HP HPE6-A78 Online Practice Questions and Exam Preparation

HP HPE6-A78 Online Questions & Answers

• Question 81:

  What is one of the policies that a company should define for digital forensics?

  A. which data should be routinely logged, where logs should be forwarded, and which logs should be archived
  B. what are the first steps that a company can take to implement micro-segmentation in their environment
  C. to which resources should various users be allowed access, based on their identity and the identity of their clients
  D. which type of EAP method is most secure for authenticating wired and wireless users with 802.1
  A. which data should be routinely logged, where logs should be forwarded, and which logs should be archived

• Question 82:

  What is symmetric encryption?

  A. It simultaneously creates ciphertext and a same-size MAC.
  B. It any form of encryption mat ensures that thee ciphertext Is the same length as the plaintext.
  C. It uses the same key to encrypt plaintext as to decrypt ciphertext.
  D. It uses a Key that is double the size of the message which it encrypts.
  C. It uses the same key to encrypt plaintext as to decrypt ciphertext.

• Question 83:

  Refer to the exhibit.

  

  You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find the error shown In the exhibit in the CPPM Event Viewer.

  What should you check?

  A. that the MC has been added as a domain machine on the Active Directory domain with which CPPM is synchronized
  B. that the snared secret configured for the CPPM authentication server matches the one defined for the device on CPPM
  C. that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM
  D. that the MC has valid admin credentials configured on it for logging into the CPPM
  C. that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM

• Question 84:

  Refer to the exhibit.

  

  Device A is establishing an HTTPS session with the Arubapedia web sue using Chrome. The Arubapedia web server sends the certificate shown in the exhibit What does the browser do as part of vacating the web server certificate?

  A. It uses the public key in the DigCen SHA2 Secure Server CA certificate to check the certificate's signature.
  B. It uses the public key in the DigCert root CA certificate to check the certificate signature
  C. It uses the private key in the DigiCert SHA2 Secure Server CA to check the certificate's signature.
  D. It uses the private key in the Arubapedia web site's certificate to check that certificate's signature
  A. It uses the public key in the DigCen SHA2 Secure Server CA certificate to check the certificate's signature.

• Question 85:

  Which attack is an example of social engineering?

  A. An email is used to impersonate a bank and trick users into entering their bank login information on a fake website page.
  B. An attack exploits an operating system vulnerability and locks out users until they pay the ransom.
  C. A hacker eavesdrops on insecure communications, such as Remote Desktop Protocol (RDP), and discovers login credentials.
  D. A user visits a website and downloads a file that contains a worm, which self-replicates throughout the network.
  A. An email is used to impersonate a bank and trick users into entering their bank login information on a fake website page.

• Question 86:

  A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user's Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has tailed for the user. The Mobility Controllers (MC's) RADIUS events show that it is receiving Access-Rejects for the authentication attempt.

  What is one place that you can you look for deeper insight into why this authentication attempt is failing?

  A. the reports generated by Aruba ClearPass Insight
  B. the RADIUS events within the CPPM Event Viewer
  C. the Alerts tab in the authentication record in CPPM Access Tracker
  D. the packets captured on the MC control plane destined to UDP 1812
  B. the RADIUS events within the CPPM Event Viewer

• Question 87:

  A company has AOS-CX switches deployed in a two-tier topology that uses OSPF routing at the core.

  You need to prevent ARP poisoning attacks. To meet this need, what is one technology that you could apply to user VLANs on access layer switches? (Select two.)

  A. ARP inspection
  B. OSPF passive interface
  C. BPDU guard (protection)
  D. DHCPv4 snooping
  E. BPDU filtering
  A. ARP inspection
  D. DHCPv4 snooping

• Question 88:

  You have a network with ArubaOS-Switches for which Aruba ClearPass Policy Manager (CPPM) is acting as a TACACS+ server to authenticate managers. CPPM assigns the admins a TACACS+ privilege level, either manager or operator. You are now adding ArubaOS-CX switches to the network. ClearPass admins want to use the same CPPM service and policies to authenticate managers on the new switches.

  What should you explain?

  A. This approach cannot work because the ArubaOS-CX switches do not accept standard TACACS+ privilege levels.
  B. This approach cannot work because the ArubaOS-CX switches do not support TACACS+.
  C. This approach will work, but will need to be adjusted later if you want to assign managers to the default auditors group.
  D. This approach will work to assign admins to the default "administrators" group, but not to the default "operators" group.
  D. This approach will work to assign admins to the default "administrators" group, but not to the default "operators" group.

• Question 89:

  What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?

  A. A DDoS attack originates from external devices, while a DoS attack originates from internal devices
  B. A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device
  C. A DoS attack targets one server, a DDoS attack targets all the clients that use a server
  D. A DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device
  B. A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device

• Question 90:

  A user attempts to connect to an SSID configured on an AOS-8 mobility architecture with Mobility Controllers (MCs) and APs. The SSID enforces WPA3-Enterprise security and uses HPE Aruba Networking ClearPass Policy Manager (CPPM)

  as the authentication server. The WLAN has initial role, logon, and 802.1X default role, guest.

  A user attempts to connect to the SSID, and CPPM sends an Access-Accept with an Aruba-User-Role VSA of "contractor," which exists on the MC.

  What does the MC do?

  A. Applies the rules in the logon role, then guest role, and the contractor role
  B. Applies the rules in the contractor role
  C. Applies the rules in the contractor role and the logon role
  D. Applies the rules in the contractor role and guest role
  B. Applies the rules in the contractor role