QUESTION: 16

Refer to the exhibit.

You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.
What Is a part of the setup on the MC?

Create a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct shared secret.
Install the root CA associated with the 10 5.5.5 server's certificate as a Trusted CA certificate.
Configure a ClearPass username and password in the MyEmployees AAA profile.
Enable the dynamic authorization setting in the "clearpass" authentication server settings.

Answer(s): A

Explanation:

To enable an ArubaOS Mobility Controller (MC) to accept Change of Authorization (CoA) messages from a RADIUS server for wireless sessions on a WLAN, part of the setup on the MC involves creating a dynamic authorization, or RFC 3576, server with the provided IP address (10.5.5.5) and the correct shared secret. This setup allows the MC to handle CoA requests, which are used to change the authorization attributes of a session after it has been authenticated, such as disconnecting a user or changing a user's VLAN assignment.

Show Answer Next Question

QUESTION: 17

What is one way a noneypot can be used to launch a man-in-the-middle (MITM) attack to wireless clients?

it uses a combination or software and hardware to jam the RF band and prevent the client from connecting to any wireless networks
it runs an NMap scan on the wireless client to And the clients MAC and IP address. The hacker then connects to another network and spoofs those addresses.
it examines wireless clients' probes and broadcasts the SSlDs in the probes, so that wireless clients will connect to it automatically.
it uses ARP poisoning to disconnect wireless clients from the legitimate wireless network and force clients to connect to the hacker's wireless network instead.

Answer(s): C

Explanation:

A honeypot can be used to launch a Man-in-the-Middle (MITM) attack on wireless clients by examining wireless clients' probe requests and then broadcasting the SSIDs in those probes. Clients with those SSIDs in their preferred network list may then automatically connect to the honeypot, believing it to be a legitimate network. Once the client is connected to the attacker's honeypot, the attacker can intercept, monitor, or manipulate the client's traffic, effectively executing a MITM attack.

Show Answer Next Question

QUESTION: 18

Which correctly describes a way to deploy certificates to end-user devices?

ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them
ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates

Answer(s): A

Explanation:

ClearPass Onboard is part of the Aruba ClearPass suite and it provides a mechanism to deploy certificates to end-user devices, regardless of whether or not they are members of a Windows domain. ClearPass Onboard facilitates the configuration and provisioning of network settings and security, including the delivery and installation of certificates to ensure secure network access. This capability enables a bring-your-own-device (BYOD) environment where devices can be securely managed and provided with the necessary certificates for network authentication.

Show Answer Next Question

QUESTION: 19

You have been instructed to look in the ArubaOS Security Dashboard's client list Your goal is to find clients mat belong to the company and have connected to devices that might belong to hackers Which client fits this description?

MAC address d8:50:e6:f3;6d;a4; Client Classification Authorized; AP Classification, interfering
MAC address d8:50:e6 f3;6e;c5; Client Classification Interfering. AP Classification Neighbor
MAC address d8:50:e6:f3;6e;60; Client Classification Interfering. AP Classification Interfering
MAC address d8:50:e6:f3;TO;ab; Client Classification Interfering. AP Classification Rogue

Answer(s): D

Explanation:

In the context of the ArubaOS Security Dashboard, if the goal is to find company clients that have connected to devices potentially operated by hackers, you would look for a client that is classified as 'Interfering' (indicating a security threat) while being connected to an 'AP Classification: Rogue'. A rogue AP is one that is not under the control of network administrators and is considered malicious or a security threat. Therefore, the client fitting this description is:
MAC address: d8:50:e6:f3:70:ab; Client Classification: Interfering; AP Classification: Rogue

Show Answer Next Question

QUESTION: 20

You configure an ArubaOS-Switch to enforce 802.1X authentication with ClearPass Policy Manager (CPPM) denned as the RADIUS server Clients cannot authenticate You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt.
What are two possible problems that have this symptom? (Select two)

users are logging in with the wrong usernames and passwords or invalid certificates.
Clients are configured to use a mismatched EAP method from the one In the CPPM service.
The RADIUS shared secret does not match between the switch and CPPM.
CPPM does not have a network device defined for the switch's IP address.
Clients are not configured to trust the root CA certificate for CPPM's RADIUS/EAP certificate.

Answer(s): C,D

Explanation:

If clients cannot authenticate and there is no record of the authentication attempt in Aruba ClearPass Access Tracker, two possible problems that could cause this symptom are:
The RADIUS shared secret does not match between the switch and CPPM. This mismatch would prevent the switch and CPPM from successfully communicating, so authentication attempts would fail, and no record would appear in Access Tracker.
CPPM does not have a network device profile defined for the switch's IP address. Without a network device profile, CPPM would not recognize authentication attempts coming from the switch and would not process them, resulting in no logs in Access Tracker.
The other options are incorrect because:

Users logging in with the wrong credentials would still generate an attempt record in Access Tracker. Clients configured to use a mismatched EAP method would also generate an attempt record in Access Tracker.
Clients not configured to trust the root CA certificate for CPPM's RADIUS/EAP certificate might fail authentication, but the attempt would still be logged in Access Tracker.

Show Answer Next Question

Free HP HPE6-A78 Exam Questions (page: 5)

QUESTION: 16

Explanation:

QUESTION: 17

Explanation:

QUESTION: 18

Explanation:

QUESTION: 19

Explanation:

QUESTION: 20

Explanation:

HPE6-A78 Exam Discussions & Posts