March Sale Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

HP HPE6-A78 Aruba Certified Network Security Associate Exam Exam Practice Test

Page: 1 / 6
Total 60 questions

Aruba Certified Network Security Associate Exam Questions and Answers

Question 1

What is an example or phishing?

Options:

A.

An attacker sends TCP messages to many different ports to discover which ports are open.

B.

An attacker checks a user’s password by using trying millions of potential passwords.

C.

An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.

D.

An attacker sends emails posing as a service team member to get users to disclose their passwords.

Question 2

Which is a correct description of a stage in the Lockheed Martin kill chain?

Options:

A.

In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker.

B.

In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated.

C.

In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function.

D.

In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.

Question 3

What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?

Options:

A.

EAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake.

B.

EAP-TLS requires the supplicant to authenticate with a certificate, hut PEAP allows the supplicant to use a username and password.

C.

EAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process

D.

EAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption.

Question 4

Options:

Question 5

What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture?

Options:

A.

It resides in the cloud and manages licensing and configuration for Collectors

B.

It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.

C.

It resides on-prem and is responsible for running active SNMP and Nmap scans

D.

It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors

Question 6

Refer to the exhibit.

Question # 6

How can you use the thumbprint?

Options:

A.

Install this thumbprint on management stations to use as two-factor authentication along with manager usernames and passwords, this will ensure managers connect from valid stations

B.

Copy the thumbprint to other Aruba switches to establish a consistent SSH Key for all switches this will enable managers to connect to the switches securely with less effort

C.

When you first connect to the switch with SSH from a management station, make sure that the thumbprint matches to ensure that a man-in-t he-mid die (MITM) attack is not occurring

D.

install this thumbprint on management stations the stations can then authenticate with the thumbprint instead of admins having to enter usernames and passwords.

Question 7

Which correctly describes a way to deploy certificates to end-user devices?

Options:

A.

ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain

B.

ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them

C.

ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain

D.

in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates

Question 8

What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?

Options:

A.

A DDoS attack originates from external devices, while a DoS attack originates from internal devices

B.

A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device

C.

A DoS attack targets one server, a DDoS attack targets all the clients that use a server

D.

A DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device

Question 9

What is a reason to set up a packet capture on an Aruba Mobility Controller (MC)?

Options:

A.

The company wants to use ClearPass Policy Manager (CPPM) to profile devices and needs to receive HTTP User-Agent strings from the MC.

B.

The security team believes that a wireless endpoint connected to the MC is launching an attack and wants to examine the traffic more closely.

C.

You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control the traffic I based on application.

D.

You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control Web traffic based on the destination URL.

Page: 1 / 6
Total 60 questions