Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

HP HP0-Y17 Exam -

Free HP0-Y17 Sample Questions:

Q: 1
When routing is enabled on a Wireless Module, which configuration is necessary on adjacent enterprise routers?

A. a dynamic routing protocol such as RIP or OSPF
B. interfaces in all VLANs configured on the Wireless Module
C. DHCP relay for all VLANs configured on the Wireless Module
D. static routes to IP networks configured on the Wireless Module

Answer: D

Q: 2
You must configure an ACL on a Wireless Edge Services zl Module, and attach the ACL to VLAN 55. This VLAN is associated with the Marketing WLAN on the module and does not exist on any other infrastructure device in the customer network. When will traffic be filtered by this ACL?

A. when it arrives on VLAN 55 from a wireless client
B. only when it is forwarded from the module downlink to the module uplink
C. when it arrives from the wired network and is forwarded to VLAN 55 hosts
D. when it is routed from VLAN 55 to another VLAN configured on the module

Answer: D

Q: 3
On the Wireless Edge Services zl Module, which interfaces can be associated with a single IP ACL?

A. all VLAN interfaces and the downlink
B. all VLAN interfaces, the downlink, and the uplink
C. one VLAN interface, the downlink, and the uplink
D. all VLAN interfaces and either the downlink or the uplink

Answer: B

Q: 4
What is an advantage of implementing Layer 3 routing instead of Layer forwarding on the Wireless Edge Services zl Module?

A. It enables termination of user VLANs at the network edge.
B. It enables wireless users to have different access than wired users.
C. It enables the application of different security policies for wired and wireless users.
D. It enables communication between wireless users without using resources of the switch hosting the module.

Answer: A

Q: 5
At a customer site, you have configured a Guest WLAN on a Wireless Edge Services zl Module. The WLAN will use Web-Auth to authenticate Guest users, who will be placed in VLAN 55. What other step is required to enable this configuration?

A. Enable IP routing for all VLANs configured on the module.
B. Configure a static route to VLAN 55 on the enterprise’s routers.
C. Configure an IP interface associated with VLAN 55 on the module.
D. Add the address of the VLAN 55 default gateway to the module’s Allowed List.

Answer: C

Q: 6
Which configuration step will enable a ProCurve Radio Port to obtain the IP address of a Wireless Module during Layer 3 adoption?

A. Configure DHCP Relay on the Wireless Module.
B. Define the Wireless Module as a RADIUS client in Windows IAS.
C. Define Option 189 on the DHCP server for the scope serving the RP.
D. Configure IP helper on the RP’s default gateway to forward requests to the Wireless Module’s DHCP server.

Answer: C

Q: 7
Which circumstance requires Layer 3 adoption of a radio port by a Wireless Edge Services zl Module?

A. The RP must be part of a Layer 3 mobility domain.
B. The RP is located in a different broadcast domain than the module’s downlink.
C. The RP must support users who will be assigned IP addresses in different networks.
D. The RP must obtain an IP address for enforcement of ACLs configured on the module.

Answer: B

Q: 8
What is an advantage of using Web-Auth, instead of 802.1X, for authentication of guests?

A. Web-Auth eliminates the need for data encryption
B. Web-Auth places less load on enterprise RADIUS servers.
C. Web-Auth does not require the installation of supplicant software on client computers.
D. Web-Auth enables the authentication of devices that do not provide interfaces for users to enter credentials.

Answer: C

Q: 9
What is the rule governing the number and type of ACLs that can be applied to a VLAN on a Wireless Edge Services zl Module?

A. The VLAN can support one IP ACL.
B. The VLAN can support one IP ACL or one MAC ACL.
C. The VLAN can support one IP ACL and one MAC ACL.
D. The VLAN can support all ACLs configured on the module.

Answer: A

Q: 10
At a customer site, you have enabled routing on a Wireless Edge Services zl Module installed in a 5406zl switch. Under what circumstance is configuration of a default route on the module unnecessary?

A. when the 5406zl is the only router adjacent to the Wireless Module
B. when RIP is configured on the router upstream from the Wireless Module
C. when VLANs configured on the Wireless Module also are configured on other routers
D. when a default gateway has already been defined on the Wireless Module to enable Layer 2 connectivity

Answer: D

Q: 11
Which option is provided by the advanced customization feature for Web-Auth pages on the Wireless Edge Services zl Module?

A. the ability to customize logos and text on Web-Auth pages
B. the ability to use Web-Auth pages stored on an external web server
C. the ability to install and use customized Web-Auth pages on the module
D. the ability to display different Web-Auth pages for failed and successful authentication

Answer: C

Q: 12
Which secure mobility features are available on a standalone AP 530? (Select two.)

A. Web-Auth
B. built-in firewall
C. built-in RADIUS
D. VLAN-based ACLs
E. user-based policies

Answer: A, C

Q: 13
Which ProCurve secure mobility solution requires the installation of a RADIUS agent on the enterprise RADIUS server?

A. Access Point 530
B. Identity Driven Manager
C. ProCurve Mobility Manager
D. Wireless Edge Services zl Module

Answer: B

Q: 14
Which statement describes the relationship between Identity Driven Manage and an enterprise RADIUS server?

A. IDM acts as a graphical interface for the configuration of RADIUS policies.
B. IDM provides a RADIUS proxy server for users affected by IDM Access Rules.
C. IDM applies the RADIUS server’s Remote Access Policies to authenticated users.
D. IDM enables the RADIUS server to specify VLAN assignments for authenticated users.

Answer: A

Q: 15
You have configured AP detection on two Radio Ports connected to a Wireless Edge Services zl Module. Which step is necessary to enable ProCurve Manager Plus with Mobility Manager to display information about the detected APs?

