HP HPE6-A78 Exam Practice Test Instant Access

Question 1

What is symmetric encryption?

AIt simultaneously creates ciphertext and a same-size MAC.

BIt any form of encryption mat ensures that thee ciphertext Is the same length as the plaintext.

CIt uses the same key to encrypt plaintext as to decrypt ciphertext.

DIt uses a Key that is double the size of the message which it encrypts.

Answer : C

Question 2

Refer to the exhibit, which shows the current network topology.

You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the forwarding mode and Implements WPA3-Enterprise security

What is a guideline for setting up the vlan for wireless devices connected to the WLAN?

AAssign the WLAN to a single new VLAN which is dedicated to wireless users

BUse wireless user roles to assign the devices to different VLANs in the 100-150 range

CAssign the WLAN to a named VLAN which specified 100-150 as the range of IDs.

DUse wireless user roles to assign the devices to a range of new vlan IDs.

Answer : B

Question 3

What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?

AEAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake.

BEAP-TLS requires the supplicant to authenticate with a certificate, hut PEAP allows the supplicant to use a username and password.

CEAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process

DEAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption.

Answer : B

Question 4

You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure management access to the ArubaOS Web UP

AAvoid using external manager authentication tor the Web UI.

BChange the default 4343 port tor the web UI to TCP 443.

CInstall a CA-signed certificate to use for the Web UI server certificate.

DMake sure to enable HTTPS for the Web UI and select the self-signed certificate Installed in the factory.

Answer : C

Question 5

How should admins deal with vulnerabilities that they find in their systems?

AThey should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.

BThey should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).

CThey should classify the vulnerability as malware. a DoS attack or a phishing attack.

DThey should notify the security team as soon as possible that the network has already been breached.

Answer : A

Question 6

You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers' certificates and tell the MC the managers' correct rote

in addition to enabling certificate authentication. what is a step that you should complete on the MC?

AVerify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM

Binstall all of the managers' certificates on the MC as OCSP Responder certificates

CVerify that the MC trusts CPPM's HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC

DCreate a local admin account mat uses certificates in the account, specify the correct trusted CA certificate and external authentication

Answer : A

Question 7

What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?

AA DDoS attack originates from external devices, while a DoS attack originates from internal devices

BA DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device

CA DoS attack targets one server, a DDoS attack targets all the clients that use a server

DA DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device

Answer : A

HPE6-A78 Aruba Certified Network Security Associate Exam Practice Test