Avaya Avaya Certifications 71301X Questions & Answers

• Question 1:

  When installing a new Avaya Session Border Controller for Enterprise (ASBC6) component / device using the EMS GUI, you click on the Install link on the EMS Device Management page.

  After briefly displaying the Provisioned status, which final status should the ASBCE component / device display?

  A. Up

  B. Commissioned

  C. Running

  D. Active

  Correct Answer: C

  After installing a new Avaya Session Border Controller for Enterprise (ASBC6) component / device using the EMS GUI, you click on the Install link on the EMS Device Management page. After briefly displaying the Provisioned status, the final status that the ASBCE component / device should display is Running. The EMS Device Management page is a web interface that allows you to view and manage the ASBCE components / devices, such as EMS (Element Management System), SBC (Session Border Controller), or HCA (High Capacity Appliance). The EMS Device Management page displays information such as device name, management IP, version, status, reboot, and shutdown for each component / device. The status indicates the operational state of the component / device, which can be one of these values: Provisioned, Commissioned, Registered, or Running. The Running status means that the component / device is fully operational and ready to handle traffic. Therefore, after installing a new ASBCE component / device using the EMS GUI, you should wait until it displays a Running status on the EMS Device Management page.

• Question 2:

  Which two statements about the Avaya Session Border Controller for Enterprise (ASBCE) certificate management are true? (Choose two.)

  A. It allows using a default server certificate for up to one year after the installation.

  B. It only supports .crt certificate file types.

  C. It requires a single server identity certificate for each deployed server.

  D. It supports both the Root and Intermediate Certificate Authority (CA) certificates.

  E. It provides an in-built Certificate Signing Request (CSR) generation utility.

  Correct Answer: AD

  The Avaya Session Border Controller for Enterprise (ASBCE) certificate management is a feature that allows you to install, manage, and renew certificates for the ASBCE server. Certificates are used to authenticate and encrypt the

  communication between the ASBCE server and other entities, such as endpoints, servers, or service providers. The following statements about the ASBCE certificate management are true:

  It allows using a default server certificate for up to one year after the installation:

  The ASBCE server comes with a default self-signed server certificate that can be used for testing or demonstration purposes. The default server certificate is valid for one year from the date of installation. After one year, the default server

  certificate expires and needs to be replaced with a valid certificate from a trusted Certificate Authority (CA).

  It supports both the Root and Intermediate Certificate Authority (CA) certificates:

  The ASBCE server supports installing both the Root and Intermediate CA certificates, which are used to verify the identity and trustworthiness of other certificates. A Root CA certificate is a certificate that is issued by a trusted authority and is

  self-signed. An Intermediate CA certificate is a certificate that is issued by a Root CA or another Intermediate CA and is used to sign other certificates. The ASBCE server can store up to 10 Root CA certificates and up to 10 Intermediate CA

  certificates.

• Question 3:

  What is the correct URL for connecting to the Application Enablement Services (AES) web interface, and the default login ID?

  A. https://, then enter login=cust

  B. https:///admin, then enter login=ucsec

  C. https://:8443, then enter login=craft

  D. http://, then enter login=admin

  Correct Answer: C

  To connect to the Application Enablement Services (AES) web interface, you need to use the correct URL and the default login ID. The AES web interface is a web- based application that allows you to configure and manage the AES server and its features. You can access the AES web interface using any web browser that supports HTTPS. The URL for connecting to the AES web interface is https://:8443, where is the IP address of the AES server that you want to connect to. The port number 8443 is the default port for HTTPS communication with the AES server. After entering the URL in the web browser, you will see a login screen where you need to enter the login ID and password for accessing the AES web interface. The default login ID for the AES web interface is craft, which is a system administrator account that has full access to all features and functions of the AES server. The default password for the craft account is craft. You can change the password or create other user accounts with different access levels using the Security Database feature of the AES web interface.

• Question 4:

  You need to connect the Avaya Breeze?platform that is hosting an Avaya Aura Presence Services snap-in with the Avaya Aura Session Manager (SM). Which three are required to set up this connection? (Choose three.)

