Free HPE6-A78 Exam Braindumps

Pass your Aruba Certified Network Security Associate Exam exam with these free Questions and Answers

Page 3 of 12
QUESTION 6

What is a vulnerability of an unauthenticated Dime-Heliman exchange?

  1. A. A hacker can replace the public values exchanged by the legitimate peers and launch an MITM attack.
  2. B. A brute force attack can relatively quickly derive Diffie-Hellman private values if they are able to obtain public values
  3. C. Diffie-Hellman with elliptic curve values is no longer considered secure in modem networks, based on NIST recommendations.
  4. D. Participants must agree on a passphrase in advance, which can limit the usefulness of Diffie- Hell man in practical contexts.

Correct Answer: A

QUESTION 7

Refer to the exhibit.
HPE6-A78 dumps exhibit
Device A is establishing an HTTPS session with the Arubapedia web sue using Chrome. The Arubapedia web server sends the certificate shown in the exhibit
What does the browser do as part of vacating the web server certificate?

  1. A. It uses the public key in the DigCen SHA2 Secure Server CA certificate to check the certificate's signature.
  2. B. It uses the public key in the DigCert root CA certificate to check the certificate signature
  3. C. It uses the private key in the DigiCert SHA2 Secure Server CA to check the certificate's signature.
  4. D. It uses the private key in the Arubapedia web site's certificate to check that certificate's signature

Correct Answer: A

QUESTION 8

A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user's Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has tailed for the user. The Mobility Controllers (MC's) RADIUS events show that it is receiving Access-Rejects for the authentication attempt.
What is one place that you can you look for deeper insight into why this authentication attempt is failing?

  1. A. the reports generated by Aruba ClearPass Insight
  2. B. the RADIUS events within the CPPM Event Viewer
  3. C. the Alerts tab in the authentication record in CPPM Access Tracker
  4. D. the packets captured on the MC control plane destined to UDP 1812

Correct Answer: C

QUESTION 9

What is a difference between radius and TACACS+?

  1. A. RADIUS combines the authentication and authorization process while TACACS+ separates them.
  2. B. RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol.
  3. C. RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption.
  4. D. RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them.

Correct Answer: A

QUESTION 10

Which correctly describes a way to deploy certificates to end-user devices?

  1. A. ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
  2. B. ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them
  3. C. ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
  4. D. in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates

Correct Answer: A

Page 3 of 12

Post your Comments and Discuss HP HPE6-A78 exam with other Community members: