HP HPE6-A78 Aruba Certified Network Security Associate Exam Online Training
HP HPE6-A78 Online Training
The questions for HPE6-A78 were last updated at Nov 12,2024.
- Exam Code: HPE6-A78
- Exam Name: Aruba Certified Network Security Associate Exam
- Certification Provider: HP
- Latest update: Nov 12,2024
What is a Key feature of me ArubaOS firewall?
- A . The firewall is stateful which means that n can track client sessions and automatically allow return traffic for permitted sessions
- B . The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site.
- C . The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic.
- D . The firewall is designed to fitter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments
What is a benefit or using network aliases in ArubaOS firewall policies?
- A . You can associate a reputation score with the network alias to create rules that filler traffic based on reputation rather than IP.
- B . You can use the aliases to translate client IP addresses to other IP addresses on the other side of the firewall
- C . You can adjust the IP addresses in the aliases, and the rules using those aliases automatically update
- D . You can use the aliases to conceal the true IP addresses of servers from potentially untrusted clients.
What is a guideline for creating certificate signing requests (CSRs) and deploying server Certificates on ArubaOS Mobility Controllers (MCs)?
- A . Create the CSR online using the MC Web Ul if your company requires you to archive the private key.
- B . if you create the CSR and public/private Keypair offline, create a matching private key online on the MC.
- C . Create the CSR and public/private keypair offline If you want to install the same certificate on multiple MCs.
- D . Generate the private key online, but the public key and CSR offline, to install the same certificate on multiple MCs.
You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers’ certificates and tell the MC the managers’ correct rote in addition to enabling certificate authentication.
What is a step that you should complete on the MC?
- A . Verify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM
- B . install all of the managers’ certificates on the MC as OCSP Responder certificates
- C . Verify that the MC trusts CPPM’s HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC
- D . Create a local admin account mat uses certificates in the account, specify the correct trusted CA certificate and external authentication
What is a guideline for managing local certificates on an ArubaOS-Switch?
- A . Before installing the local certificate, create a trust anchor (TA) profile with the root CA certificate for the certificate that you will install
- B . Install an Online Certificate Status Protocol (OCSP) certificate to simplify the process of
enrolling and re-enrolling for certificate - C . Generate the certificate signing request (CSR) with a program offline, then, install both the certificate and the private key on the switch in a single file.
- D . Create a self-signed certificate online on the switch because ArubaOS-Switches do not support CA-signed certificates.
You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.IX authentication lo Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful.
What is a good next step for troubleshooting?
- A . Renew CPPM’s RADIUS/EAP certificate
- B . Reset the user credentials
- C . Check CPPM Event viewer.
- D . Check connectivity between CPPM and a backend directory server
What is a benefit of Opportunistic Wireless Encryption (OWE)?
- A . It allows both WPA2-capabie and WPA3-capable clients to authenticate to the same WPA-Personal WLAN
- B . It offers more control over who can connect to the wireless network when compared with WPA2-Personal
- C . It allows anyone lo connect, but provides better protection against eavesdropping than a traditional open network
- D . It provides protection for wireless clients against both honeypot APs and man-in-the-middle (MUM) attacks
Refer to the exhibit.
How can you use the thumbprint?
- A . Install this thumbprint on management stations to use as two-factor authentication along with manager usernames and passwords, this will ensure managers connect from valid stations
- B . Copy the thumbprint to other Aruba switches to establish a consistent SSH Key for all switches this will enable managers to connect to the switches securely with less effort
- C . When you first connect to the switch with SSH from a management station, make sure that the thumbprint matches to ensure that a man-in-t he-mid die (MITM) attack is not occurring
- D . install this thumbprint on management stations the stations can then authenticate with the thumbprint instead of admins having to enter usernames and passwords.
You need to deploy an Aruba instant AP where users can physically reach It .
What are two recommended options for enhancing security for management access to the AP? (Select two)
- A . Disable Its console ports
- B . Place a Tamper Evident Label (TELS) over its console port
- C . Disable the Web Ul.
- D . Configure WPA3-Enterpnse security on the AP
- E . install a CA-signed certificate
Refer to the exhibit.
You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find the error shown In the exhibit in the CPPM Event Viewer.
What should you check?
- A . that the MC has been added as a domain machine on the Active Directory domain with which CPPM is synchronized
- B . that the snared secret configured for the CPPM authentication server matches the one defined for the device on CPPM
- C . that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM
- D . that the MC has valid admin credentials configured on it for logging into the CPPM
Latest HPE6-A78 Dumps Valid Version with 60 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
