HPE6-A78 Practice Test Questions - Aruba Certified Network Security Associate Exam

  Edina  01-26-2022

If you are preparing for the Aruba Certified Network Security Associate (ACNSA) certification exam (HPE6-A78), PassQuestion offers you the most reliable HPE6-A78 Practice Test Questions in an affordable price with 100% passing guarantee.These HPE6-A78 questions and answers are very similar to the ones that will appear on the final HPE6-A78 exam preparation. Our HPE6-A78 Practice Test Questions will enhance your examination ability and will impart you confidence to answer all queries in the HP HPE6-A78 actual test. It will help you to get high score in your HPE6-A78 Aruba Certified Network Security Associate exam in first attempt!

Aruba Certified Network Security Associate Exam

This exam validates candidates' knowledge, skills, and ability to describe common security threats and vulnerabilities. It tests a candidate's knowledge of device hardening, implementation of security at the edge with AAA, basic roles and firewall policies, dynamic segmentation, and endpoint classification. It covers basic threat detection technologies, collecting logs and alarms. The candidate should be a network engineer or help desk engineer working in either a customer or partner environment. The candidate should have worked six months to a year in networking in both wired and wireless knowledge.

Exam Information

Exam ID: HPE6-A78
Exam type: Proctored
Exam duration:1 hour 30 minutes
Exam length: 60 questions
Passing score: 63%
Delivery languages: Japanese, English, Latin American Spanish

Exam Objectives

Protect and Defend      70%

  • Describe common security threats (MiM, DDOS, spoofing, zero day, etc.) and identify the difference between a threat and a vulnerability
  • Explain common security protocols and their use cases
  • Describe PKI components
  • Describe firewall (PEF), dynamic segmentation, RBAC, AppRF
  • Describe user roles and policy enforcement
  • Explain the purpose and methods of a packet capture
  • Explain social engineering and defense
  • Disable insecure protocols and follow best practices for implement secure management protocols such as SSH, HTTPS,  authenticated NTP, and CPsec 
  • Describe best practices to protect network infrastructure devices with passwords, physical security, and out-of-band management
  • Use external authentication for network managers  
  • Compare and contrast wireless LAN methodologies
  • Deploy basic WLAN security    Deploy basic WLAN security
  • Describe and deploy basic user roles for wireless users
  • Compare and contrast wired LAN methodologies
  • Define and deploy basic user roles for wired users
  • Compare endpoint classifications methods

Analyze     24%

  • View and acknowledge WIPS and WIDS, alarms
  • Explain attack stages and kill chain
  • Collect logs
  • Troubleshoot with access tracker
  • Collect and monitor historical network pattern data
  • Identify and evaluate discovered endpoints

Investigate    6%

  • Collect logs
  • Identify chain of custody
  • Initiate an investigation

View Online Aruba Certified Network Security Associate HPE6-A78 Free Questions

You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs?
A.Add the "-C and *-c port-access" options to the "show logging" command.
B.Configure a logging Tiller for the "port-access" category, and apply that filter globally.
C.Enable debugging for "portaccess" to move the relevant logs to a buffer.
D.Specify a logging facility that selects for "port-access" messages.
Answer:A

You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers' certificates and tell the MC the managers' correct rote in addition to enabling certificate authentication. what is a step that you should complete on the MC?
A.Verify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM
B.install all of the managers' certificates on the MC as OCSP Responder certificates
C.Verify that the MC trusts CPPM's HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC
D.Create a local admin account mat uses certificates in the account, specify the correct trusted CA certificate and external authentication
Answer:A

An ArubaOS-CX switch enforces 802.1X on a port. No fan-through options or port-access roles are configured on the port The 802 1X supplicant on a connected client has not yet completed authentication
Which type of traffic does the authenticator accept from the client?
A.EAP only
B.DHCP, DNS and RADIUS only
C.RADIUS only
D.DHCP, DNS, and EAP only
Answer:A

What is a guideline for managing local certificates on an ArubaOS-Switch?
A.Before installing the local certificate, create a trust anchor (TA) profile with the root CA certificate for the certificate that you will install
B.Install an Online Certificate Status Protocol (OCSP) certificate to simplify the process of enrolling and re-enrolling for certificate
C.Generate the certificate signing request (CSR) with a program offline, then, install both the certificate and the private key on the switch in a single file.
D.Create a self-signed certificate online on the switch because ArubaOS-Switches do not support CA-signed certificates.
Answer:C

You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure management access to the ArubaOS Web UP
A.Avoid using external manager authentication tor the Web UI.
B.Change the default 4343 port tor the web UI to TCP 443.
C.Install a CA-signed certificate to use for the Web UI server certificate.
D.Make sure to enable HTTPS for the Web UI and select the self-signed certificate Installed in the factory.
Answer:C

Leave And reply:

  TOP 50 Exam Questions
Exam