  A. One Entity Link from SM to Avaya Breeze?

  B. one Entity Link from SM to Avaya Aura Presence Services Snap-in

  C. TLS ports 5061 and TLS 5062

  D. UDP port 5060 and TLS port 5061

  E. TCP port 5060 and UDP port 5060

  Correct Answer: ACD

  To connect the Avaya Breeze?platform that is hosting an Avaya Aura Presence Services snap-in with the Avaya Aura Session Manager (SM), you need to configure the following: One Entity Link from SM to Avaya Breeze? This is a SIP trunk that connects the SM and the Avaya Breeze?server for SIP signaling and media. You need to create an Entity Link in System Manager, under Elements > Routing > Entity Links, and specify the IP address or FQDN of the SM and the Avaya Breeze?server Security Module (SM100). You also need to select TLS as the SIP Link Transport Type56 TLS ports 5061 and TLS 5062: These are the ports used by the Entity Link for secure SIP signaling between SM and Avaya Breeze? Port 5061 is used by SM to send SIP requests to Avaya Breeze? while port 5062 is used by Avaya Breeze? to send SIP responses to SM. These ports require a valid certificate on both SM and Avaya Breeze?servers56 UDP port 5060 and TLS port 5061: These are the ports used by the Presence Services snap-in for XMPP federation with other XMPP servers or clients. Port 5060 is used for unencrypted XMPP traffic over UDP, while port 5061 is used for encrypted XMPP traffic over TLS. These ports enable presence and instant messaging features across different domains or platforms34

• Question 5:

  When the Branch Session Manager (BSM) sends OPTIONS requests to the Survivable Communication Manager (CM) when the Main Communication Manager and the Core Session Managers are in a working condition and reachable, what would be the SIP response?

  A. 503 Service Unavailable (LSP is inactive)

  B. 503 Service Unavailable (No Media Resources)

  C. 200 OK

  D. 488 Not Acceptable Here

  Correct Answer: B

  The Server ID is a numeric value that identifies each Communication Manager server in the network. The Server ID is used for licensing, administration, and synchronization purposes. Every CM server in the network needs to be assigned a unique Server ID, including servers in a duplex pair. A duplex pair is a configuration where two CM servers are connected by a dedicated link and act as a single logical entity, providing high availability and redundancy for call processing. The Server ID of each CM server in a duplex pair must be an even/odd pair (N, N+1), where N is an even number. For example, if one server in a duplex pair has Server ID 2, theother server must have Server ID 3. The Server ID can be configured during the installation or post-installation of Communication Manager, using the set server-id command

• Question 6:

  The customer plans to have 50 SIP Trunks and 100 Remote Workers supported by the Avaya Session Border Controller for Enterprise (ASBCE). How many ASBCE licenses will they require?

  A. 150 standard services licenses, and 150 advanced services licenses

  B. 50 standard services licenses, and 100 advanced services licenses

  C. 150 standard services licenses

  D. 150 standard services licenses, and 100 advanced services licenses

  Correct Answer: B

  The Avaya Session Border Controller for Enterprise (ASBCE) requires licenses to support different types of services, such as SIP Trunking or Remote Worker. The ASBCE licenses are based on the number of concurrent sessions that are handled by the ASBCE server. There are two types of licenses: standard services licenses and advanced services licenses. A standard services license is required for each SIP Trunking session, which is a session between the ASBCE server and a SIP service provider. An advanced services license is required for each Remote Worker session, which is a session between the ASBCE server and a remote endpoint, such as an IP phone or a softphone. Therefore, if the customer plans to have 50 SIP Trunks and100 Remote Workers supported by the ASBCE, they will need 50 standard services licenses and 100 advanced services licenses.

• Question 7:

  Refer to the exhibit.

  

  When configuring a Reverse Proxy for the Avaya Aura Web Gateway (AAWG) in the Avaya Session Border Controller for Enterprise (ASBCE), what is the significance of using port 8444 in the Server Address field?

  A. This port should match the Front-end port for external access on the AAWG so that AAWG sends the media path for external calls through the ASBCE STUN/TURN server.

  B. It is the default listen port on the AAWG used for all WebRTC call signalling.

  C. It's the default port used for ICE/STUN/TURN messages on the AAWG.

  D. It's used for remote access to the AAWG web interface.

  Correct Answer: B

  When configuring a Reverse Proxy for the Avaya Aura Web Gateway (AAWG) in the Avaya Session Border Controller for Enterprise (ASBCE), the Server Address field is used to specify the IP address or FQDN and port of the AAWG server. The port used in this field shouldmatch the listen port on the AAWG server that is used for all WebRTC call signalling. The default listen port on the AAWG server is 8444, which is also used by default in the Server Address field of the ASBCE Reverse Proxy configuration. The Reverse Proxy allows external clients to access the AAWG server securely and transparently through the ASBCE

• Question 8:

  In some deployments, the Avaya Session Border Controller for Enterprise (ASBCE) might not trust the Certificate Authority (CA) which signed the WebLM server identity certificate.

