[Q31-Q55] Attested HPE6-A78 Dumps PDF Resource [2022]

Attested HPE6-A78 Dumps PDF Resource [2022]

Latest HPE6-A78 Actual Free Exam Questions Updated 62 Questions

NEW QUESTION 31
Refer to the exhibit.

This company has ArubaOS-Switches. The exhibit shows one access layer switch, Swllcn-2. as an example, but the campus actually has more switches. The company wants to slop any internal users from exploiting ARP What Is the proper way to configure the switches to meet these requirements?

A. On Swltch-2, configure static PP-to-MAC bindings for all end-user devices on the network
B. On Switch-1, enable ARP protection globally, and enable ARP protection on ail VLANs.
C. On Swltch-2, enable DHCP snooping globally and on VLAN 201 before enabling ARP protection
D. On Switch-2, make ports connected to employee devices trusted ports for ARP protection

Answer: A

NEW QUESTION 32
Which is a correct description of a stage in the Lockheed Martin kill chain?

A. In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated.
B. In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker.
C. In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function.
D. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.

Answer: A

NEW QUESTION 33
Refer to the exhibit.

Device A is establishing an HTTPS session with the Arubapedia web sue using Chrome. The Arubapedia web server sends the certificate shown in the exhibit What does the browser do as part of vacating the web server certificate?

A. It uses the public key in the DigCen SHA2 Secure Server CA certificate to check the certificate's signature.
B. It uses the public key in the DigCert root CA certificate to check the certificate signature
C. It uses the private key in the DigiCert SHA2 Secure Server CA to check the certificate's signature.
D. It uses the private key in the Arubapedia web site's certificate to check that certificate's signature

Answer: A

NEW QUESTION 34
What is a benefit of Opportunistic Wireless Encryption (OWE)?

A. It offers more control over who can connect to the wireless network when compared with WPA2-Personal
B. It allows anyone lo connect, but provides better protection against eavesdropping than a traditional open network
C. It allows both WPA2-capabie and WPA3-capable clients to authenticate to the same WPA-Personal WLAN
D. It provides protection for wireless clients against both honeypot APs and man-in-the-middle (MUM) attacks

Answer: B

NEW QUESTION 35
Refer to the exhibit.

This Aruba Mobility Controller (MC) should authenticate managers who access the Web Ul to ClearPass Policy Manager (CPPM) ClearPass admins have asked you to use RADIUS and explained that the MC should accept managers' roles in Aruba-Admin-Role VSAs Which setting should you change to follow Aruba best security practices?

A. Change the default role to "guest-provisioning"
B. Disable local authentication
C. Change the local user role to read-only
D. Clear the MSCHAP check box

Answer: A

NEW QUESTION 36
You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs?

A. Add the "-C and *-c port-access" options to the "show logging" command.
B. Enable debugging for "portaccess" to move the relevant logs to a buffer.
C. Specify a logging facility that selects for "port-access" messages.
D. Configure a logging Tiller for the "port-access" category, and apply that filter globally.

Answer: A

NEW QUESTION 37
What is a difference between radius and TACACS+?

A. RADIUS combines the authentication and authorization process while TACACS+ separates them.
B. RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them.
C. RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption.
D. RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol.

Answer: A

NEW QUESTION 38
Your ArubaoS solution has detected a rogue AP with Wireless intrusion Prevention (WIP). Which information about the detected radio can best help you to locate the rogue device?

A. the match method
B. the confidence level
C. the detecting devices
D. the match type

Answer: A

NEW QUESTION 39
Which correctly describes a way to deploy certificates to end-user devices?

A. ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them
B. ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
C. ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
D. in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates

Answer: B

NEW QUESTION 40
What is a use case for tunneling traffic between an Aruba switch and an AruDa Mobility Controller (MC)?

A. securing the network infrastructure control plane by creating a virtual out-of-band-management network
B. simplifying network infrastructure management by using the MC to push configurations to the switches
C. enhancing the security of communications from the access layer to the core with data encryption
D. applying firewall policies and deep packet inspection to wired clients

Answer: D

NEW QUESTION 41
You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers' certificates and tell the MC the managers' correct rote in addition to enabling certificate authentication. what is a step that you should complete on the MC?

A. Verify that the MC trusts CPPM's HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC
B. Verify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM
C. install all of the managers' certificates on the MC as OCSP Responder certificates
D. Create a local admin account mat uses certificates in the account, specify the correct trusted CA certificate and external authentication

Answer: B

NEW QUESTION 42
Refer to the exhibit.

You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find the error shown In the exhibit in the CPPM Event Viewer.
What should you check?

A. that the snared secret configured for the CPPM authentication server matches the one defined for the device on CPPM
B. that the MC has valid admin credentials configured on it for logging into the CPPM
C. that the MC has been added as a domain machine on the Active Directory domain with which CPPM is synchronized
D. that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM

Answer: D

NEW QUESTION 43
What correctly describes the Pairwise Master Key (PMK) in thee specified wireless security protocol?

A. In WPA3-Personal, the PMK is the same for each session and is communicated to clients that authenticate
B. In WPA3-Enterprise, the PMK is unique per session and derived using Simultaneous Authentication of Equals.
C. In WPA3-Personal, the PMK is derived directly from the passphrase and is the same tor every session.
D. In WPA3-Personal, the PMK is unique per session and derived using Simultaneous Authentication of Equals.

