[Aug 28, 2022] Pass Your HPE6-A78 Dumps Free Latest HP Practice Tests
Get Top-Rated HP HPE6-A78 Exam Dumps Now
NEW QUESTION 32
What is an example or phishing?
- A. An attacker sends emails posing as a service team member to get users to disclose their passwords.
- B. An attacker sends TCP messages to many different ports to discover which ports are open.
- C. An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.
- D. An attacker checks a user's password by using trying millions of potential passwords.
Answer: A
NEW QUESTION 33
What is one way that WPA3-PerSonal enhances security when compared to WPA2-Personal?
- A. WPA3-Personai prevents eavesdropping on other users' wireless traffic by a user who knows the passphrase for the WLAN.
- B. WPA3-Personal is more complicated to deploy because it requires a backend authentication server
- C. WPA3-Personai is more resistant to passphrase cracking Because it requires passphrases to be at least 12 characters
- D. WPA3-Perscn3i is more secure against password leaking Because all users nave their own username and password
Answer: D
NEW QUESTION 34
What is a guideline for managing local certificates on an ArubaOS-Switch?
- A. Generate the certificate signing request (CSR) with a program offline, then, install both the certificate and the private key on the switch in a single file.
- B. Create a self-signed certificate online on the switch because ArubaOS-Switches do not support CA-signed certificates.
- C. Before installing the local certificate, create a trust anchor (TA) profile with the root CA certificate for the certificate that you will install
- D. Install an Online Certificate Status Protocol (OCSP) certificate to simplify the process of enrolling and re-enrolling for certificate
Answer: A
NEW QUESTION 35
What is a guideline for creating certificate signing requests (CSRs) and deploying server Certificates on ArubaOS Mobility Controllers (MCs)?
- A. Create the CSR and public/private keypair offline If you want to install the same certificate on multiple MCs.
- B. Create the CSR online using the MC Web Ul if your company requires you to archive the private key.
- C. if you create the CSR and public/private Keypair offline, create a matching private key online on the MC.
- D. Generate the private key online, but the public key and CSR offline, to install the same certificate on multiple MCs.
Answer: B
NEW QUESTION 36
What is a Key feature of me ArubaOS firewall?
- A. The firewall is stateful which means that n can track client sessions and automatically allow return traffic for permitted sessions
- B. The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site.
- C. The firewall is designed to fitter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments
- D. The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic.
Answer: B
NEW QUESTION 37
What is a correct guideline for the management protocols that you should use on ArubaOS-Switches?
- A. Disable Telnet and use TFTP instead.
- B. Disable Telnet and use SSH instead
- C. Disable SSH and use https instead.
- D. Disable HTTPS and use SSH instead
Answer: C
NEW QUESTION 38
Refer to the exhibit.
This Aruba Mobility Controller (MC) should authenticate managers who access the Web Ul to ClearPass Policy Manager (CPPM) ClearPass admins have asked you to use RADIUS and explained that the MC should accept managers' roles in Aruba-Admin-Role VSAs Which setting should you change to follow Aruba best security practices?
- A. Change the local user role to read-only
- B. Disable local authentication
- C. Clear the MSCHAP check box
- D. Change the default role to "guest-provisioning"
Answer: D
NEW QUESTION 39
You are troubleshooting an authentication issue for Aruba switches that enforce 802 IX10 a cluster of Aruba ClearPass Policy Manager (CPPMs) You know that CPPM Is receiving and processing the authentication requests because the Aruba switches are showing Access-Rejects in their statistics However, you cannot find the record tor the Access-Rejects in CPPM Access Tracker What is something you can do to look for the records?
- A. Go to the CPPM Event Viewer, because this is where RADIUS Access Rejects are stored.
- B. Verify that you are logged in to the CPPM Ul with read-write, not read-only, access
- C. Make sure that CPPM cluster settings are configured to show Access-Rejects
- D. Click Edit in Access viewer and make sure that the correct servers are selected.
Answer: C
NEW QUESTION 40
You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.IX authentication lo Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful.
What is a good next step for troubleshooting?
- A. Reset the user credentials
- B. Check CPPM Event viewer.
- C. Check connectivity between CPPM and a backend directory server
- D. Renew CPPM's RADIUS/EAP certificate
Answer: B
NEW QUESTION 41
You configure an ArubaOS-Switch to enforce 802.1X authentication with ClearPass Policy Manager (CPPM) denned as the RADIUS server Clients cannot authenticate You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt.
What are two possible problems that have this symptom? (Select two)
- A. users are logging in with the wrong usernames and passwords or invalid certificates.
- B. CPPM does not have a network device defined for the switch's IP address.
- C. The RADIUS shared secret does not match between the switch and CPPM.
- D. Clients are not configured to trust the root CA certificate for CPPM's RADIUS/EAP certificate.
- E. Clients are configured to use a mismatched EAP method from the one In the CPPM service.
