Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. HP
  5. HPE6-A73

Free HPE6-A73 Exam Braindumps (page: 15)

Page 14 of 33
PDF with 127 Questions

Examine the commands entered on an AOS-CX switch:

What is true regarding this configuration for traffic received on interface 100?

  1. The default next-hop address supersedes the two preceding next-hop addresses
  2. The traffic is always dropped is the next-hop addresses are unreachable
  3. The traffic will be routed with the IP routing table entries if the next-hop addresses are unreachable
  4. The next-hop address of 1.1.1.1 is overwritten by the next-hop address of 2.2.2.2

Answer(s): C

Explanation:

"interface null: equivalent to the policy drop policing action. Any packets matching the class criteria for that policy entry will be dropped and not routed any further." https://www.arubanetworks.com/techdocs/AOS-CX/10.05/HTML/5200-7300/index.html#GUID- DC7E5E47-8F31-4DE4-B257-1A68665B2AF4.html
More than one next hop can be assigned with an ACL and they work by priority (based on the sequence number: lower sequence number -> higher priority). So next-hop 2.2.2.2 will be used if 1.1.1.1 is not reachable. If both are unreachable, then the packet will be routed looking at the default routing table, if no specific entry will be found, then the pacjet will be routed to the default next hop defined in the ACL.



Examine the following ACL rule policies:
Permit traffic from 10.2.2.1 through 10.2.2.30 to anywhere Permit traffic from 10.2.2.40 through 10.2.2.55 to anywhere Deny all others
Based on this policy, place the following ACL rule statements in the correct order to accomplish the above filtering policy.

  1. deny ip 10.2.2.31 255.255.255.255 any permit ip 10.2.2.40 255.255.255.248 any permit ip 10.2.2.48 255.255.255.248 any deny ip 10.2.2.32 255.255.255.224 any permit ip 10.2.2.0 255.255.255.192 any
  2. permit ip 10.2.2.40 255.255.255.248 any permit ip 10.2.2.48 255.255.255.248 any permit ip 10.2.2.0 255.255.255.192 any deny ip 10.2.2.31 255.255.255.255 any deny ip 10.2.2.32 255.255.255.224 any
  3. deny ip 10.2.2.31 255.255.255.255 any deny ip 10.2.2.32 255.255.255.224 any permit ip 10.2.2.40 255.255.255.248 any permit ip 10.2.2.48 255.255.255.248 any permit ip 10.2.2.0 255.255.255.192 any
  4. deny ip 10.2.2.31 255.255.255.255 any permit ip 10.2.2.40 255.255.255.248 any deny ip 10.2.2.32 255.255.255.224 any permit ip 10.2.2.48 255.255.255.248 any permit ip 10.2.2.0 255.255.255.192 any

Answer(s): A



A company has a third-party AAA server solution. The campus access layer was just upgraded to AOS- CX
switches that perform access control with MAC-Auth and 802.1X. The company has an Aruba Mobility
Controller (MC) solution for wireless, and they want to leverage the firewall policies on the controllers for the wired traffic.
What is correct about how the company should implement a security solution where the wired traffic is processed by the gateways?

  1. Implement downloadable user roles with a gateway role defined on the AOS-CX switches
  2. Implement local user roles with a gateway role defined on the AOS-CX switches
  3. Implement standards-based RADIUS VSAs to pass policy information directly to the AOS-CX switches and MCs
  4. Implement downloadable user roles with a device role defined on the AOS-CX switches and MCs

Answer(s): B



An administrator wants to leverage always-on PoE on AOS-CX switches.
Which statement is correct regarding this feature?

  1. Provides up to 60W of power per port
  2. Supports all AOS-CX switches
  3. Provides surge protection for PoE and non-PoE ports
  4. Requires NetEdit to implement

Answer(s): A






Post your Comments and Discuss HP HPE6-A73 exam with other Community members:

Exam Discussions & Posts