This page was exported from IT Certification Exam Braindumps [ http://blog.braindumpsit.com ] Export date:Sun Oct 6 14:33:17 2024 / +0000 GMT ___________________________________________________ Title: HPE6-A78 Exam Dumps Pass with Updated 2022 Certified Exam Questions [Q30-Q50] --------------------------------------------------- HPE6-A78 Exam Dumps Pass with Updated 2022 Certified Exam Questions HPE6-A78 Exam Questions - Real & Updated Questions PDF HP HPE6-A78 Exam Syllabus Topics: TopicDetailsTopic 1Compare and contrast wireless LAN methodologies Describe user roles and policy enforcementTopic 2Collect and monitor historical network pattern data Describe firewall (PEF), dynamic segmentation, RBAC, AppRFTopic 3Explain social engineering and defense Describe PKI componentsTopic 4Explain attack stages and kill chain Identify the difference between a threat and a vulnerabilityTopic 5Disable insecure protocols and follow best practices for implement secure management protocols such as SSH, HTTPSTopic 6View and acknowledge WIPS and WIDS, alarms Troubleshoot with access trackerTopic 7Compare and contrast wired LAN methodologies Explain the purpose and methods of a packet captureTopic 8Identify and evaluate discovered endpoints Describe common security threats   NEW QUESTION 30You are configuring ArubaOS-CX switches to tunnel client traffic to an Aruba Mobility Controller (MC).What should you do to enhance security for control channel communications between the switches and the MC?  Create one UBT zone for control traffic and a second UBT zone for clients.  Configure a long, random PAPI security key that matches on the switches and the MC.  install certificates on the switches, and make sure that CPsec is enabled on the MC  Make sure that the UBT client vlan is assigned to the interface on which the switches reach the MC and only that interface. NEW QUESTION 31You have detected a Rogue AP using the Security Dashboard Which two actions should you take in responding to this event? (Select two)  There is no need to locale the AP If you manually contain It.  This is a serious security event, so you should always contain the AP immediately regardless of your company’s specific policies.  You should receive permission before containing an AP. as this action could have legal Implications.  For forensic purposes, you should copy out logs with relevant information, such as the time mat the AP was detected and the AP’s MAC address.  There is no need to locate the AP If the Aruba solution is properly configured to automatically contain it. NEW QUESTION 32What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture?  It resides in the cloud and manages licensing and configuration for Collectors  It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.  It resides on-prem and is responsible for running active SNMP and Nmap scans  It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors NEW QUESTION 33Refer to the exhibit.A diem is connected to an ArubaOS Mobility Controller. The exhibit snows all Tour firewall rules that apply to this diem What correctly describes how the controller treats HTTPS packets to these two IP addresses, both of which are on the other side of the firewall10.1 10.10203.0.13.5  It drops both of the packets  It permits the packet to 10.1.10.10 and drops the packet to 203 0.13.5  it permits both of the packets  It drops the packet to 10.1.10.10 and permits the packet to 203.0.13.5. NEW QUESTION 34How should admins deal with vulnerabilities that they find in their systems?  They should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.  They should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).  They should classify the vulnerability as malware. a DoS attack or a phishing attack.  They should notify the security team as soon as possible that the network has already been breached. NEW QUESTION 35You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure management access to the ArubaOS Web UP  Avoid using external manager authentication tor the Web UI.  Change the default 4343 port tor the web UI to TCP 443.  Install a CA-signed certificate to use for the Web UI server certificate.  Make sure to enable HTTPS for the Web UI and select the self-signed certificate Installed in the factory. NEW QUESTION 36What is an example or phishing?  An attacker sends TCP messages to many different ports to discover which ports are open.  An attacker checks a user’s password by using trying millions of potential passwords.  An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.  An attacker sends emails posing as a service team member to get users to disclose their passwords. NEW QUESTION 37You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.IX authentication lo Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful.What is a good next step for troubleshooting?  Renew CPPM’s RADIUS/EAP certificate  Reset the user credentials  Check CPPM Event viewer.  Check connectivity between CPPM and a backend directory server NEW QUESTION 38What is a vulnerability of an unauthenticated Dime-Heliman exchange?  A hacker can replace the public values exchanged by the legitimate peers and launch an MITM attack.  A brute force attack can relatively quickly derive Diffie-Hellman private values if they are able to obtain public values  Diffie-Hellman with elliptic curve values is no longer considered secure in modem networks, based on NIST recommendations.  Participants must agree on a passphrase in advance, which can limit the usefulness of Diffie- Hell man in practical contexts. NEW QUESTION 39Refer to the exhibit.You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named “MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.What Is a part of the setup on the MC?  Create a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct shared secret.  Install the root CA associated with the 10 5.5.5 server’s certificate as a Trusted CA certificate.  Configure a ClearPass username and password in the MyEmployees AAA profile.  Enable the dynamic authorization setting in the “clearpass” authentication server settings. NEW QUESTION 40Refer to the exhibit, which shows the current network topology.You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the forwarding mode and Implements WPA3-Enterprise security What is a guideline for setting up the vlan for wireless devices connected to the WLAN?  Assign the WLAN to a single new VLAN which is dedicated to wireless users  Use wireless user roles to assign the devices to different VLANs in the 100-150 range  Assign the WLAN to a named VLAN which specified 100-150 as the range of IDs.  Use wireless user roles to assign the devices to a range of new vlan IDs. NEW QUESTION 41What is a difference between radius and TACACS+?  RADIUS combines the authentication and authorization process while TACACS+ separates them.  RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol.  RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption.  RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them. NEW QUESTION 42A company with 382 employees wants to deploy an open WLAN for guests. The company wants the experience to be as follows:The company also wants to provide encryption for the network for devices mat are capable, you implement Tor the WLAN?Which security options should  WPA3-Personal and MAC-Auth  Captive portal and WPA3-Personai  Captive portal and Opportunistic Wireless Encryption (OWE) in transition mode  Opportunistic Wireless Encryption (OWE) and WPA3-Personal NEW QUESTION 43Which attack is an example or social engineering?  An email Is used to impersonate a Dank and trick users into entering their bank login information on a fake website page.  A hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials.  A user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network.  An attack exploits an operating system vulnerability and locks out users until they pay the ransom. NEW QUESTION 44What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?  EAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake.  EAP-TLS requires the supplicant to authenticate with a certificate, hut PEAP allows the supplicant to use a username and password.  EAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process  EAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption. NEW QUESTION 45A company has Aruba Mobility Controllers (MCs). Aruba campus APs. and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type The ClearPass admins tell you that they want to run Network scans as part of the solution What should you do to configure the infrastructure to support the scans?  Create a TA profile on the ArubaOS-Switches with the root CA certificate for ClearPass’s HTTPS certificate  Create device fingerprinting profiles on the ArubaOS-Switches that include SNMP. and apply the profiles to edge ports  Create remote mirrors on the ArubaOS-Swrtches that collect traffic on edge ports, and mirror it to CPPM’s IP address.  Create SNMPv3 users on ArubaOS-CX switches, and make sure that the credentials match those configured on CPPM NEW QUESTION 46You need to deploy an Aruba instant AP where users can physically reach It. What are two recommended options for enhancing security for management access to the AP? (Select two )  Disable Its console ports  Place a Tamper Evident Label (TELS) over its console port  Disable the Web Ul.  Configure WPA3-Enterpnse security on the AP  install a CA-signed certificate NEW QUESTION 47A company has an Aruba solution with a Mobility Master (MM) Mobility Controllers (MCs) and campus Aps.What is one benefit of adding Aruba Airwave from the perspective of forensics?  Airwave can provide more advanced authentication and access control services for the AmbaOS solution  Airwave retains information about the network for much longer periods than ArubaOS solution  Airwave is required to activate Wireless Intrusion Prevention (WIP) services on the ArubaOS solution  AirWave enables low level debugging on the devices across the ArubaOS solution NEW QUESTION 48What is a correct guideline for the management protocols that you should use on ArubaOS-Switches?  Disable Telnet and use TFTP instead.  Disable SSH and use https instead.  Disable Telnet and use SSH instead  Disable HTTPS and use SSH instead NEW QUESTION 49What is an Authorized client as defined by ArubaOS Wireless Intrusion Prevention System (WIP)?  a client that has a certificate issued by a trusted Certification Authority (CA)  a client that is not on the WIP blacklist  a client that has successfully authenticated to an authorized AP and passed encrypted traffic  a client that is on the WIP whitelist. NEW QUESTION 50A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user’s Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has tailed for the user. The Mobility Controllers (MC’s) RADIUS events show that it is receiving Access-Rejects for the authentication attempt.What is one place that you can you look for deeper insight into why this authentication attempt is failing?  the reports generated by Aruba ClearPass Insight  the RADIUS events within the CPPM Event Viewer  the Alerts tab in the authentication record in CPPM Access Tracker  the packets captured on the MC control plane destined to UDP 1812  Loading … Pass Guaranteed Quiz 2022 Realistic Verified Free HP: https://www.braindumpsit.com/HPE6-A78_real-exam.html --------------------------------------------------- Images: https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-07-12 15:13:52 Post date GMT: 2022-07-12 15:13:52 Post modified date: 2022-07-12 15:13:52 Post modified date GMT: 2022-07-12 15:13:52