What is one of the roles of the network access server (NAS) in the AAA framewonx?

• A.It authenticates legitimate users and uses policies to determine which resources each user is allowed to access.
• B.It negotiates with each user's device to determine which EAP method is used for authentication
• C.It enforces access to network services and sends accounting information to the AAA server
• D.It determines which resources authenticated users are allowed to access and monitors each users session

Comment: *

Name: *

Email: *

Verification: *

How can hackers implement a man-in-the-middle (MITM) attack against a wireless client?

• A.The hacker uses a combination of software and hardware to jam the RF band and prevent the client from connecting to any wireless networks.
• B.The hacker runs an NMap scan on the wireless client to find its MAC and IP address. The hacker then connects to another network and spoofs those addresses.
• C.The hacker connects a device to the same wireless network as the client and responds to the client's ARP requests with the hacker device's MAC address.
• D.The hacker uses spear-phishing to probe for the IP addresses that the client is attempting to reach. The hacker device then spoofs those IP addresses.

Comment: *

Name: *

Email: *

Verification: *

A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-Switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. This company is using only CPPM and no other ClearPass solutions.
The ClearPass admins tell you that they want to use HTTP User-Agent strings to help classify endpoints.
What should you do as a part of configuring the ArubaOS-Switches to support this requirement?

• A.Create a device fingerprinting policy that includes HTTP, and apply the policy to edge ports.
• B.Create remote mirrors that collect traffic on edge ports, and mirror it to CPPM's IP address.
• C.Configure CPPM as the sFlow collector, and make sure that sFlow is enabled on edge ports.
• D.Connect the switches to CPPM's span ports, and set up mirroring of HTTP traffic on the switches.

Comment: *

Name: *

Email: *

Verification: *

What is a difference between radius and TACACS+?

• A.RADIUS combines the authentication and authorization process while TACACS+ separates them.
• B.RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol.
• C.RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption.
• D.RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them.

Comment: *

Name: *

Email: *

Verification: *

You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs?

• A.Add the "-C and *-c port-access" options to the "show logging" command.
• B.Configure a logging Tiller for the "port-access" category, and apply that filter globally.
• C.Enable debugging for "portaccess" to move the relevant logs to a buffer.
• D.Specify a logging facility that selects for "port-access" messages.

Comment: *

Name: *

Email: *

Verification: *