New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

HPE6-A84 Exam Dumps - HP ACA - Network Security Questions and Answers

Page: 1 / 4
Questions 4

A customer has an AOS 10-based mobility solution, which authenticates clients to Aruba ClearPass Policy Manager (CPPM). The customer has some wireless devices that support WPA2 in personal mode only.

How can you meet these devices’ needs but improve security?

Options:

A.

Use MPSK on the WLAN to which the devices connect.

B.

Configure WIDS policies that apply extra monitoring to these particular devices.

C.

Connect these devices to the same WLAN to which 802.1X-capable clients connect, using MAC-Auth fallback.

D.

Enable dynamic authorization (RFC 3576) in the AAA profile for the devices.

Buy Now
Questions 5

Refer to the exhibit.

A customer requires protection against ARP poisoning in VLAN 4. Below are listed all settings for VLAN 4 and the VLAN 4 associated physical interfaces on the AOS-CX access layer switch:

What is one issue with this configuration?

Options:

A.

ARP proxy is not enabled on VLAN 4.

B.

LAG 1 is configured as trusted for ARP inspection but should be untrusted.

C.

DHCP snooping is not enabled on VLAN 4.

D.

Edge ports are not configured as untrusted for ARP inspection.

Buy Now
Questions 6

Refer to the exhibit.

Which IP address should you record as a possibly compromised client?

Options:

A.

10.1.26.151

B.

10.1J.100

C.

10.1.26.1

D.

10.254.1.21

Buy Now
Questions 7

Refer to the scenario.

An organization wants the AOS-CX switch to trigger an alert if its RADIUS server (cp.acnsxtest.local) rejects an unusual number of client authentication requests per hour. After some discussions with other Aruba admins, you are still not sure how many rejections are usual or unusual. You expect that the value could be different on each switch.

You are helping the developer understand how to develop an NAE script for this use case.

You are helping a customer define an NAE script for AOS-CX switches. The script will monitor statistics from a RADIUS server defined on the switch. You want to future proof the script by enabling admins to select a different hostname or IP address for the monitored RADIUS server when they create an agent from the script.

What should you recommend?

Options:

A.

Use this variable, %{radius-ipV when defining the monitor URI in the NAE agent script.

B.

Define a parameter for the RADIUS server; reference that parameter instead of the server name/ip when defining the monitor URI.

C.

Use a callback action to collect the name of any RADIUS servers defined on the switch at the time the agent is created.

D.

Make the script editable so that admins can edit it on demand when they are creating scripts.

Buy Now
Page: 1 / 4
Exam Code: HPE6-A84
Exam Name: Aruba Certified Network Security Expert Written Exam
Last Update: Dec 21, 2024
Questions: 60
HPE6-A84 pdf

HPE6-A84 PDF

$25.5  $84.99
HPE6-A84 Engine

HPE6-A84 Testing Engine

$28.5  $94.99
HPE6-A84 PDF + Engine

HPE6-A84 PDF + Testing Engine

$40.5  $134.99