HPE Aruba Certified Mobility Associate (ACMA) — Question 45

An architect proposes Aruba 2930F switches, which do not have OOBM ports. The customer wants to follow best practices for network management security.
Which guideline can the architect follow?

Answer options

• A. Assign access layer switches IP addresses on a VLAN that is dedicated for switch management.
• B. Ensure that DHCP is enabled on only the switch Default VLAN.
• C. Ensure that Telnet is enabled and set to listen on production VLANs.
• D. Assign switches static IP addresses on the same VLAN on which APs are deployed.

Correct answer: A

Explanation

The correct answer, A, suggests assigning IP addresses for management on a dedicated VLAN, which enhances security by isolating management traffic. Option B is incorrect because enabling DHCP on the Default VLAN can expose the network to security risks. Option C is wrong as enabling Telnet on production VLANs can compromise security; SSH should be used instead. Option D does not follow best practices as assigning static IPs on the same VLAN as APs could lead to security vulnerabilities.