A company has an Aruba solution with a guest WLAN named exam_guest. A network administrator creates the guest WLAN with the wizard and does not change any of the default roles. The authentication server does not send particular role assignments for authorized users. The company wants to deny guests access to specific IP ranges after the guest authenticate.
For which role should the administrator create the rule to deny this traffic?
The rule to deny specific IP ranges should be created for the 'guest' role. This is because the 'guest-logon' role is used for pre-authentication, and controls such as DHCP and DNS are often managed there. Post-authentication, the guest users are moved to the 'guest' role. Thus, to restrict access for authenticated guest users, modifications should be made to the 'guest' role.
I feel like the correct answer should be A because the question states "after the guest has authenticated." "guest-logon" is used for pre-authentication (limited to DHCP & DNS). The guest role is used post-authentication.
Answer is A : Guest-logon is for preauthentication and guest is for postauthentication by default. Company wants to deny guests access to specific IP ranges after the guest authenticate
Edit: guest-logon indeed is defualt role assigned to guest wifi. I would edit guest-logon and create rule in last section at very bottom of guest-logon role. So answer is D
Answer is A
Correct ANS is C While using wizard, by default a new Guest-Logon role created to support redirection. In this case SSID name is exam_guest, so the newly created default role will be exam_guest-guest-logon. To edit any firewall policies, administrator has to edit the firewall policies of exam_guest-guest-logon role.
A - by default fall into "guest" role, when RADIUS doesnt send any more specific roles
The answer here is C because most of the below comments are right: after the guest has authenticated. The reason is not A is because when you create a WLAN with the wizard it creates automatically a role that is the WLAN+guest-logon in this case exam_guest-guest-logon.
ACMA Officially Certification Study Guide (Exam HPE6-A42) page 270
Sorry wrong, C is the WLAN+guest-logon is the profile role name. Not the role after authenticate. So it is A.
D is wrong, its for pre-auth with captive portal A is wrong as it allows http to any. B permits all. C is unknown. This question is isn't clear....not enough info In general to restrict something i would create new role, as editing default roles is not suggested.
Correct is "A" Guest logon is the pre-authen role Guest is post-authen role, so modify the Guest role to deny guests access to specific IP ranges Correct Answer : A
Guest logon is the pre-authen role Guest is post-authen role, so modify the Guest role to deny guests access to specific IP ranges Correct Answer : A
correct answer should be A
The administrator should create the rule to deny traffic for the "guest" role. This is because the guest WLAN is named "exam_guest," and the administrator did not change any of the default roles, so guests will likely be assigned the default "guest" role. Additionally, the authentication server does not send particular role assignments for authorized users, which further supports using the "guest" role for the rule. Therefore, the correct answer is A. guest.