HPE Aruba Certified Network Security Expert (ACNSX) — Question 56

An administrator creates an ACL rule with both the `count` and `log` option enabled. What is correct about the action taken by an AOS-CX switch when there is a match on this rule?

Answer options

• A. By default, a summarized log is created every minute with a count of the number of matches
• B. Logging will not include certificate and TLS events, but counting will
• C. The ג€countג€ and ג€logג€ options are processed by the AOS-CX switch's hardware ASIC
• D. The total in the ג€logג€ record and the count could contain different rule matching statistics

Correct answer: D

Explanation

The correct answer is D because the 'log' record and the count can indeed reflect different statistics due to how the logging and counting mechanisms operate independently. Option A is incorrect as the logging does not have a default summarization every minute. Option B is wrong because counting does not include certificate and TLS events while logging does not get the same treatment. Option C is misleading as while the ASIC processes many functions, the counting and logging behaviors are not strictly limited to ASIC processing.