HPE6-A78 Online Practice Questions and Answers

Which is a correct description of a stage in the Lockheed Martin kill chain?

A. In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker.

B. In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated.

C. In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function.

D. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.

Refer to the exhibit.

How can you use the thumbprint?

A. Install this thumbprint on management stations to use as two-factor authentication along with manager usernames and passwords, this will ensure managers connect from valid stations

B. Copy the thumbprint to other Aruba switches to establish a consistent SSH Key for all switches this will enable managers to connect to the switches securely with less effort

C. When you first connect to the switch with SSH from a management station, make sure that the thumbprint matches to ensure that a man-in-t he-mid die (MITM) attack is not occurring

D. install this thumbprint on management stations the stations can then authenticate with the thumbprint instead of admins having to enter usernames and passwords.

What is an Authorized client as defined by ArubaOS Wireless Intrusion Prevention System (WIP)?

A. a client that has a certificate issued by a trusted Certification Authority (CA)

B. a client that is not on the WIP blacklist

C. a client that has successfully authenticated to an authorized AP and passed encrypted traffic

D. a client that is on the WIP whitelist.

You need to deploy an Aruba instant AP where users can physically reach It. What are two recommended options for enhancing security for management access to the AP? (Select two )

A. Disable Its console ports

B. Place a Tamper Evident Label (TELS) over its console port

C. Disable the Web Ul.

D. Configure WPA3-Enterpnse security on the AP

E. install a CA-signed certificate

A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user's Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has tailed for the user. The Mobility Controllers (MC's) RADIUS events show that it is receiving Access-Rejects for the authentication attempt.

What is one place that you can you look for deeper insight into why this authentication attempt is failing?

A. the reports generated by Aruba ClearPass Insight

B. the RADIUS events within the CPPM Event Viewer

C. the Alerts tab in the authentication record in CPPM Access Tracker

D. the packets captured on the MC control plane destined to UDP 1812

What is a reason to set up a packet capture on an Aruba Mobility Controller (MC)?

A. The company wants to use ClearPass Policy Manager (CPPM) to profile devices and needs to receive HTTP User-Agent strings from the MC.

B. The security team believes that a wireless endpoint connected to the MC is launching an attack and wants to examine the traffic more closely.

C. You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control the traffic I based on application.

D. You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control Web traffic based on the destination URL.

What is a benefit or using network aliases in ArubaOS firewall policies?

A. You can associate a reputation score with the network alias to create rules that filler traffic based on reputation rather than IP.

B. You can use the aliases to translate client IP addresses to other IP addresses on the other side of the firewall

C. You can adjust the IP addresses in the aliases, and the rules using those aliases automatically update

D. You can use the aliases to conceal the true IP addresses of servers from potentially untrusted clients.

What is one practice that can help you to maintain a digital chain or custody In your network?

A. Enable packet capturing on Instant AP or Moodily Controller (MC) datepath on an ongoing basis

B. Enable packet capturing on Instant AP or Mobility Controller (MC) control path on an ongoing basis.

C. Ensure that all network infrastructure devices receive a valid clock using authenticated NTP

D. Ensure that all network Infrastructure devices use RADIUS rather than TACACS+ to authenticate managers

What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture?

A. It resides in the cloud and manages licensing and configuration for Collectors

B. It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.

C. It resides on-prem and is responsible for running active SNMP and Nmap scans

D. It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors

What is one way a noneypot can be used to launch a man-in-the-middle (MITM) attack to wireless clients?

A. it uses a combination or software and hardware to jam the RF band and prevent the client from connecting to any wireless networks

B. it runs an NMap scan on the wireless client to And the clients MAC and IP address. The hacker then connects to another network and spoofs those addresses.

C. it examines wireless clients' probes and broadcasts the SSlDs in the probes, so that wireless clients will connect to it automatically.

D. it uses ARP poisoning to disconnect wireless clients from the legitimate wireless network and force clients to connect to the hacker's wireless network instead.