Answer: B

NEW QUESTION 44
What is a benefit of deploying Aruba ClearPass Device insight?

A. Agent-based analysts of devices' security settings and health status, with the ability to implement quarantining
B. visibility into devices' 802.1X supplicant settings and automated certificate deployment
C. Simpler troubleshooting of ClearPass solutions across an environment with multiple ClearPass Policy Managers
D. Highly accurate endpoint classification for environments with many devices types, including Internet of Things (loT)

Answer: B

NEW QUESTION 45
What is one way that WPA3-PerSonal enhances security when compared to WPA2-Personal?

A. WPA3-Personal is more complicated to deploy because it requires a backend authentication server
B. WPA3-Personai prevents eavesdropping on other users' wireless traffic by a user who knows the passphrase for the WLAN.
C. WPA3-Personai is more resistant to passphrase cracking Because it requires passphrases to be at least 12 characters
D. WPA3-Perscn3i is more secure against password leaking Because all users nave their own username and password

Answer: D

NEW QUESTION 46
You have been instructed to look in the ArubaOS Security Dashboard's client list Your goal is to find clients mat belong to the company and have connected to devices that might belong to hackers Which client fits this description?

A. MAC address d8:50:e6:f3;6d;a4; Client Classification Authorized; AP Classification, interfering
B. MAC address d8:50:e6:f3;6e;60; Client Classification Interfering. AP Classification Interfering
C. MAC address d8:50:e6 f3;6e;c5; Client Classification Interfering. AP Classification Neighbor
D. MAC address d8:50:e6:f3;TO;ab; Client Classification Interfering. AP Classification Rogue

Answer: B

NEW QUESTION 47
What is an example or phishing?

A. An attacker sends TCP messages to many different ports to discover which ports are open.
B. An attacker checks a user's password by using trying millions of potential passwords.
C. An attacker sends emails posing as a service team member to get users to disclose their passwords.
D. An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.

Answer: C

NEW QUESTION 48
What are the roles of 802.1X authenticators and authentication servers?

A. The authenticator stores the user account database, while the server stores access policies.
B. The authenticator supports only EAP, while the authentication server supports only RADIUS.
C. The authenticator makes access decisions and the server communicates them to the supplicant.
D. The authenticator is a RADIUS client and the authentication server is a RADIUS server.

Answer: C

NEW QUESTION 49
What is a Key feature of me ArubaOS firewall?

A. The firewall is designed to fitter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments
B. The firewall is stateful which means that n can track client sessions and automatically allow return traffic for permitted sessions
C. The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site.
D. The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic.

Answer: C

NEW QUESTION 50
Which attack is an example or social engineering?

A. A hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials.
B. An attack exploits an operating system vulnerability and locks out users until they pay the ransom.
C. A user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network.
D. An email Is used to impersonate a Dank and trick users into entering their bank login information on a fake website page.

Answer: D

NEW QUESTION 51
What is a guideline for managing local certificates on an ArubaOS-Switch?

A. Install an Online Certificate Status Protocol (OCSP) certificate to simplify the process of enrolling and re-enrolling for certificate
B. Create a self-signed certificate online on the switch because ArubaOS-Switches do not support CA-signed certificates.
C. Generate the certificate signing request (CSR) with a program offline, then, install both the certificate and the private key on the switch in a single file.
D. Before installing the local certificate, create a trust anchor (TA) profile with the root CA certificate for the certificate that you will install

Answer: C

NEW QUESTION 52
What is a benefit or Protected Management Frames (PMF). sometimes called Management Frame Protection (MFP)?

A. PMF ensures trial traffic between APs and Mobility Controllers (MCs) is encrypted.
B. PMF protects clients from DoS attacks based on forged de-authentication frames
C. PMF helps to protect APs and MCs from unauthorized management access by hackers.
D. PMF prevents hackers from capturing the traffic between APs and Mobility Controllers.

Answer: C

NEW QUESTION 53
An ArubaOS-CX switch enforces 802.1X on a port. No fan-through options or port-access roles are configured on the port The 802 1X supplicant on a connected client has not yet completed authentication Which type of traffic does the authenticator accept from the client?

A. RADIUS only
B. DHCP, DNS and RADIUS only
C. DHCP, DNS, and EAP only
D. EAP only

Answer: D

NEW QUESTION 54
What is one of the roles of the network access server (NAS) in the AAA framewonx?

A. It determines which resources authenticated users are allowed to access and monitors each users session
B. It enforces access to network services and sends accounting information to the AAA server
C. It negotiates with each user's device to determine which EAP method is used for authentication
D. It authenticates legitimate users and uses policies to determine which resources each user is allowed to access.

Answer: D

NEW QUESTION 55
......

HPE6-A78 Certification Overview Latest HPE6-A78 PDF Dumps: https://www.fast2test.com/HPE6-A78-premium-file.html

Free HPE6-A78 Exam Braindumps certification guide Q&A: https://drive.google.com/open?id=1ig48NdA2INhxO8YtXvZcWyd53aBFKWAP