1. Home
  2. HP
  3. HPE6-A78

HP HPE6-A78 Online Practice Questions and Exam Preparation

HPE6-A78 Exam Details

  • Exam Code
    :HPE6-A78
  • Exam Name
    :Aruba Certified Network Security Associate
  • Certification
    :HP Certifications
  • Vendor
    :HP
  • Total Questions
    :167 Q&As
  • Last Updated
    :May 28, 2026

HP HPE6-A78 Online Questions & Answers

  • Question 101:

    Which is an accurate description of a type of malware?

    A. Worms are usually delivered in spear-phishing attacks and require users to open and run a file.
    B. Rootkits can help hackers gain elevated access to a system and often actively conceal themselves from detection.
    C. A Trojan is any type of malware that replicates itself and spreads to other systems automatically.
    D. Malvertising can only infect a system if the user encounters the malware on an untrustworthy site.

  • Question 102:

    What is another setting that you must configure on the switch to meet these requirements?

    A. Set the aaa authentication login method for SSH to the "radius" server-group (with local as backup).
    B. Configure a CPPM username and password that match a CPPM admin account.
    C. Create port-access roles with the same names of the roles that CPPM will send in Aruba-Admin-Role VSAs.
    D. Disable SSH on the default VRF and enable it on the mgmt VRF instead.

  • Question 103:

    An ArubaOS-CX switch enforces 802.1X on a port. No fan-through options or port-access roles are configured on the port The 802 1X supplicant on a connected client has not yet completed authentication Which type of traffic does the authenticator accept from the client?

    A. EAP only
    B. DHCP, DNS and RADIUS only
    C. RADIUS only
    D. DHCP, DNS, and EAP only

  • Question 104:

    What is a difference between passive and active endpoint classification?

    A. Passive classification refers exclusively to MAC OUI-based classification, while active classification refers to any other classification method.
    B. Passive classification classifies endpoints based on entries in dictionaries, while active classification uses admin-defined rules to classify endpoints.
    C. Passive classification is only suitable for profiling endpoints in small business environments, while enterprises should use active classification exclusively.
    D. Passive classification analyzes traffic that endpoints send as part of their normal functions; active classification involves sending requests to endpoints.

  • Question 105:

    A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. The company is contemplating the use of ClearPass's TCP fingerprinting capabilities.

    What is a consideration for using those capabilities?

    A. ClearPass admins will need to provide the credentials of an API admin account to configure on Aruba devices.
    B. You will need to mirror traffic to one of CPPM's span ports from a device such as a core routing switch.
    C. ArubaOS-CX switches do not offer the support necessary for CPPM to use TCP fingerprinting on wired endpoints.
    D. TCP fingerprinting of wireless endpoints requires a third-party Mobility Device Management (MDM) solution.

  • Question 106:

    A client is connected to a Mobility Controller (MC). These firewall rules apply to this client's role: ipv4 any any svc-dhcp permit ipv4 user 10.5.5.20 svc-dns permit ipv4 user 10.1.5.0 255.255.255.0 https permit ipv4 user 10.1.0.0 255.255.0.0 https deny_opt ipv4 user any any permit What correctly describes how the controller treats HTTPS packets to these two IP addresses, both of which are on the other side of the firewall:

    10.1.20.1

    10.5.5.20

    A. Both packets are denied.
    B. The first packet is permitted, and the second is denied.
    C. Both packets are permitted.
    D. The first packet is denied, and the second is permitted.

  • Question 107:

    How does the AOS firewall determine which rules to apply to a specific client's traffic?

    A. The firewall applies the rules in policies associated with the client's user role.
    B. The firewall applies every rule that includes the client's IP address as the source.
    C. The firewall applies the rules in policies associated with the client's WLAN.
    D. The firewall applies every rule that includes the client's IP address as the source or destination.

  • Question 108:

    What is one of the roles of the network access server (NAS) in the AAA framework?

    A. It negotiates with each user's device to determine which EAP method is used for authentication.
    B. It determines which resources authenticated users are allowed to access and monitors each user's session.
    C. It enforces access to network services and sends accounting information to the AAA server.
    D. It authenticates legitimate users and uses policies to determine which resources each user is allowed to access.

  • Question 109:

    Which is a correct description of a stage in the Lockheed Martin kill chain?

    A. In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes its function.
    B. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.
    C. In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfiltrated.
    D. In the delivery stage, malware collects valuable data and delivers or exfiltrates it to the hacker.

  • Question 110:

    You have been instructed to look in an AOS Security Dashboard's client list. Your goal is to find clients that belong to the company and have connected to devices that might belong to hackers. Which client fits this description?

    A. MAC address: d8:50:e6:f3:6d:a4; Client Classification: Authorized; AP Classification: Suspected Rogue
    B. MAC address: d8:50:e6:f3:6e:c5; Client Classification: Interfering; AP Classification: Neighbor
    C. MAC address: d8:50:e6:f3:6e:60; Client Classification: Interfering; AP Classification: Interfering
    D. MAC address: d8:50:e6:f3:70:ab; Client Classification: Interfering; AP Classification: Suspected Rogue

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HPE6-A78 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.