HP HPE6-A78 Exam Practice Test Instant Access

Question 1

You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs?

AAdd the '-C and *-c port-access' options to the 'show logging' command.

BConfigure a logging Tiller for the 'port-access' category, and apply that filter globally.

CEnable debugging for 'portaccess' to move the relevant logs to a buffer.

DSpecify a logging facility that selects for 'port-access' messages.

Answer : A

Question 2

What is one way that WPA3-PerSonal enhances security when compared to WPA2-Personal?

AWPA3-Perscn3i is more secure against password leaking Because all users nave their own username and password

BWPA3-Personai prevents eavesdropping on other users' wireless traffic by a user who knows the passphrase for the WLAN.

CWPA3-Personai is more resistant to passphrase cracking Because it requires passphrases to be at least 12 characters

DWPA3-Personal is more complicated to deploy because it requires a backend authentication server

Answer : A

Question 3

Refer to the exhibit, which shows the current network topology.

You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the forwarding mode and Implements WPA3-Enterprise security

What is a guideline for setting up the vlan for wireless devices connected to the WLAN?

AAssign the WLAN to a single new VLAN which is dedicated to wireless users

BUse wireless user roles to assign the devices to different VLANs in the 100-150 range

CAssign the WLAN to a named VLAN which specified 100-150 as the range of IDs.

DUse wireless user roles to assign the devices to a range of new vlan IDs.

Answer : B

Question 4

What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?

AEAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake.

BEAP-TLS requires the supplicant to authenticate with a certificate, hut PEAP allows the supplicant to use a username and password.

CEAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process

DEAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption.

Answer : B

Question 5

You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure management access to the ArubaOS Web UP

AAvoid using external manager authentication tor the Web UI.

BChange the default 4343 port tor the web UI to TCP 443.

CInstall a CA-signed certificate to use for the Web UI server certificate.

DMake sure to enable HTTPS for the Web UI and select the self-signed certificate Installed in the factory.

Answer : C

Question 6

Refer to the exhibit.

A diem is connected to an ArubaOS Mobility Controller. The exhibit snows all Tour firewall rules that apply to this diem

What correctly describes how the controller treats HTTPS packets to these two IP addresses, both of which are on the other side of the firewall

10.1 10.10

203.0.13.5

AIt drops both of the packets

BIt permits the packet to 10.1.10.10 and drops the packet to 203 0.13.5

Cit permits both of the packets

DIt drops the packet to 10.1.10.10 and permits the packet to 203.0.13.5.

Answer : C

Question 7

Answer: What is a use case for tunneling traffic between an Aruba switch and an AruDa Mobility Controller (MC)?

Aapplying firewall policies and deep packet inspection to wired clients

Benhancing the security of communications from the access layer to the core with data encryption

Csecuring the network infrastructure control plane by creating a virtual out-of-band-management network

Dsimplifying network infrastructure management by using the MC to push configurations to the switches

Answer : A

HPE6-A78 Aruba Certified Network Security Associate Exam Practice Test