HPE Aruba Certified Mobility Professional (ACMP) — Question 82
A network uses MSTP and has AOS-Switches at the access layer. The company wants edge ports on the access layer switches to meet these criteria:
✑ They prevent all rogue switches that run STP, RSTP, or MSTP from connecting to the network.
✑ If a rogue switch connects and is then replaced by a proper endpoint, the port recovers automatically without IT staff involvement.
How should the network administrator set up the edge ports to meet these requirements?
Answer options
- A. Enable loop protection with a timeout period.
- B. Enable BPDU filtering.
- C. Enable both root guard and BPDU protection.
- D. Enable BPDU protection with a timeout period.
Correct answer: D
Explanation
The correct answer is D, as enabling BPDU protection with a timeout prevents rogue switches from connecting while allowing the port to recover automatically when a legitimate device is connected. Option A does not effectively address rogue switch connections. Option B allows all BPDUs to be filtered out, which could prevent legitimate devices from communicating. Option C provides protection against a root bridge being compromised but does not ensure automatic recovery in the scenario described.