New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Aruba-ACNSA Changed HPE6-A78 Questions

Page: 4 / 7
Question 16

Refer to the exhibit.

You need to ensure that only management stations in subnet 192.168.1.0/24 can access the ArubaOS-Switches' CLI. Web Ul. and REST interfaces The company also wants to let managers use these stations to access other parts of the network What should you do?

Options:

A.

Establish a Control Plane Policing class that selects traffic from 192.168 1.0/24.

B.

Specify 192.168.1.0.255.255.255.0 as authorized IP manager address

C.

Configure the switch to listen for these protocols on OOBM only.

D.

Specify vlan 100 as the management vlan for the switches.

Question 17

A company has Aruba Mobility Controllers (MCs). Aruba campus APs. and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type The ClearPass admins tell you that they want to run Network scans as part of the solution

What should you do to configure the infrastructure to support the scans?

Options:

A.

Create a TA profile on the ArubaOS-Switches with the root CA certificate for ClearPass's HTTPS certificate

B.

Create device fingerprinting profiles on the ArubaOS-Switches that include SNMP. and apply the profiles to edge ports

C.

Create remote mirrors on the ArubaOS-Swrtches that collect traffic on edge ports, and mirror it to CPPM's IP address.

D.

Create SNMPv3 users on ArubaOS-CX switches, and make sure that the credentials match those configured on CPPM

Question 18

Refer to the exhibit.

You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.

What Is a part of the setup on the MC?

Options:

A.

Create a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct shared secret.

B.

Install the root CA associated with the 10 5.5.5 server's certificate as a Trusted CA certificate.

C.

Configure a ClearPass username and password in the MyEmployees AAA profile.

D.

Enable the dynamic authorization setting in the "clearpass" authentication server settings.

Question 19

You have detected a Rogue AP using the Security Dashboard Which two actions should you take in responding to this event? (Select two)

Options:

A.

There is no need to locale the AP If you manually contain It.

B.

This is a serious security event, so you should always contain the AP immediately regardless of your company's specific policies.

C.

You should receive permission before containing an AP. as this action could have legal Implications.

D.

For forensic purposes, you should copy out logs with relevant information, such as the time mat the AP was detected and the AP's MAC address.

E.

There is no need to locate the AP If the Aruba solution is properly configured to automatically contain it.

Page: 4 / 7
Exam Code: HPE6-A78
Exam Name: Aruba Certified Network Security Associate Exam
Last Update: Dec 22, 2024
Questions: 106
HPE6-A78 pdf

HPE6-A78 PDF

$25.5  $84.99
HPE6-A78 Engine

HPE6-A78 Testing Engine

$28.5  $94.99
HPE6-A78 PDF + Engine

HPE6-A78 PDF + Testing Engine

$40.5  $134.99