Which policy design meets the organization’s requirements while minimizing the number of policy rules?

– by 1

Refer to the exhibit.

An organization provides WiFi access through a corporate SSID with an Aruba Mobility Master (MM)-Mobility Controller (MC) network that includes PEF functions. The organization wants to have a single firewall policy configured and applied to the employee role.
This policy must allow users to reach Web, FTP, and DNS services, as shown in the exhibit. Other services should be exclusive to other roles. The client NICs should receive IP settings dynamically.
Which policy design meets the organization’s requirements while minimizing the number of policy rules?
A. netdestination alias1
host 10.200.0.10 host 10.200.0.20
ip access-list session policy1 user host 10.200.0.5 svc-dns permit user host 10.200.0.5 svc-http permit user alias alias1 svc-http permit user alias alias1 svc-ftp permit
B. netdestination alias1
host 10.200.0.5 host 10.200.0.10 host 10.200.0.20 netdestination alias2 host 10.200.0.10 host 10.200.0.20 ip access-list session policy1 any any svc-dhcp permit user host 10.200.0.5 svc-dns permit user alias alias1 svc-http permit user alias alias2 svc-ftp permit
C. netdestination alias1
host 10.200.0.10 host 10.200.0.20 ip access-list session policy1 any any svc-dhcp permit user host 10.200.0.5 svc-dns permit user host 10.200.0.5 svc-http permit user alias alias1 svc-http permit user alias alias1 svc-ftp permit
D. netdestination alias1
host 10.200.0.5 host 10.200.0.10 host 10.200.0.20 netdestination alias2

Download Printable PDF. VALID exam to help you PASS.

One thought on “Which policy design meets the organization’s requirements while minimizing the number of policy rules?

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.