Refer to the exhibits. Exhibit 1

Exhibit 2

Exhibit 3

A network administrator wants to allow contractors to access the corporate WLAN named EmployeesNet with the contractor role in VLAN 40. When users connect, they do not seem to get an IP address. After some verification checks, the network administrator confirms the DHCP server (10.254.1.21) is reachable from the Mobility Controller (MC) and obtains the outputs shown in the exhibits.

What should the network administrator do next to troubleshoot this problem?

A. Permit UDP67 to the contractor role.

B. Remove the IP address in VLAN 40.

C. Configure the DHCP helper address.

D. Confirm there is an IP pool for VLAN 40.

Refer to the exhibit: A company acquires ten barcode scanners to run inventory tasks. These WiFi devices support WPA2-PSK security only. The network administrator deploys a WLAN named scanners using the configuration shown in the exhibit. What must the network administrator do next to ensure that the scanner devices successfully connect to their SSID?

A. Set internal as the MAC authentication server group.

B. Add scanner MAC addresses in user derivation rules.

C. Enable L2 Authentication Fail Through.

D. Add scanner MAC addresses in the internal database.

Refer to the exhibit.

A network administrator deploys DSCP based prioritization in the entire wired network to improve voice quality for a SIP-based IP telephony system used by the company. However, users report that calls they make from WLAN have poor audio quality, while desktop phones do not experience the same problem. The network administrator makes a test call and looks in the datapath session table.

Based on the output shown in the exhibit, what is one area that the network administrator should focus on?

A. UCC based DSCP correction

B. WMM support on the WLAN

C. Dynamic Multicast Rate Optimization

D. wired network congestion

Refer to the exhibits. Exhibit 1

Exhibit 2 Exhibit 3

Exhibit 4

A captive portal-based solution is deployed in a Mobility Master (MM) - Mobility Controller (MC) network. A wireless station connects to the network and attempts the authentication process. The outputs are shown in the exhibits. Which names correlate with the authentication and captive portal servers?

A. ClearPass.23 is the authentication server, and cp.mycompany.com is the captive portal server.

B. ClearPass.23 is the authentication server, and MC2 is the captive portal server.

C. Internal database in MC2 is the authentication server, and cp.mycompany.com is the captive portal server.

D. cp.mycompany.com is the authentication server, and ClearPass.23 is the captive portal server.

Refer to the exhibit.

A network engineer deploys two different DHCP pools in an Instant AP (IAP) cluster for WLANs that will have connectivity to a remote site using Aruba IPSec. Based on the output shown in the exhibit, which IAP-VPN DHCP modes are being used?

A. distributed L3 and centralized L2

B. local L3 and centralized L2

C. local L3 and distributed L2

D. centralized L3 and distributed L2

A fully functional WLAN is deployed in a campus network using the following script.

Which part of the script can a network administrator re-use to assign a different default role to users when they connect to the same SSID in a second building?

A. server group and ssid profile

B. server group and VAP profile

C. server group, aaa profile, and ssid profile

D. server group and VAP

An organization wants to deploy a WLAN infrastructure that provides connectivity to these client categories:

Employees Contractors Guest users Corporate IoT legacy devices that support no authentication or encryption Employees and contractors must authenticate with company credentials and get network access based on AD group membership. Guest users are required to authenticate with captive portal using predefined credentials. Only employees will run L2 encryption.

Which implementation plan fulfills the requirements while maximizing the channel usage?

A. Create VAP1 to run WPA2-AES and 802.1x authentication, VAP2 to run opensystem encryption with MAC authentication, and VAP3 to run opensystem with captive portal and L2 fail through.

B. Create a single VAP to run WPA2-AES and 802.1x authentication, MAC authentication L2 fail through, captive portal, and VIA support.

C. Create VAP1 to run WPA2-AES and 802.1x authentication, VAP2 to run opensystem encryption with MAC authentication, and VAP3 to run opensystem with captive portal.

D. Create VAP1 to run WPA2-AES and 802.1x authentication, and VAP2 to run opensystem encryption with MAC authentication and captive portal.

A network administrator has updated the ArubaOS code of a standalone Mobility Controller (MC) that is used for User-Based Tunneling (UBT) to a newer early release. Ever since the MC seems to reject PAPI sessions from the switch with the 10.1.10.10 IP address. Also the controller's prompt is now followed by a star mark: "(MC_VA) [mynode] *#"

When opening a support ticket, an Aruba TAC engineer asks the administrator to gather the crash logs and if possible replicate UBT connection attempts from the switch while running packet captures of PAPI traffic on the controller and obtain the PCAP files. The administrator has a PC with Wireshark and TFTP server using the 10.0.20.20 IP address.

What commands must the administrator issue to accomplish these requests? (Choose two.)

A. Option A

B. Option B

C. Option C

D. Option D

E. Option E

Refer to the exhibits. Exhibit 1

Exhibit 2

A network administrator adds a new Mobility Controller (MC) to the production Mobility Master (MM) and deploys APs that start broadcasting the employee SSID in the West wing of the building. Suddenly, the employees report client

disconnects. When accessing the MM the network administrator notices that the MC is unreachable, then proceeds to access the MC's console and obtains the outputs shown in the exhibits.

What should the network administrator do next to solve the current problem?

A. Open a TAC case and send the output of tar crash.

B. Kill two zombie processes then reboot the MC.

C. Verify the license pools in the MM.

D. Decommission the MC from the MM, and add it again.

A network administrator is in charge of a Mobility Master (MM) ?Mobility Controller (MC) based network security. Recently the Air Monitors detected a Rogue AP in the network and the administrator wants to enable "Tarpit" based wireless containment.

What profile must the administrator enable "tarpit" wireless containment on?

A. IDS Unauthorized device profile

B. IDS profile

C. IDS General profile

D. IDS DOS profile