Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

HPE6-A84 Exam Dumps - HP ACA - Network Security Questions and Answers

Question # 4

Refer to the scenario.

An organization wants the AOS-CX switch to trigger an alert if its RADIUS server (cp.acnsxtest.local) rejects an unusual number of client authentication requests per hour. After some discussions with other Aruba admins, you are still not sure how many rejections are usual or unusual. You expect that the value could be different on each switch.

You are helping the developer understand how to develop an NAE script for this use case.

You are helping the developer find the right URI for the monitor.

Refer to the exhibit.

You have used the REST API reference interface to submit a test call. The results are shown in the exhibit.

Which URI should you give to the developer?

Options:

A.

/rest/v1/system/vrfs/mgmt/radius/servers/cp.acnsxtest.local/2083/tcp?attributes=authstatistics

B.

/rest/v1/system/vrfs/mgmt/radius/servers/cp.acnsxtest.local/2083/tcp?attributes=authstatistics?attributes=access_rejects

C.

/rest/v1/system/vrfs/mgmt/radius/_servers/cp.acnsxtest.local/2083/tcp

D.

/rest/v1/system/vrfs/mgmt/radius/servers/cp.acnsxtest.local/2083/tcp?attributes=authstatistics.access_rejects

Buy Now
Question # 5

Refer to the scenario.

A customer is using an AOS 10 architecture with Aruba APs and Aruba gateways (two per site). Admins have implemented auto-site clustering for gateways with the default gateway mode disabled. WLANs use tunneled mode to the gateways.

The WLAN security is WPA3-Enterprise with authentication to an Aruba ClearPass Policy Manager (CPPM) cluster VIP. RADIUS communications use RADIUS, not RadSec.

For which devices does CPPM require network device entries?

Options:

A.

Forgateways' actual IP addresses and dynamic authorization VRRP addresses

B.

For gateways' actual IP addresses and AP clusters' virtual IP addresses for dynamic authorization

C.

For APs' actual IP addresses

D.

ForAP clusters'virtual IP addresses

Buy Now
Question # 6

A customer needs you to configure Aruba ClearPass Policy Manager (CPPM) to authenticate domain users on domain computers. Domain users, domain computers, and domain controllers receive certificates from a Windows CA. CPPM should validate these certificates and verify that the users and computers have accounts in Windows AD. The customer requires encryption for all communications between CPPM and the domain controllers.

You have imported the root certificate for the Windows CA to the ClearPass CA Trust list.

Which usages should you add to it based on these requirements?

Options:

A.

Radec and Aruba infrastructure

B.

EAP and AD/LDAP Server

C.

EAP and Radsec

D.

LDAP and Aruba infrastructure

Buy Now
Question # 7

A customer's admins have added RF Protect licenses and enabled WIDS for a customer's AOS 8-based solution. The customer wants to use the built-in capabilities of APs without deploying dedicated air monitors (AMs). Admins tested rogue AP detection by connecting an unauthorized wireless AP to a switch. The rogue AP was not detected even after several hours.

What is one point about which you should ask?

Options:

A.

Whether APs' switch ports support all the VLANs that are accessible at the edge

B.

Whether admins enabled wireless containment

C.

Whether admins set at least one radio on each AP to air monitor mode

D.

Whether the customer is using non-standard Wi-Fi channels in the deployment

Buy Now
Question # 8

A customer has an AOS 10-based mobility solution, which authenticates clients to Aruba ClearPass Policy Manager (CPPM). The customer has some wireless devices that support WPA2 in personal mode only.

How can you meet these devices’ needs but improve security?

Options:

A.

Use MPSK on the WLAN to which the devices connect.

B.

Configure WIDS policies that apply extra monitoring to these particular devices.

C.

Connect these devices to the same WLAN to which 802.1X-capable clients connect, using MAC-Auth fallback.

D.

Enable dynamic authorization (RFC 3576) in the AAA profile for the devices.

Buy Now
Question # 9

Refer to the exhibit.

A customer requires protection against ARP poisoning in VLAN 4. Below are listed all settings for VLAN 4 and the VLAN 4 associated physical interfaces on the AOS-CX access layer switch:

What is one issue with this configuration?

Options:

A.

ARP proxy is not enabled on VLAN 4.

B.

LAG 1 is configured as trusted for ARP inspection but should be untrusted.

C.

DHCP snooping is not enabled on VLAN 4.

D.

Edge ports are not configured as untrusted for ARP inspection.

Buy Now
Question # 10

Refer to the exhibit.

Which IP address should you record as a possibly compromised client?

Options:

A.

10.1.26.151

B.

10.1J.100

C.

10.1.26.1

D.

10.254.1.21

Buy Now
Question # 11

Refer to the scenario.

An organization wants the AOS-CX switch to trigger an alert if its RADIUS server (cp.acnsxtest.local) rejects an unusual number of client authentication requests per hour. After some discussions with other Aruba admins, you are still not sure how many rejections are usual or unusual. You expect that the value could be different on each switch.

You are helping the developer understand how to develop an NAE script for this use case.

You are helping a customer define an NAE script for AOS-CX switches. The script will monitor statistics from a RADIUS server defined on the switch. You want to future proof the script by enabling admins to select a different hostname or IP address for the monitored RADIUS server when they create an agent from the script.

What should you recommend?

Options:

A.

Use this variable, %{radius-ipV when defining the monitor URI in the NAE agent script.

B.

Define a parameter for the RADIUS server; reference that parameter instead of the server name/ip when defining the monitor URI.

C.

Use a callback action to collect the name of any RADIUS servers defined on the switch at the time the agent is created.

D.

Make the script editable so that admins can edit it on demand when they are creating scripts.

Buy Now
Question # 12

A customer has an AOS 10 architecture, which includes Aruba APs. Admins have recently enabled WIDS at the high level. They also enabled alerts and email notifications for several events, as shown in the exhibit.

Admins are complaining that they are getting so many emails that they have to ignore them, so they are going to turn off all notifications.

What is one step you could recommend trying first?

Options:

A.

Send the email notifications directly to a specific folder, and only check the folder once a week.

B.

Disable email notifications for Roque AP, but leave the Infrastructure Attack Detected and Client Attack Detected notifications on.

C.

Change the WIDS level to custom, and enable only the checks most likely to indicate real threats.

D.

Disable just the Rogue AP and Client Attack Detected alerts, as they overlap with the Infrastructure Attack Detected alert.

Buy Now
Question # 13

Refer to the scenario.

A hospital has an AOS10 architecture that is managed by Aruba Central. The customer has deployed a pair of Aruba 9000 Series gateways with Security licenses at each clinic. The gateways implement IDS/IPS in IDS mode.

The Security Dashboard shows these several recent events with the same signature, as shown below:

Which step could give you valuable context about the incident?

Options:

A.

View firewall sessions on the APs and record the threat sources' type and OS.

B.

View the user-table on APs and record the threat sources' 802.11 settings.

C.

View the RAPIDS Security Dashboard and see if the threat sources are listed as rogues.

D.

Find the Central client profile for the threat sources and note their category and family.

Buy Now
Exam Code: HPE6-A84
Exam Name: Aruba Certified Network Security Expert Written Exam
Last Update: Mar 29, 2025
Questions: 60
HPE6-A84 pdf

HPE6-A84 PDF

$25.5  $84.99
HPE6-A84 Engine

HPE6-A84 Testing Engine

$28.5  $94.99
HPE6-A84 PDF + Engine

HPE6-A84 PDF + Testing Engine

$40.5  $134.99