Answer: A,D
NEW QUESTION 42
How does the ArubaOS firewall determine which rules to apply to a specific client's traffic?
- A. The firewall applies thee rules in policies associated with the client's user role.
- B. The firewall applies every rule that includes the dent's IP address as the source.
- C. The firewall applies the rules in policies associated with the client's wlan
- D. The firewall applies every rule that includes the client's IP address as the source or destination.
Answer: B
NEW QUESTION 43
What are some functions of an AruDaOS user role?
- A. The role determines which firewall policies and bandwidth contract apply to the clients traffic
- B. The role determines which control plane ACL rules apply to the client's traffic
- C. The role determines which authentication methods the user must pass to gain network access
- D. The role determines which wireless networks (SSiDs) a user is permitted to access
Answer: C
NEW QUESTION 44
Refer to the exhibit.
You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.
What Is a part of the setup on the MC?
- A. Enable the dynamic authorization setting in the "clearpass" authentication server settings.
- B. Create a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct shared secret.
- C. Install the root CA associated with the 10 5.5.5 server's certificate as a Trusted CA certificate.
- D. Configure a ClearPass username and password in the MyEmployees AAA profile.
Answer: C
NEW QUESTION 45
You need to deploy an Aruba instant AP where users can physically reach It. What are two recommended options for enhancing security for management access to the AP? (Select two )
- A. install a CA-signed certificate
- B. Place a Tamper Evident Label (TELS) over its console port
- C. Disable Its console ports
- D. Configure WPA3-Enterpnse security on the AP
- E. Disable the Web Ul.
Answer: A,B
NEW QUESTION 46
A company is deploying ArubaOS-CX switches to support 135 employees, which will tunnel client traffic to an Aruba Mobility Controller (MC) for the MC to apply firewall policies and deep packet inspection (DPI).
This MC will be dedicated to receiving traffic from the ArubaOS-CX switches.
What are the licensing requirements for the MC?
- A. one AP license per-switch
- B. one PEF license per-switch
- C. one PEF license per-switch. and one WCC license per-switch
- D. one AP license per-switch. and one PEF license per-switch
Answer: D
NEW QUESTION 47
What are the roles of 802.1X authenticators and authentication servers?
- A. The authenticator is a RADIUS client and the authentication server is a RADIUS server.
- B. The authenticator supports only EAP, while the authentication server supports only RADIUS.
- C. The authenticator makes access decisions and the server communicates them to the supplicant.
- D. The authenticator stores the user account database, while the server stores access policies.
Answer: C
NEW QUESTION 48
Refer to the exhibit.
Device A is establishing an HTTPS session with the Arubapedia web sue using Chrome. The Arubapedia web server sends the certificate shown in the exhibit What does the browser do as part of vacating the web server certificate?
- A. It uses the private key in the DigiCert SHA2 Secure Server CA to check the certificate's signature.
- B. It uses the public key in the DigCert root CA certificate to check the certificate signature
- C. It uses the private key in the Arubapedia web site's certificate to check that certificate's signature
- D. It uses the public key in the DigCen SHA2 Secure Server CA certificate to check the certificate's signature.
Answer: D
NEW QUESTION 49
Refer to the exhibit.
This company has ArubaOS-Switches. The exhibit shows one access layer switch, Swllcn-2. as an example, but the campus actually has more switches. The company wants to slop any internal users from exploiting ARP What Is the proper way to configure the switches to meet these requirements?
- A. On Switch-2, make ports connected to employee devices trusted ports for ARP protection
- B. On Swltch-2, configure static PP-to-MAC bindings for all end-user devices on the network
- C. On Switch-1, enable ARP protection globally, and enable ARP protection on ail VLANs.
- D. On Swltch-2, enable DHCP snooping globally and on VLAN 201 before enabling ARP protection
Answer: B
NEW QUESTION 50
What is one way that Control Plane Security (CPsec) enhances security for me network?
- A. It protects wireless clients' traffic tunneled between APs and Mobility Controllers, from eavesdropping
- B. It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping.
- C. It prevents access from unauthorized IP addresses to critical services, such as SSH on Mobility Controllers (MCs).
- D. It prevents Denial of Service (DoS) attacks against Mobility Controllers' (MCs") control plane.
Answer: A
NEW QUESTION 51
Which is a correct description of a stage in the Lockheed Martin kill chain?
- A. In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated.
- B. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.
- C. In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function.
- D. In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker.
Answer: A
NEW QUESTION 52
......
HP HPE6-A78 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
Passing Key To Getting HPE6-A78 Certified Exam Engine PDF: https://www.prep4sureexam.com/HPE6-A78-dumps-torrent.html
HPE6-A78 Exam Dumps Pass with Updated Tests Dumps: https://drive.google.com/open?id=1l53hHO8FzIb_w4T8TaVdCUKIE3-oIoTZ