ACMP Certification Aruba

Aruba ACMP_6.3 Exam Questions And Answers, Buy Discount Aruba ACMP_6.3 Dumps Is Your Best Choice

Preparing for Aruba ACMP_6.3  exam is really a tough task to accomplish.Flydumps delivers the most comprehensive preparation material,covering each and every aspect of Aruba ACMP_6.3  exam curriculum and all the brain is the latest.You can pass Aruba https://www.leads4pass.com/acmp-6-3.html  exam without any problem.

QUESTION 21
Which netdestination aliases are built into the controller? (Choose three)
A. logon
B. any
C. user
D. guest
E. localip

Correct Answer: BCE
QUESTION 22
What are aliases used for?
A. Improve controller performance
B. Simplify the configuration process
C. Tie IP addresses to ports
D. Assign rules to policies
E. Assign policies to roles

Correct Answer: B
QUESTION 23
Which of the following firewall rules allows a user to initiate an ICMP session to other devices? (Choose two)
A. localip any svc-icmp permit
B. user any svc-icmp permit
C. user user svc-icmp permit
D. any any svc-icmp permit
E. mswitch any svc-icmp permit

Correct Answer: BD
QUESTION 24
The Aruba Policy Enforcement Firewall (PEF-NG) module supports destination network address translation (dst-nat).
Which is the default use of this statement in an Aruba controller configuration?
A. Source the IP addresses of users to specific IP address
B. Redirect HTTP sessions to Captive Portal
C. Redirect Access Points to another Aruba controller
D. Provide a telnet connection to the controller
E. Redirect a SSH session to terminate on the controller

Correct Answer: B
QUESTION 25
The Aruba Policy Enforcement Firewall (PEF) module supports source network address translation (src-nat).
Which is a use of this statement in an Aruba configuration?
A. Provide a single source IP address for users in a role
B. Redirect Captive Portal HTTP sessions
C. Redirect Access Points to another Aruba controller
D. Provide IP addresses to clients
E. Redirects clients to Aruba Firewall

Correct Answer: A QUESTION 26
The network administrator wishes to terminate the VPN encryption on the Aruba controller.
When writing a firewall rule to accomplish the task of automatically moving the VPN traffic for the wireless clients from a third party VPN concentrator to an Aruba controller, which action needs to be configured in the rule?
A. redirect to IPSec Group
B. source NAT
C. destination NAT
D. redirect to tunnel
E. redirect to GRE

Correct Answer: C QUESTION 27
Review the following truncated output from an Aruba controller for this item. (example) #show rights logon access-list List Position Name Location 1 logon-control
2 captiveportal logon-control Priority Source Destination Service Action
——– —— ———– ——- ——
1 2 3 4 5 user any any any any any any any any any udp 68 deny svc-icmp permit svc-dns permit svc-dhcp permit svc-natt permit

captiveportal
Priority Source Destination Service Action
1 user controller svc-https dst-nat 8081 2 user any svc-http dst-nat 8080 3 user any svc-https dst-nat 8081 4 user any svc-http-proxy1 dst-nat 8088 5 user any svc-http-proxy2 dst-nat 8088 6 user any svc-http-proxy3 dst-nat 8088
Based on the above output from an Aruba controller, an unauthenticated user assigned to the logon role attempts to start an http session to IP address 172.16.43.170.
What will happen?
A. the user’s traffic will be passed to the IP address because of the policy statement: user any svc-http dst-nat 8080
B. the user’s traffic will be passed to the IP address because of the policy statement: user any svc-https dst-nat 8081
C. the user’s traffic will be passed to the IP address because of the policy statement: user any svc-http-proxy1 dst-nat 8088
D. the user will not reach the IP address because of the policy statement: user any svc-http dst-nat 8080
E. the user will not reach the IP address because of the implicit deny any any at the end of the policy.

Correct Answer: D
QUESTION 28
Refer to the following configuration segment for this item.
ip access-list session anewone user network 172.16.1.0 255.255.255.0 any permit user host 172.16.1.1 any deny user any any permit
An administrator wants users to have access to all destinations except 172.16.1.1. Based on the above Aruba Mobility Controller configuration segment, which statements best describe this policy? (Choose two)
A. The rule user host 172.16.1.1 any deny is redundant because of the implicit deny all at the end.
B. The rule user network 172.16.1.0 255.255.255.0 any permit is redundant.
C. The two rules user network 172.16.1.0 255.255.255.0 any permit and user host 172.16.1.1 any deny need to be re-sequenced.
D. The last statement user any any permit is not required
E. The last statement should be any any any deny

Correct Answer: BC
QUESTION 29
Refer to the following configuration segment for this item.
netdestination “internal” no invert network 172.16.43.0 255.255.255.0 position 1 range 172.16.11.0 172.16.11.16 position 2 ! ip access-list session “My-Policy” alias “user” alias “internal” service_any permit queue low !
A user frame is evaluated against this firewall policy with the following attributes:
Source IP: 172.17.49.3 Destination IP: 10.100.86.37 Destination Port: 80
Referring to the above file segment, how will the frame be handled by this firewall policy?
A. The frame will be dropped because of the implicit deny all at the end of the netdestination definition.
B. The frame will be dropped because of the implicit deny all at the end of the firewall policy.
C. The frame will be forwarded because of the implicit permit all at the end of the firewall policy.
D. The frame will be passed because there is no service specified in the firewall policy.
E. The frame will be dropped because there is no service specified in the firewall policy.
Correct Answer: B QUESTION 30
ip access-list session anewone user network 10.1.1.0 255.255.255.0 any permit user any any permit host 10.1.1.1 host 10.2.2.2 any deny
A user sends a frame with the following attributes:
Source IP: 10.1.1.1 Destination IP: 10.2.2.2 Destination Port: 25
Based on the above Mobility Controller configuration file segment, what will this policy do with the user frame?
A. The frame is discarded because of the implicit deny all at the end of the policy.
B. The frame is discarded because of the statement: user host 10.1.1.1 host 10.2.2.2 deny.
C. The frame is accepted because of the statement: user any any permit.
D. The frame is accepted because of the statement: user network 10.1.1.0 255.255.255.0 any permit.
E. This is not a valid policy.

Correct Answer: C
QUESTION 31
ip access-list session anewone user network 10.1.1.0 255.255.255.0 any permit user host 10.1.1.1 any deny user any any permit
Referring to the above portion of a Mobility Controller configuration file, what can you conclude? (Choose two)
A. This is a session firewall policy.
B. This is an extended Access Control List (ACL).
C. Any traffic going to destination 10.1.1.1 will be denied.
D. Any traffic going to destination 10.2.2.2 will be denied.
E. Any traffic going to destination 172.16.100.100 will be permitted.
Correct Answer: AE
QUESTION 32
Which of these are NOT a client attribute that can be configured in user derivation rules?
A. MAC address
B. DHCP option value
C. BSSID
D. Filter ID
E. encryption
Correct Answer: D
QUESTION 33
What are the types of user derivation rules that can be applied to a user? (Choose two)
A. SSID
B. MAC
C. VLAN
D. Role
E. AP

Correct Answer: CD
QUESTION 34
Which is a Device Specific Attribute that can be evaluated in a user derivation rule?
A. user login name
B. authentication server
C. location by AP Name
D. controller Loopback address
E. controller IP

Correct Answer: C
QUESTION 35
Which match condition can be used by a server derivation rule? (Choose two)
A. greater than
B. less than
C. inverse of
D. contains
E. equals

Correct Answer: DE
QUESTION 36
An administrator wants to assign a VLAN to a user based upon the authentication process using Vendor Specific Attributes (VSA). Where are Aruba Vendor Specific Attribute (VSA) values provisioned?
A. controller
B. client
C. RADIUS server
D. Internal user database
E. Option 60 of DHCP reply
Correct Answer: C

We know that the real Aruba https://www.leads4pass.com/acmp-6-3.html examinations wouldn’t repeat the same set of questions all the time. Microsoft certification examinations are strict and focus is often kept on updated technology trends. The Aruba ACMP_6.3 practice test prepared by the experts will help to condition your mind to quickly grasp what you could be facing in the real Aruba ACMP_6.3 certification examination.

You may also like