With Aruba CX 6300. how do you configure ip address 10 10 10 1 for the interface in default state for interface 1/1/1?

1. A. int 1/1/1. switching, ip address 10 10 10 1/24
2. B. int 1/1/1. no switching, ip address 10 10 10.1/24
3. C. int 1/1/1. ip address 10.10.10.1/24
4. D. int 1/1/1. routing, ip address 10.10.10 1/24

Correct Answer: B
To configure an IP address for an interface in default state for interface 1/1/1 on Aruba CX 6300 switch, you need to disable switching on the interface first with the command no switching. Then you can assign an IP address with the command ip address. The other options are incorrect because they either do not disable switching or use invalid keywords such as switching or routing. References: https://www.arubanetworks.com/techdocs/AOS-CX_10_08/UG/bk01-ch01.html https://www.arubanetworks.com/techdocs/AOS-CX_10_08/UG/bk01-ch02.html

With the Aruba CX switch configuration, what is the Active Gateway feature that is used for and is unique to VSX configuration?

1. A. VRRP and Active gateway are mutually exclusive on a VLAN
2. B. VRID is set automatically as SVI vlan id
3. C. VRIDs need to be non-overlapping with VRRP
4. D. VRRP and Active Gateway can be configured on a single VLAN for interoperability

Correct Answer: A
Active gateway is a first hop redundancy protocol that eliminates a single point of failure. The active gateway feature is used to increase the availability of the default gateway servicing hosts on the same subnet. An active gateway improves the reliability and performance of the host network by enabling a virtual router to act as the default gateway for that network. If you have enabled active gateway, VRRP is not required3. Active gateway is similar to VRRP in that routed traffic from the VSX node is sourced from the switch interface MAC and not the virtual MAC address (VMAC). Each active gateway sends a periodic broadcast hello packet to avoid VMAC aging on the access switches. The switch views the active gateway IP as a self IP address3. Active gateway is preferable over VRRP because with VRRP traffic is still pushed over the ISL link, resulting in latency in the network3. Therefore, VRRP and active gateway are mutually exclusive on a VLAN, and answer A is correct.
References: 1: Aruba Campus Access documents and learning resources 3: Active gateway over VSX - Aruba

You are setting up a customer's 15 headless loT devices that do not support 802.1X. What should you use?

1. A. Multiple Pre-Shared Keys (MPSK) Local
2. B. Clearpass with WPA3-PSK
3. C. Clearpass with WPA3-AES
4. D. Multiple Pre-Shared Keys (MPSK) with WPA3-AES

Correct Answer: A
MPSK Local is a feature that can be used to set up 15 headless IoT devices that do not support 802.1X authentication. MPSK Local allows the switch to automatically generate and assign unique pre-shared keys for devices based on their MAC addresses, without requiring any configuration on the devices or an external authentication server. The other options are incorrect because they either require 802.1X authentication, which is not supported by the IoT devices, or WPA3 encryption, which is not supported by Aruba CX switches. References: https://www.arubanetworks.com/techdocs/AOS- CX/10.04/HTML/5200-6728/bk01-ch05.html https://www.arubanetworks.com/techdocs/AOS-CX/10.04/HTML/5200-6728/bk01- ch06.html

With the Aruba CX 6200 24G switch with uplinks or 1/1/25 and 1/1/26, how do you protect client ports from forming layer-2 loops?

1. A. int 1/1/1-1/1/24, loop-protect
2. B. int 1/1/1-1/1/28. loop-protect
3. C. int 1/1/1-1/1/28. loop-guard
4. D. int 1/1/1-1/1/24. loop-guard

Correct Answer: A
The command loop-protect enables loop protection on each layer 2 interface (port, LAG, or VLAN) for which loop protection is needed. Loop protection can find loops in untagged layer 2 links, as well as on tagged VLANs.

You need to drop excessive broadcast traffic on an ingress port or an ArubaOS-CX switch. What is the best feature to use for this task?

1. A. DWRR queuing
2. B. Strict queuing
3. C. Rate limiting
4. D. QoS shaping

Correct Answer: C
According to the Aruba Documentation Portal1, the ArubaOS-CX switch supports various features to control the ingress traffic on specific ports, such as rate limiting, QoS shaping, and access control. These features can help reduce the impact of excessive broadcast traffic on the network performance and availability.
This is because rate limiting is a feature that allows you to limit the inbound or outbound traffic on a port based on a percentage of the port capacity or a fixed amount of bytes per second. Rate limiting can help prevent broadcast storms by reducing the amount of broadcast packets that enter or leave a port
https://www.arubanetworks.com/techdocs/central/latest/content/nms/aos-cx/cfg/conf-cx-access-control.htm 2:
https://community.arubanetworks.com/blogs/esupport1/2021/02/08/broadcast-storm-containment-in-aruba-pvos-switches 3: https://techhub.hpe.com/eginfolib/networking/docs/switches/K-KA-KB/15-18/5998- 8160_ssw_mcg/content/ch05.html