HPE6-A78 Online Practice Questions and Answers

You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs. What is one approach that you can take to find the relevant logs?

A. Add the "-C and *-c port-access" options to the "show logging" command.

B. Configure a logging Tiller for the "port-access" category, and apply that filter globally.

C. Enable debugging for "portaccess" to move the relevant logs to a buffer.

D. Specify a logging facility that selects for "port-access" messages.

You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.IX authentication lo Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful.

What is a good next step for troubleshooting?

A. Renew CPPM's RADIUS/EAP certificate

B. Reset the user credentials

C. Check CPPM Event viewer.

D. Check connectivity between CPPM and a backend directory server

What is a correct guideline for the management protocols that you should use on ArubaOS- Switches?

A. Disable Telnet and use TFTP instead.

B. Disable SSH and use https instead.

C. Disable Telnet and use SSH instead

D. Disable HTTPS and use SSH instead

Which attack is an example or social engineering?

A. An email Is used to impersonate a Dank and trick users into entering their bank login information on a fake website page.

B. A hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials.

C. A user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network.

D. An attack exploits an operating system vulnerability and locks out users until they pay the ransom.

What is symmetric encryption?

A. It simultaneously creates ciphertext and a same-size MAC.

B. It any form of encryption mat ensures that thee ciphertext Is the same length as the plaintext.

C. It uses the same key to encrypt plaintext as to decrypt ciphertext.

D. It uses a Key that is double the size of the message which it encrypts.

How should admins deal with vulnerabilities that they find in their systems?

A. They should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.

B. They should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).

C. They should classify the vulnerability as malware. a DoS attack or a phishing attack.

D. They should notify the security team as soon as possible that the network has already been breached.

Refer to the exhibit.

This Aruba Mobility Controller (MC) should authenticate managers who access the Web Ul to ClearPass Policy Manager (CPPM) ClearPass admins have asked you to use RADIUS and explained that the MC should accept managers' roles in Aruba-Admin-Role VSAs

Which setting should you change to follow Aruba best security practices?

A. Change the local user role to read-only

B. Clear the MSCHAP check box

C. Disable local authentication

D. Change the default role to "guest-provisioning"

Refer to the exhibit.

This company has ArubaOS-Switches. The exhibit shows one access layer switch, Swllcn-2. as an example, but the campus actually has more switches. The company wants to slop any internal users from exploiting ARP.

What Is the proper way to configure the switches to meet these requirements?

A. On Switch-1, enable ARP protection globally, and enable ARP protection on ail VLANs.

B. On Switch-2, make ports connected to employee devices trusted ports for ARP protection

C. On Swltch-2, enable DHCP snooping globally and on VLAN 201 before enabling ARP protection

D. On Swltch-2, configure static PP-to-MAC bindings for all end-user devices on the network

What is one way a noneypot can be used to launch a man-in-the-middle (MITM) attack to wireless clients?

A. it uses a combination or software and hardware to jam the RF band and prevent the client from connecting to any wireless networks

B. it runs an NMap scan on the wireless client to And the clients MAC and IP address. The hacker then connects to another network and spoofs those addresses.

C. it examines wireless clients' probes and broadcasts the SSlDs in the probes, so that wireless clients will connect to it automatically.

D. it uses ARP poisoning to disconnect wireless clients from the legitimate wireless network and force clients to connect to the hacker's wireless network instead.

What is one way that Control Plane Security (CPsec) enhances security for me network?

A. It protects wireless clients' traffic tunneled between APs and Mobility Controllers, from eavesdropping

B. It prevents Denial of Service (DoS) attacks against Mobility Controllers' (MCs") control plane.

C. It prevents access from unauthorized IP addresses to critical services, such as SSH on Mobility Controllers (MCs).

D. It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping.