HP HPE6-A78 Exam Practice Test Instant Access

Question 1

You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs?

AAdd the '-C and *-c port-access' options to the 'show logging' command.

BConfigure a logging Tiller for the 'port-access' category, and apply that filter globally.

CEnable debugging for 'portaccess' to move the relevant logs to a buffer.

DSpecify a logging facility that selects for 'port-access' messages.

Answer : A

Question 2

What is a benefit of Opportunistic Wireless Encryption (OWE)?

AIt allows both WPA2-capabie and WPA3-capable clients to authenticate to the same WPA-Personal WLAN

BIt offers more control over who can connect to the wireless network when compared with WPA2-Personal

CIt allows anyone lo connect, but provides better protection against eavesdropping than a traditional open network

DIt provides protection for wireless clients against both honeypot APs and man-in-the-middle (MUM) attacks

Answer : C

Question 3

Refer to the exhibit.

You need to ensure that only management stations in subnet 192.168.1.0/24 can access the ArubaOS-Switches' CLI. Web Ul. and REST interfaces The company also wants to let managers use these stations to access other parts of the network What should you do?

AEstablish a Control Plane Policing class that selects traffic from 192.168 1.0/24.

BSpecify 192.168.1.0.255.255.255.0 as authorized IP manager address

CConfigure the switch to listen for these protocols on OOBM only.

DSpecify vlan 100 as the management vlan for the switches.

Answer : A

Question 4

What is a benefit or Protected Management Frames (PMF). sometimes called Management Frame Protection (MFP)?

APMF helps to protect APs and MCs from unauthorized management access by hackers.

BPMF ensures trial traffic between APs and Mobility Controllers (MCs) is encrypted.

CPMF prevents hackers from capturing the traffic between APs and Mobility Controllers.

DPMF protects clients from DoS attacks based on forged de-authentication frames

Answer : A

Question 5

You have detected a Rogue AP using the Security Dashboard Which two actions should you take in responding to this event? (Select two)

AThere is no need to locale the AP If you manually contain It.

BThis is a serious security event, so you should always contain the AP immediately regardless of your company's specific policies.

CYou should receive permission before containing an AP. as this action could have legal Implications.

DFor forensic purposes, you should copy out logs with relevant information, such as the time mat the AP was detected and the AP's MAC address.

EThere is no need to locate the AP If the Aruba solution is properly configured to automatically contain it.

Answer : B, D

Question 6

Refer to the exhibit.

You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.

What Is a part of the setup on the MC?

ACreate a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct shared secret.

BInstall the root CA associated with the 10 5.5.5 server's certificate as a Trusted CA certificate.

CConfigure a ClearPass username and password in the MyEmployees AAA profile.

DEnable the dynamic authorization setting in the 'clearpass' authentication server settings.

Answer : B

Question 7

Which attack is an example or social engineering?

AAn email Is used to impersonate a Dank and trick users into entering their bank login information on a fake website page.

BA hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials.

CA user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network.

DAn attack exploits an operating system vulnerability and locks out users until they pay the ransom.

Answer : A

HPE6-A78 Aruba Certified Network Security Associate Exam Practice Test