A financial services firm is deploying an EVPN-VXLAN fabric using Aruba CX switches. The network architect has designed the fabric with a two-tier spine-and-leaf topology. To ensure optimal and loop-free forwarding for Layer 2 broadcast, unknown unicast, and multicast (BUM) traffic within a VNI, which mechanism is the Aruba-recommended best practice to implement in the underlay network?
A university is implementing Dynamic Segmentation with Aruba Gateways and Aruba CX switches. A security policy must be enforced where authenticated users are assigned a 'Student' role. This role should allow access to the internet and university portal servers, but explicitly deny any traffic to the 'Faculty_Research' subnet. Which components are required to build and enforce this policy? (Select TWO)
A consultant is troubleshooting a newly configured VSX pair of Aruba CX 8360 switches. The ISL link is up and the keepalive is successful over the management network. However, the secondary switch continually fails to synchronize its configuration and reports a 'sync-loss' state. The consultant verifies that `vsx-sync` is enabled for the necessary features. What is the most likely cause of this synchronization failure?
True or False: In an Aruba EVPN-VXLAN fabric, the Distributed Anycast Gateway functionality requires each VTEP participating in a given VNI to be configured with the exact same IP and MAC address for its SVI.
A hospital is deploying EAP-TLS for its corporate wireless network to achieve the highest level of security. The network team is using Aruba ClearPass as the RADIUS server. During testing, corporate-issued laptops are failing to connect. A packet capture on the client shows the ClearPass server is sending a RADIUS Access-Reject message immediately after the client sends its Client Hello message. What is the most probable misconfiguration in ClearPass?
A network administrator is configuring a BGP peering between an Aruba CX switch at the campus edge and an ISP router. The administrator needs to prevent routes learned from other internal BGP peers from being advertised to the ISP. Which BGP attribute or mechanism should be used in an outbound route map to achieve this?
A large retail company is migrating its campus core from a traditional Layer 2 design to a more resilient architecture using two Aruba CX 8400 switches. The primary goals are to provide active-active forwarding for all VLANs, eliminate STP, and ensure sub-second failover. Which ArubaOS-CX technology is specifically designed to meet all these requirements?
While configuring an Aruba wireless network using AirWave, a network engineer needs to ensure that all configuration changes are validated against a set of corporate security standards before being pushed to devices. For example, no AP group should be allowed to use WPA2-Personal (PSK). Which AirWave feature should be used to enforce this policy?
A solutions architect is designing a campus network using a distributed overlay with EVPN-VXLAN. The design includes multiple VNIs that need to communicate with each other. Which EVPN route type is responsible for advertising the IP prefixes that enable inter-VNI (Layer 3) routing?
A technician is using the Aruba Central dashboard to troubleshoot a connectivity issue for a specific wireless client. The client is connected but reports extremely slow speeds. The technician navigates to the client details page. Which THREE of the following metrics are most critical to examine first to diagnose a potential RF-related performance problem? (Select THREE)