ERASED TEST, YOU MAY BE INTERESTED ON
A.C.N.S.A
COMMENTS |
STATISTICS |
RECORDS
|
|---|
TAKE THE TEST
|
Title of test:
A.C.N.S.A Description: Aruba Certified Associate Network Security Author: hp-aruba Other tests from this author Creation Date: 05/05/2024 Category: Others Number of questions: 60 |
Share the Test:
New Comment
No comments about this test.
Content:
|
What is a vulnerability of an unauthenticated Dime-Hellman exchange? A hacker can replace the public values exchanged by the legitimate peers and launch an MITM
attack. A brute force attack can relatively quickly derive Diffie-Hellman private valuesif they are able to
obtain public values Diffie-Hellman with elliptic curve values is no longer considered secure in modem networks, based
on NIST recommendations. Participants must agree on a passphrase in advance, which can limit the usefulness of Diffie- Hellman in practical contexts. What is a difference between radius and TACACS+? RADIUS combines the authentication and authorization process while TACACS+ separates them. RADIUS uses TCP for Its connection protocol, while TACACS+ uses UDP tor its connection protocol. RADIUS encrypts the complete packet, white TACACS+ only offers partial encryption. RADIUS uses Attribute Value Pairs (AVPs) in its messages, while TACACS+ does not use them. A company has an Aruba solution with a Mobility Master (MM) Mobility Controllers (MCs) and campus Aps. What is one benefit of adding Aruba Airwave from the perspective of forensics? Airwave can provide more advanced authentication and access control services for the AmbaOS solution Airwave retains information about the network for much longer periods than ArubaOS solution Airwave is required to activate Wireless Intrusion Prevention (WIP) services on the ArubaOS AirWave enables low level debugging on the devices across the ArubaOS solution . What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture? It resides in the cloud and manages licensing and configuration for Collectors It resides on-prem and provides the span port to which traffic is mirrored for deep analytics. It resides on-prem and is responsible for running active SNMP and Nmap scans It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors. What is a correct guideline for the management protocols that you should use on ArubaOS-Switches? Disable Telnet and use TFTP instead. Disable SSH and use https instead. Disable Telnet and use SSH instead Disable HTTPS and use SSH instead. Your ArubaOS solution has detected a rogue AP with Wireless intrusion Prevention (WIP). Which information about the detected radio can best help you to locate the rogue device? The match method The detecting devices The match type The confidence level. What is a benefit of deploying Aruba ClearPass Device insight? Highly accurate endpoint classification for environments with many devices types, including Internet of Things (loT) Visibility into devices 802.1X supplicant settings and automated certificate deployment Agent-based analysts of devices security settings and health status, with the ability to implement quarantining Simpler troubleshooting of ClearPass solutions across an environment with multiple ClearPass Policy Managers. What is a benefit or using network aliases in ArubaOS firewall policies? You can associate a reputation score with the network alias to create rules that filler traffic based on reputation rather than IP. You can use the aliases to translate client IP addresses to other IP addresses on the other side of the firewall You can adjust the IP addresses in the aliases, and the rules using those aliases automatically update You can use the aliases to conceal the true IP addresses of servers from potentially untrusted clients. What is a guideline for managing local certificates on an ArubaOS-Switch? Before installing the local certificate, create a trust anchor (TA) profile with the root CA certificate for the certificate that you will install Install an Online Certificate Status Protocol (OCSP) certificate to simplify the process of enrolling and re-enrolling for certificate Generate the certificate signing request (CSR) with a program offline, then, install both the certificate and the private key on the switch in a single file Create a self-signed certificate online on the switch because ArubaOS-Switches do not support CA-signed certificates. What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial of service attack (DoS)? A DDoS attack originates from external devices, while a DoS attack originates from internal devices A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device A DoS attack targets one server, a DDoS attack targets all the clients that use a server A DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device. You have an Aruba Mobility Controller (MC). for which you are already using Aruba ClearPass Policy Manager (CPPM) to authenticate access to the Web Ul with usernames and passwords You now want to enable managers to use certificates to log in to the Web Ul CPPM will continue to act as the external server to check the names in managers certificates and tell the MC the managers correct rote in addition to enabling certificate authentication. what is a step that you should complete on the MC? Verify that the MC has the correct certificates, and add RadSec to the RADIUS server configuration for CPPM install all of the managers certificates on the MC as OCSP Responder certificates Verify that the MC trusts CPPM's HTTPS certificate by uploading a trusted CA certificate Also, configure a CPPM username and password on the MC Create a local admin account that uses certificates in the account, specify the correct trusted CA certificate and external authentication. A company has Aruba Mobility Controllers (MCs). Aruba campus APs. and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type The ClearPass