A. Configure IP addresses on the RPs.
B. Configure SNMP traps on the Wireless Module
C. Define a detection alert in the PCM+ Events viewer.
D. Add the RPs to a detection group in Mobility Manager.

Answer: B

Q: 16
You must configure a Wireless Edge Services zl Module so that clients will be subject to router-based ACLs based on IP address range. Which module feature enables you to support this strategy?

A. DHCP relay
B. Layer 3 mobility
C. built-in RADIUS server
D. dynamic VLAN assignment

Answer: D

Q: 17
At a customer site, you must configure a Switch 5400zl and Identity Driven Manager to authenticate Sales users and place them in VLAN 48. Which steps are necessary to complete this configuration? (Select three.)

A. Configure VLAN 48 on the Switch 5400zl.
B. Enable 802.1X authentication for all affected switch ports.
C. Assign all affected switch ports to VLAN 48 as tagged members.
D. Define VLAN 48 as the unauthorized VID for all affected switch ports.
E. Add all Sales users to the list of RADIUS clients on the authentication server.
D. Define an IDM Access Profile and Access Rule associating Sales users with VLAN 48.

Answer: A, B, F

Q: 18
At a customer site, you have enabled and activated 802.1X authentication for ports 1-4 on a Switch 3500yl. VLAN membership of the ports is at default settings. Users connecting to the switch will authenticate using Windows IAS and be assigned to VLANs based on policies applied by Identity Driven Manage. You enter the following command:

3500yl(config)#aaa port-access authenticator Ethernet 1-4 unauth-vid 33

What is the VLAN membership of these ports while no clients are connected?

B. VLAN 33
C. VLAN assigned by IDM
D. VLAN assigned by RADIUS server

Answer: A

Q: 19
In Identity Driven Manager, what is the default setting for access control based on time of connection?

A. Access is allowed at all times.
B. Access is not permitted at any time.
C. Access is permitted during normal business hours.
D. Access is permitted at times configured during installation.

Answer: A

Q: 20
Which feature of the Wireless Edge Services zl Module enables the reporting of excessive authentication attempts?

A. AP detection
B. built-in firewall
C. Access Control Lists
D. Intrusion Detection System

Answer: D

Q: 21
You have configured 802.1X authentication for four ports on a Switch 2600-8-PWR. One of the ports is connected to an AP 530 in a conference room at a customer site. To ensure users connecting through both devices have the same access rights, you have added the switch ports to an IDM Location that already includes the AP 530. During a test, users connecting to the AP 530 are assigned to the correct Access Policy. Users connecting through the switch ports receive the Default Access Policy. How can you correct this configuration?

A. Edit the Location to support 802.1X over wired devices.
B. Add the switch and the AP 530 to the same group in Mobility Manager.
C. Configure 802.1X authentication on the switch port connected to the AP.
D. Set the WLAN parameter to ANY in the IDM Access Rule for the users.

Answer: D

Q: 22
You must configure Identity Driven Manager to control access for five user groups to a file server at a customer site. Which IDM object must be configured to enable you to identify this server in Access Rules?

A. Location
B. Access Policy
C. Access Profile
D. Network Resource

Answer: D

Q: 23
When is the intrusion detection capability enabled on the Wireless Edge Services zl Module?

A. when routing is enabled
B. when the module is installed
C. when the first WLAN is enabled
D. when the built-in firewall is enabled

Answer: B

Q: 24
What is an advantage of using the Wireless Module instead of the AP 530 to detect rogue APs?

A. The Wireless Module supports passive scanning as well ad dedicated scanning.
B. The Wireless Module can be configured to require APs to submit 802.1X credentials.
C. The Wireless Module provides an administrative interface for identifying authorized and unauthorized APs.
D. The Wireless Module’s built-in firewall prevents users associated with unauthorized APs from accessing network resources.

Answer: C

Q: 25
What is a difference between the Web-Auth features on the AP 530 and the Wireless Edge Services zl Module?

A. The AP 530 does not support 802.1X for Web-Auth Clients.
B. The AP 530 does not support WPA encryption for Web-Auth Clients.
C. The AP 530 does not support customization of text on the login page.
D. The AP 530 does not enable the loading of custom web pages from external servers.

Answer: D

Q: 26
What is the purpose of the Guest Login feature on the AP 530?

A. enable guests to use the built-in guest account for Web-Auth
B. enable guests to register as users during the log-in process
C. enable guests to obtain certificates necessary for 802.1X authentication
D. enable guests to obtain IP addresses local to the AP during authentication

Answer: A

Q: 27
At a customer site, you must configure three ports on a Switch 2610-24-PWR to authenticate users as part of a unified wired and wireless solution that will use Identity Driven Manager to apply access policies. Which device’s IP address do you require for this configuration?

A. RADIUS server
B. PCM+/IDM server
C. Certification Authority
D. Windows Domain Controller

Answer: A

Q: 28
The management interface for the IDS on a Wireless Edge Services zl Module reports that the configured threshold for excessive association attempts by a station is set to 0. What does this indicate?

A. The IDS has not detected any events of this type.
B. The IDS is not scanning for this type of event.
C. No RPs have been configured for intrusion detection.
D. No users are associated with WLANs configured for intrusion detection.

Answer: B

Q: 29
What is an advantage of configuring a ProCurve Radio Port for passive scanning instead of dedicated scanning for rogue AP detection?

A. The RP can continue serving clients while scanning.
B. The RP can be assigned to a Quarantine VLAN in PCM+.
C. The RP can be configured to scan selected radio frequencies.
D. The RP can send SNMP traps to PCM+ when rogue APs are detected.

Answer: A

© 2014, All Rights Reserved