New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

HPE6-A78 Questions Bank

Page: 5 / 7
Question 20

A company has an ArubaOS solution. The company wants to prevent users assigned to the "user_group1" role from using gaming and peer-to-peer applications.

What is the recommended approach for these requirements?

Options:

A.

Make sure DPI is enabled, and add application rules that deny gaming and peer-to-peer applications to the "user_groupr role.

B.

Create ALGs for the gaming and peer-to-peer applications, and deny the "user_group1" role on the ALGs.

C.

Add access control rules to the "user_group1" role, which deny HTTP/HTTPS traffic to IP addresses associated with gaming and peer-to-peer applications.

D.

Create service aliases for the TCP ports associated with gaming and peer-to-per applications, and use those aliases in access control rules for the "user_group" rules.

Question 21

Why might devices use a Diffie-Hellman exchange?

Options:

A.

to agree on a shared secret in a secure manner over an insecure network

B.

to obtain a digital certificate signed by a trusted Certification Authority

C.

to prove knowledge of a passphrase without transmitting the passphrase

D.

to signal that they want to use asymmetric encryption for future communications

Question 22

What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?

Options:

A.

A DDoS attack originates from external devices, while a DoS attack originates from internal devices

B.

A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device

C.

A DoS attack targets one server, a DDoS attack targets all the clients that use a server

D.

A DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device

Question 23

A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-Switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. This company is using only CPPM and no other ClearPass solutions.

The ClearPass admins tell you that they want to use HTTP User-Agent strings to help classify endpoints.

What should you do as a part of configuring the ArubaOS-Switches to support this requirement?

Options:

A.

Create a device fingerprinting policy that includes HTTP, and apply the policy to edge ports.

B.

Create remote mirrors that collect traffic on edge ports, and mirror it to CPPM's IP address.

C.

Configure CPPM as the sFlow collector, and make sure that sFlow is enabled on edge ports.

D.

Connect the switches to CPPM's span ports, and set up mirroring of HTTP traffic on the switches.

Page: 5 / 7
Exam Code: HPE6-A78
Exam Name: Aruba Certified Network Security Associate Exam
Last Update: Dec 22, 2024
Questions: 106
HPE6-A78 pdf

HPE6-A78 PDF

$25.5  $84.99
HPE6-A78 Engine

HPE6-A78 Testing Engine

$28.5  $94.99
HPE6-A78 PDF + Engine

HPE6-A78 PDF + Testing Engine

$40.5  $134.99