HPE6-A78 Aruba Certified Network Security Associate Exam exam is a hot HP certification exam, Exam4Training offers you the latest free online HPE6-A78 dumps to practice. You can get online training in the following questions, all these questions are verified by HP experts. If this exam changed, we will share new update questions.
What is symmetric encryption?
A . It simultaneously creates ciphertext and a same-size MA
C . It any form of encryption mat ensures that thee ciphertext Is the same length as the plaintext.
D . It uses the same key to encrypt plaintext as to decrypt ciphertext.
E . It uses a Key that is double the size of the message which it encrypts.
Answer: C
What is one of the roles of the network access server (NAS) in the AAA framewonx?
A . It authenticates legitimate users and uses policies to determine which resources each user is allowed to access.
B . It negotiates with each user’s device to determine which EAP method is used for authentication
C . It enforces access to network services and sends accounting information to the AAA server
D . It determines which resources authenticated users are allowed to access and monitors each users session
Answer: A
You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs.
What is one approach that you can take to find the relevant logs?
A . Add the "-C and *-c port-access" options to the "show logging" command.
B . Configure a logging Tiller for the "port-access" category, and apply that filter globally.
C . Enable debugging for "portaccess" to move the relevant logs to a buffer.
D . Specify a logging facility that selects for "port-access" messages.
Answer: A
Your Aruba Mobility Master-based solution has detected a rogue AP Among other information the ArubaOS Detected Radios page lists this Information for the AP
SSID = PubllcWiFI
BSSID = a8M27 12 34:56
Match method = Exact match
Match type = Eth-GW-wired-Mac-Table
The security team asks you to explain why this AP is classified as a rogue .
What should you explain?
A . The AP Is connected to your LAN because It is transmitting wireless traffic with your network’s default gateway’s MAC address as a source MAC Because it does not belong to the company, it is a rogue
B . The ap has a BSSID mat matches authorized client MAC addresses. This indicates that the AP is spoofing the MAC address to gam unauthorized access to your company’s
wireless services, so It is a rogue
C . The AP has been detected as launching a DoS attack against your company’s default gateway. This qualities it as a rogue which needs to be contained with wireless association frames immediately
D . The AP is spoofing a routers MAC address as its BSSI
E . This indicates mat, even though WIP cannot determine whether the AP is connected to your LA
F . it is a rogue.
Answer: D
What is a benefit or using network aliases in ArubaOS firewall policies?
A . You can associate a reputation score with the network alias to create rules that filler traffic based on reputation rather than I
C . You can use the aliases to translate client IP addresses to other IP addresses on the other side of the firewall
D . You can adjust the IP addresses in the aliases, and the rules using those aliases automatically update
E . You can use the aliases to conceal the true IP addresses of servers from potentially untrusted clients.
Answer: A
Refer to the exhibit.
You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find the error shown In the exhibit in the CPPM Event Viewer.
What should you check?
A . that the MC has been added as a domain machine on the Active Directory domain with which CPPM is synchronized
B . that the snared secret configured for the CPPM authentication server matches the one defined for the device on CPPM
C . that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM
D . that the MC has valid admin credentials configured on it for logging into the CPPM
Answer: C
You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers’ certificates and tell the MC the managers’ correct rote in addition to enabling certificate authentication.
What is a step that you should complete on the MC?
A . Verify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM
B . install all of the managers’ certificates on the MC as OCSP Responder certificates
C . Verify that the MC trusts CPPM’s HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC
D . Create a local admin account mat uses certificates in the account, specify the correct trusted CA certificate and external authentication
Answer: A
You need to deploy an Aruba instant AP where users can physically reach It .
What are two recommended options for enhancing security for management access to the AP? (Select two)
A . Disable Its console ports
B . Place a Tamper Evident Label (TELS) over its console port
C . Disable the Web Ul.
D . Configure WPA3-Enterpnse security on the AP
E . install a CA-signed certificate
Answer: B,E
Refer to the exhibit.
You need to ensure that only management stations in subnet 192.168.1.0/24 can access the ArubaOS-Switches’ CLI. Web Ul. and REST interfaces. The company also wants to let managers use these stations to access other parts of the network.
What should you do?
A . Establish a Control Plane Policing class that selects traffic from 192.168 1.0/24.
B . Specify 192.168.1.0.255.255.255.0 as authorized IP manager address
C . Configure the switch to listen for these protocols on OOBM only.
D . Specify vlan 100 as the management vlan for the switches.
Answer: A
What is a Key feature of me ArubaOS firewall?
A . The firewall is stateful which means that n can track client sessions and automatically allow return traffic for permitted sessions
B . The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site.
C . The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic.
D . The firewall is designed to fitter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments
Answer: B