**** HP0-759 Description | HP0-759 Syllabus | HP0-759 Exam Objectives | HP0-759 Course Outline ****

**** SAMPLE HP ProCurve Combined Security and Mobility 2021 Dumps ****

specified in the ACL.
D. They would have no access at all because the ACL is misconfigured
Answer: B
You want to use IEEE 802.1X port authentication to assign Microsoft Active Directory users to
a particular VLAN based on their user IDs. What must be in place? Select TWO.
A. The VLAN ID must be defined in a GVRP configuration.
B. The user must be a member of an Active Directory Group that has an associated RADIUS
C. The user must be a member of a group that is associated with a VLAN ID in a RADIUS
D. The VLAN ID must exist on the switch.
E. The port through which the user is authenticating must be defined as a member of the VLAN.
Answer: C, D
A software company uses 802.1X to authenticate all users on the network and to allow contract
employees access to the network only during normal business hours. What is the best approach
for configuring this time restriction?
A. Configure a “Time Restriction” policy and assign the user accounts for each contract employee
to the policy.
B. Configure an access policy on the RADIUS server that associates a time restriction with
usernames of the contract employees.
C. Create a “contractors” group in Active Directory (LDAP) and assign time restrictions to the
D. Configure an access policy on the RADIUS server that associates a time restriction with a
“contractors” group.
Answer: D
In an 802.1X authentication environment there are different methods by which a user can be
placed on a VLAN. Which method has the highest priority on a given port?
A. an authorized VLAN assignment configured on the switch at the time 802.1X was enabled for
the port
B. a dynamic VLAN assignment from the RADIUS server
C. the statically assigned VLAN configured for the port
D. the priority determined by the command used to configure the port for 802.1X authentication
Answer: B
When using multiple RADIUS servers, what is true with regard to configuration of encryption
keys or shared secrets on the HP ProCurve switch?
A. The keys for all servers in the domain must be the same.
B. The keys for all servers in the domain must be different.
C. A globally defined key overrides the key associated with an individual server.
D. A key associated with a server overrides the globally defined key.
Answer: D
You support a network that has ports in a conference room that is regularly used by guests. You
have decided to define a guest VLAN that allows access to the internet and prevents access to
corporate resources. Which solution provides the most flexibility and lowest management
overhead while placing the guest users in the appropriate VLAN?
A. Require that guests connect only to ports in the conference room that are members of the guest
B. Enable 802.1X on the conference room ports. Give guests a temporary logon ID and provide
them with 802.1X supplicant software. Associate guest user IDs with a guest VLAN that
prevents access to corporate resources.
C. Enable IEEE 802.1X on the conference room ports and configure the guest VLAN as the
authorized VLAN for these ports.
D. Enable IEEE 802.1X on the conference room ports and configure the guest VLAN as the
unauthorized VLAN for these ports.
Answer: D
You have enabled port security using the “send-disable” action. Which administrative action, if
any, is required after an intrusion to enable the device to return to normal operation?
A. No action is required.
B. The intrusion flag must be cleared.
C. The port must be enabled.
D. The intrusion flag must be cleared and the port must be enabled.
Answer: D
Click the Exhibit button.
The RADIUS server and switch are correctly configured for proper interaction. The switch has
the VLAN assignments and port-access commands shown in the diagram. When the user
provides valid authentication information, port 10 will ________.
A. remain in an unauthorized state and prevent user traffic from being forwarded
B. become a member of VLAN 20
C. become a member of VLAN 25
D. become a member of VLAN 200
Answer: A

