HPE6-A78 Online Practice Questions and Answers

What is a difference between radius and TACACS+?

A. RADIUS combines the authentication and authorization process while TACACS+ separates them.

B. RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol.

C. RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption.

D. RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them.

You are troubleshooting an authentication issue for Aruba switches that enforce 802 IX10 a cluster of Aruba ClearPass Policy Manager (CPPMs) You know that CPPM Is receiving and processing the authentication requests because the Aruba switches are showing Access-Rejects in their statistics However, you cannot find the record tor the Access- Rejects in CPPM Access Tracker.

What is something you can do to look for the records?

A. Make sure that CPPM cluster settings are configured to show Access-Rejects

B. Verify that you are logged in to the CPPM Ul with read-write, not read-only, access

C. Click Edit in Access viewer and make sure that the correct servers are selected.

D. Go to the CPPM Event Viewer, because this is where RADIUS Access Rejects are stored.

What are some functions of an AruDaOS user role?

A. The role determines which authentication methods the user must pass to gain network access

B. The role determines which firewall policies and bandwidth contract apply to the clients traffic

C. The role determines which wireless networks (SSiDs) a user is permitted to access

D. The role determines which control plane ACL rules apply to the client's traffic

You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.IX authentication lo Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful.

What is a good next step for troubleshooting?

A. Renew CPPM's RADIUS/EAP certificate

B. Reset the user credentials

C. Check CPPM Event viewer.

D. Check connectivity between CPPM and a backend directory server

What is a correct guideline for the management protocols that you should use on ArubaOS- Switches?

A. Disable Telnet and use TFTP instead.

B. Disable SSH and use https instead.

C. Disable Telnet and use SSH instead

D. Disable HTTPS and use SSH instead

Your Aruba Mobility Master-based solution has detected a rogue AP Among other information the ArubaOS Detected Radios page lists this Information for the AP SSID = PubllcWiFI

BSSID = a8M27 12 34:56 Match method = Exact match Match type = Eth-GW-wired-Mac-Table

The security team asks you to explain why this AP is classified as a rogue. What should you explain?

A. The AP Is connected to your LAN because It is transmitting wireless traffic with your network's default gateway's MAC address as a source MAC Because it does not belong to the company, it is a rogue

B. The ap has a BSSID mat matches authorized client MAC addresses. This indicates that the AP is spoofing the MAC address to gam unauthorized access to your company's wireless services, so It is a rogue

C. The AP has been detected as launching a DoS attack against your company's default gateway. This qualities it as a rogue which needs to be contained with wireless association frames immediately

D. The AP is spoofing a routers MAC address as its BSSID. This indicates mat, even though WIP cannot determine whether the AP is connected to your LAN. it is a rogue.

What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture?

A. It resides in the cloud and manages licensing and configuration for Collectors

B. It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.

C. It resides on-prem and is responsible for running active SNMP and Nmap scans

D. It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors

What is a use case for tunneling traffic between an Aruba switch and an AruDa Mobility Controller (MC)?

A. applying firewall policies and deep packet inspection to wired clients

B. enhancing the security of communications from the access layer to the core with data encryption

C. securing the network infrastructure control plane by creating a virtual out-of-band- management network

D. simplifying network infrastructure management by using the MC to push configurations to the switches