A company has an Aruba solution with a guest WLAN named exam_guest. A network administrator creates the guest WLAN with the wizard and does not change any of the default roles. The authentication server does not send particular role assignments for authorized users. The company wants to deny guests access to specific IP ranges after the guest authenticate.
For which role should the administrator create the rule to deny this traffic?
A. guest
B. authorized
C. exam_guest-guest-logon
D. guest-logon
|
Download Printable PDF. VALID exam to help you PASS. |
 |
Answer is A as guest-logon es the pre-authenticated role.
answer C is preauthenticated role? then A will be correct for default post authenticated role
got it in exam today
C is correct. If you create any guest WLAN , the default role will be the name of your WLAN appended by guest-login.
I had simulated this, the correct answer is C.
got it in exam yesterday
I don’t agre: Correct Answer is D
The guest-logon is a user role assigned to any client who associates to the guestnet SSID. Normally, any client that associates to an SSID will be placed into the logon system role. The guest-logon user role is more restrictive than the logon role.
The guest-logon user role consists of the following ordered policies:
captiveportal is a predefined policy that allows captive portal authentication.
guest-logon-access is a policy that you create with the following rules:
Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other users from responding to DHCP requests.
Allows ICMP exchanges between the user and the controller during business hours.
block-internal-access is a policy that you create that denies user access to the internal networks.
Again WRONG Answer …
Guest logon is the pre-authen role
Guest is post-authen role, so modify the Guest role to deny guests access to specific IP ranges
Correct Answer : A