admins tell you that they want to run Network scans as part of the solution What should you do to configure the infrastructure to support the scans? Create a TA profile on the ArubaOS-Switches with the root CA certificate for ClearPass's HTTPS certificate Create device fingerprinting profiles on the ArubaOS-Switches that include SNMP. and apply the profiles to edge ports Create remote mirrors on the ArubaOS-Swrtches that collect traffic on edge ports, and mirror it to CPPM's IP address Create SNMPv3 users on ArubaOS-CX switches, and make sure that the credentials match those configured on CPPM. You have deployed a new Aruba Mobility Controller (MC) and campus APs (CAPs). One of the WLANs enforces 802.1X authentication to Aruba ClearPass Policy Manager {CPPM) When you test connecting the client to the WLAN. the test falls You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt You ping from the MC to CPPM. and the ping is successful. What is a good next step for troubleshooting? Renew CPPM's RADIUS/EAP certificate Reset the user credentials Check CPPM Event viewer Check connectivity between CPPM and a backend directory server. This company has ArubaOS-Switches. The exhibit shows one access layer switch, switch-2. as an example, but the campus actually has more switches. The company wants to stop any internal users from exploiting ARP What Is the proper way to configure the switches to meet these requirements? On Switch-1, enable ARP protection globally, and enable ARP protection on ail VLANs. On Switch-2, make ports connected to employee devices trusted ports for ARP protection On Switch-2, enable DHCP snooping globally and on VLAN 201 before enabling ARP protection On Switch-2, configure static IP-to-MAC bindings for all end-user devices on the network. Which attack is an example or social engineering? An email is used to impersonate a Dank and trick users into entering their bank login information on a fake website page A hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials. A user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network. An attack exploits an operating system vulnerability and locks out users until they pay the ransom. You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN. What Is a part of the setup on the MC? Create a dynamic authorization, or RFC 3576, server with the 10.5.5.5 address and correct sharedsecret. Install the root CA associated with the 10 5.5.5 server's certificate as a Trusted CA certificate Configure a ClearPass username and password in the MyEmployees AAA profile. Enable the dynamic authorization setting in the "clearpass" authentication server settings. What is one way a honeypot can be used to launch a man-in-the-middle (MITM) attack to wireless clients? it uses a combination or software and hardware to jam the RF band and prevent the client from connecting to any wireless networks it runs an Nmap scan on the wireless client to And the clients MAC and IP address. The hacker then connects to another network and spoofs those addresses. it examines wireless clients' probes and broadcasts the SSlDs in the probes, so that wireless clients will connect to it automatically. it uses ARP poisoning to disconnect wireless clients from the legitimate wireless network and force clients to connect to the hacker's wireless network instead. Which correctly describes a way to deploy certificates to end-user devices? ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates. You have been instructed to look in the ArubaOS Security Dashboard's client list Your goal is to find clients that belong to the company and have connected to devices that might belong to hackers Which client fits this description? MAC address d8:50:e6:f3;6d;a4; Client Classification Authorized; AP Classification, interfering MAC address d8:50:e6 f3;6e;c5; Client Classification Interfering. AP Classification Neighbor MAC address d8:50:e6:f3;6e;60; Client Classification Interfering. AP Classification Interfering MAC address d8:50:e6:f3;f0;ab; Client Classification Interfering. AP Classification Rogue. You configure an ArubaOS-Switch to enforce 802.1X authentication with ClearPass Policy Manager (CPPM) as the RADIUS server Clients cannot authenticate You check Aruba ClearPass Access Tracker and cannot find a record of the authentication attempt. What are two possible problems that have this symptom? (Select two) users are logging in with the wrong usernames and passwords or invalid certificates. Clients are configured to use a mismatched EAP method from the one In the CPPM service. The RADIUS shared secret does not match between the switch and CPPM. CPPM does not have a network device defined for the switch's IP address. Clients are not configured to trust the root CA certificate for CPPM's RADIUS/EAP certificate. An ArubaOS-CX switch enforces 802.1X on a port. no further options or port-access roles are configured on the port The 802 1X supplicant on a connected client has not yet completed authentication Which type of traffic does the authenticator accept from the client? EAP only DHCP, DNS and RADIUS only RADIUS only DHCP, DNS, and EAP only. This Aruba Mobility Controller (MC) should authenticate managers who access the Web Ul to ClearPass Policy Manager (CPPM) ClearPass admins have asked you to use RADIUS and explained that the MC should accept managers' roles in Aruba-Admin-Role VSAs Which setting should you change to follow Aruba best security practices? Change the local user role to read-only Clear the MSCHAP check box Disable local authentication Change the default role to "guest-provisioning". From which solution can ClearPass Policy Manager (CPPM) receive detailed information about client device type OS and status? ClearPass Onboard ClearPass Access Tracker ClearPass OnGuard ClearPass Guest. How does the ArubaOS firewall determine which rules to apply to a specific