Question 1

Your Aruba Mobility Master-based solution has detected a rogue AP Among other information the ArubaOS Detected Radios page lists this Information for the AP

SSID = PubllcWiFI

BSSID = a8M27 12 34:56

Match method = Exact match

Match type = Eth-GW-wired-Mac-Table

The security team asks you to explain why this AP is classified as a rogue. What should you explain?

AThe AP Is connected to your LAN because It is transmitting wireless traffic with your network's default gateway's MAC address as a source MAC Because it does not belong to the company, it is a rogue

BThe ap has a BSSID mat matches authorized client MAC addresses. This indicates that the AP is spoofing the MAC address to gam unauthorized access to your company's wireless services, so It is a rogue

CThe AP has been detected as launching a DoS attack against your company's default gateway. This qualities it as a rogue which needs to be contained with wireless association frames immediately

DThe AP is spoofing a routers MAC address as its BSSID. This indicates mat, even though WIP cannot determine whether the AP is connected to your LAN. it is a rogue.

Answer : D

Question 2

Refer to the exhibit.

How can you use the thumbprint?

AInstall this thumbprint on management stations to use as two-factor authentication along with manager usernames and passwords, this will ensure managers connect from valid stations

BCopy the thumbprint to other Aruba switches to establish a consistent SSH Key for all switches this will enable managers to connect to the switches securely with less effort

CWhen you first connect to the switch with SSH from a management station, make sure that the thumbprint matches to ensure that a man-in-t he-mid die (MITM) attack is not occurring

Dinstall this thumbprint on management stations the stations can then authenticate with the thumbprint instead of admins having to enter usernames and passwords.

Answer : C

Question 3

A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user's Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has tailed for the user. The Mobility Controllers (MC's) RADIUS events show that it is receiving Access-Rejects for the authentication attempt.

What is one place that you can you look for deeper insight into why this authentication attempt is failing?

Athe reports generated by Aruba ClearPass Insight

Bthe RADIUS events within the CPPM Event Viewer

Cthe Alerts tab in the authentication record in CPPM Access Tracker

Dthe packets captured on the MC control plane destined to UDP 1812

Answer : C

Question 4

How should admins deal with vulnerabilities that they find in their systems?

AThey should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.

BThey should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).

CThey should classify the vulnerability as malware. a DoS attack or a phishing attack.

DThey should notify the security team as soon as possible that the network has already been breached.

Answer : A

Question 5

You are configuring ArubaOS-CX switches to tunnel client traffic to an Aruba Mobility Controller (MC). What should you do to enhance security for control channel communications between the switches and the MC?

ACreate one UBT zone for control traffic and a second UBT zone for clients.

BConfigure a long, random PAPI security key that matches on the switches and the MC.

Cinstall certificates on the switches, and make sure that CPsec is enabled on the MC

DMake sure that the UBT client vlan is assigned to the interface on which the switches reach the MC and only that interface.

Answer : C

Free HPE6-A78 Questions for HPE6-A78 Exam as PDF & Practice Test Software

Question 1

Question 2

Question 3

Question 4

Question 5