HPE6-A78 無料問題集「HP Aruba Certified Network Security Associate」

（A）It uses ARP poisoning to disconnect wireless clients from the legitimate wireless network and force clients to connect to the hacker's wireless network instead.

（B）It runs an NMap scan on the wireless client to find the client's MAC and IP address. The hacker then connects to another network and spoofs those addresses.

（C）It examines wireless clients' probes and broadcasts the SSIDs in the probes, so that wireless clients will connect to it automatically.

（D）It uses a combination of software and hardware to jam the RF band and prevent the client from connecting to any wireless networks.

（A）The client has passed 802 1X authentication, and the value in the Aruba-User-Role VSA matches a role on the MC

（B）The client has attempted 802 1X authentication, but the MC could not contact the authentication server

（C）The client has passed 802 1X authentication and the authentication server did not send an Aruba-User-Role VSA

（D）The client has attempted 802 1X authentication, but failed to maintain a reliable connection, leading to a timeout error

（A）Enable packet capturing on Instant AP or Mobility Controller (MC) control path on an ongoing basis.

（B）Ensure that all network Infrastructure devices use RADIUS rather than TACACS+ to authenticate managers

（C）Ensure that all network infrastructure devices receive a valid clock using authenticated NTP

（D）Enable packet capturing on Instant AP or Moodily Controller (MC) datepath on an ongoing basis

（A）Use wireless user roles to assign the devices to a range of new vlan IDs.

（B）Assign the WLAN to a named VLAN which specified 100-150 as the range of IDs.

（C）Use wireless user roles to assign the devices to different VLANs in the 100-150 range

（D）Assign the WLAN to a single new VLAN which is dedicated to wireless users

（A）Rootkits can help hackers gain elevated access to a system and often actively conceal themselves from detection.

（B）Worms are usually delivered in spear-phishing attacks and require users to open and run a file.

（C）Malvertising can only infect a system if the user encounters the malware on an untrustworthy site.

（D）A Trojan is any type of malware that replicates itself and spreads to other systems automatically.

（A）You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control the traffic I based on application.

（B）You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control Web traffic based on the destination URL.

（C）The security team believes that a wireless endpoint connected to the MC is launching an attack and wants to examine the traffic more closely.

（D）The company wants to use ClearPass Policy Manager (CPPM) to profile devices and needs to receive HTTP User-Agent strings from the MC.

（A）Applies the rules in the contractor role and guest role

（B）Applies the rules in the contractor role and the logon role

（C）Applies the rules in the logon role, then guest role, and the contractor role

（D）Applies the rules in the contractor role

（A）to signal that they want to use asymmetric encryption for future communications

（B）to prove knowledge of a passphrase without transmitting the passphrase

（C）to agree on a shared secret in a secure manner over an insecure network

（D）to obtain a digital certificate signed by a trusted Certification Authority

（A）The AP is an AP that belongs to your solution. However, the AOS has detected that it is behaving suspiciously. It might have been compromised, so it is classified as a suspected rogue.

（B）The AP has a BSSID that is close to your authorized APs' BSSIDs. This indicates that the AP might be spoofing the corporate SSID and attempting to lure clients to it, making the AP a suspected rogue.

（C）The AP is probably connected to your LAN because it has a BSSID that is close to a MAC address that has been detected in your LAN. Because it does not belong to the company, it is a suspected rogue.

（D）The AP has been detected using multiple MAC addresses. This indicates that the AP is spoofing its MAC address, which qualifies it as a suspected rogue.

（A）how to properly collect, examine, and analyze logs and other data, in order to use it as evidence in a security investigation

（B）which data encryption and authentication algorithms are suitable for enterprise networks in a world that is moving toward quantum computing

（C）how to define access control policies that will properly protect a company's most sensitive data and digital resources

（D）which types of architecture and security policies are best equipped to help companies establish a Zero Trust Network (ZTN)