructure that provides connectivity to these client
Corporate IoT legacy devices that support no authentication or encryption
Employees and contractors must authenticate with company credentials and get network access
based on AD group membership. Guest users are required to authenticate with captive portal using
predefined credentials. Only employees will run L2 encryption.
Which implementation plan fulfills the requirements while maximizing the channel usage?
A joint venture between two companies results in a fully functional WLAN Aruba solution. The
network administrator uses the following script to integrate the WLAN solution with two radius
servers, radius1 and radius2.
While all users authenticate with [email protected] type of credentials, radius1 has user
accounts with the domain name portion.
Which additional configuration is required to authenticate corp1.com users with radius1 and corp2
users with radius2?