  Which tool would you use to fix the trust issue?

  A. the "Fix ASBCE WebLM Cert" option under Device Management > Licensing

  B. the sbceconfigurator.py fix-weblm-cert command issued from the EMS CLI

  C. the sbceconfigurator.py change-ssl-certs command issued from the SBC CLI

  D. the "Verify Existing Certificate" option under Device Management > Licensing

  Correct Answer: B

  If the Avaya Session Border Controller for Enterprise (ASBCE) does not trust the Certificate Authority (CA) that signed the WebLM server identity certificate, you can use the sbceconfigurator.py fix-weblm-cert command issued from the EMS CLI to fix the trust issue. The WebLM server is a web-based licensing application that manages licenses for various Avaya products, such as Communication Manager, Session Manager, Presence Services, or Breeze Platform. The WebLM server uses an identity certificate to authenticate itself to other entities that communicate with it using HTTPS or REST APIs. The identity certificate is signed by a CA, which is an entity that issues and verifies certificates. The ASBCE server needs to trust the CA that signed the WebLM server identity certificate in order to communicate with it securely and obtain licenses from it. If the ASBCE server does not trust the CA, you can use the sbceconfigurator.py fix-weblm-cert command to install the CA certificate on the ASBCE server and establish trust with it. The sbceconfigurator.py tool is a Python script that runs on the EMS component of the ASBCE server and performs various configuration tasks. The EMS component is responsible for managing and monitoring the ASBCE server. You can access the EMS CLI using SSH or Telnet and run the sbceconfigurator.py tool from there.

• Question 9:

  Which statement about the Application Enablement Services (AES) certificate management is true?

  A. AES is shipped with a self-signed server identity certificate which can be used indefinitely.

  B. AES provides an integrated Certificate Authority (CA) which can be used to generate a self-signed server identity certificate.

  C. AES is shipped with a default certificate which is valid for one year, and a customer- provided server identity certificate must be installed before the default certificate expires.

  D. AES does not require a server identity certificate as it communicates only via H.323.

  Correct Answer: C

  The statement that is true about the Application Enablement Services (AES) certificate management is that AES is shipped with a default certificate which is valid for one year, and a customer-provided server identity certificate must be installed before the default certificate expires. A server identity certificate is a file that contains information about the identity and public key of a server, such as AES. A server identity certificate is used to authenticate the server to other entities that communicate with it using HTTPS or SIP over TLS. A server identity certificate is signed by a Certificate Authority (CA), which is an entity that issues and verifies certificates. AES uses certificates for various purposes, such as securing web access, enabling HTTPS-based APIs, encrypting SIP signaling, and supporting mutual authentication with endpoints or servers. AES comes with a default self- signed certificate that can be used for testing or demonstration purposes. The default certificate is valid for one year from the date of installation. After one year, the default certificate expires and needs to be replaced with a valid customer-provided certificate from a trusted CA. To install a customer-provided certificate on AES, you need to use tools such as OpenSSL or Keytool to generate a Certificate Signing Request (CSR), submit it to a CA, obtain a signed certificate from the CA, and upload it to AES using the web interface or CLI.

• Question 10:

  You are preparing to obtain a server identity certificate from a Certificate Authority (CA) for the installation on the Avaya Session Border Controller for Enterprise (ASBCE).

  What should be done prior to obtaining a server identity certificate from the CA?

  A. Run initTM -f from the ASBCE CLI.

  B. Configure an Enrollment Password in the System Manager.

  C. Create a TLS Profile in the ASBCE.

  D. Generate a Certificate Signing Request (CSR).

  Correct Answer: D

  Before obtaining a server identity certificate from a Certificate Authority (CA) for the installation on the Avaya Session Border Controller for Enterprise (ASBCE), you need to generate a Certificate Signing Request (CSR). A CSR is a file that contains information about the identity and public key of the ASBCE server, as well as a digital signature that proves the ownership of the public key. A CSR is used to request a server identity certificate from a CA, which is an entity that issues and verifies certificates. The CA will check the information in the CSR and issue a server identity certificate that contains the same information and public key, as well as the CA's signature and validity period. The server identity certificate is used to authenticate the ASBCE server to other entities that communicate with it using HTTPS or SIP over TLS. To generate a CSR for the ASBCE server, you can use tools such as OpenSSL or Keytool, or use the ASBCE web interface or CLI.