client's traffic? The firewall applies every rule that includes the deny's IP address as the source. The firewall applies the rules in policies associated with the client's wlan The firewall applies the rules in policies associated with the client's user role. The firewall applies every rule that includes the client's IP address as the source or destination. What is one practice that can help you to maintain a digital chain or custody In your network? Enable packet capturing on Instant AP or Moodily Controller (MC) datepath on an ongoing basis Enable packet capturing on Instant AP or Mobility Controller (MC) control path on an ongoing basis. Ensure that all network infrastructure devices receive a valid clock using authenticated NTP Ensure that all network Infrastructure devices use RADIUS rather than TACACS+ to authenticate managers. What is one of the roles of the network access server (NAS) in the AAA framework? It authenticates legitimate users and uses policies to determine which resources each user is allowed to access. It negotiates with each user's device to determine which EAP method is used for authentication It enforces access to network services and sends accounting information to the AAA server It determines which resources authenticated users are allowed to access and monitors each users session. What is a use case for tunneling traffic between an Aruba switch and an Aruba Mobility Controller (MC)? applying firewall policies and deep packet inspection to wired clients enhancing the security of communications from the access layer to the core with data encryption securing the network infrastructure control plane by creating a virtual out-of-band-management network simplifying network infrastructure management by using the MC to push configurations to the switches. A diem is connected to an ArubaOS Mobility Controller. The exhibit snows all Tour firewall rules that apply to this diem What correctly describes how the controller treats HTTPS packets to these two IP addresses, both of which are on the other side of the firewall 10.1 10.10 203.0.13.5 It drops both of the packets It permits the packet to 10.1.10.10 and drops the packet to 203.0.13.5 it permits both of the packets It drops the packet to 10.1.10.10 and permits the packet to 203.0.13.5. You have detected a Rogue AP using the Security Dashboard Which two actions should you take in responding to this event? (Select two) There is no need to locale the AP If you manually contain It. This is a serious security event, so you should always contain the AP immediately regardless of your company's specific policies. You should receive permission before containing an AP. as this action could have legal Implications. For forensic purposes, you should copy out logs with relevant information, such as the time mat the AP was detected and the AP's MAC address. There is no need to locate the AP If the Aruba solution is properly configured to automatically contain it. What is a benefit or Protected Management Frames (PMF). sometimes called Management Frame Protection (MFP)? PMF helps to protect APs and MCs from unauthorized management access by hackers. PMF ensures trial traffic between APs and Mobility Controllers (MCs) is encrypted. PMF prevents hackers from capturing the traffic between APs and Mobility Controllers. PMF protects clients from DoS attacks based on forged de-authentication frames. You need to ensure that only management stations in subnet 192.168.1.0/24 can access the ArubaOS-Switches' CLI. Web Ul. and REST interfaces The company also wants to let managers use these stations to access other parts of the network What should you do? Establish a Control Plane Policing class that selects traffic from 192.168 1.0/24. Specify 192.168.1.0.255.255.255.0 as authorized IP manager address Configure the switch to listen for these protocols on OOBM only. Specify vlan 100 (101?) as the management vlan for the switches. What is a benefit of Opportunistic Wireless Encryption (OWE)? It allows both WPA2-capabie and WPA3-capable clients to authenticate to the same WPA-Personal WLAN It offers more control over who can connect to the wireless network when compared with WPA2-Personal It allows anyone to connect, but provides better protection against eavesdropping than a traditional open network It provides protection for wireless clients against both honeypot APs and man-in-the-middle (MITM) attacks. You are troubleshooting an authentication issue for Aruba switches that enforce 802.1X to a cluster of Aruba ClearPass Policy Manager (CPPMs) You know that CPPM is receiving and processing the authentication requests because the Aruba switches are showing Access-Rejects in their statistics However, you cannot find the record for the Access-Rejects in CPPM Access Tracker What is something you can do to look for the records? Make sure that CPPM cluster settings are configured to show Access-Rejects Verify that you are logged in to the CPPM Ul with read-write, not read-only, access Click Edit in Access viewer and make sure that the correct servers are selected. Go to the CPPM Event Viewer, because this is where RADIUS Access Rejects are stored. What are some functions of an ArubaOS user role? The role determines which authentication methods the user must pass to gain network access The role determines which firewall policies and bandwidth contract apply to the clients traffic The role determines which wireless networks (SSIDs) a user is permitted to access The role determines which control plane ACL rules apply to the client's traffic. You need to deploy an Aruba instant AP where users can physically reach It. What are two recommended options for enhancing security for management access to the AP? (Select two ) Disable Its console ports Place a Tamper Evident Label (TELS) over its console port Disable the Web Ul. Configure WPA3-Enterpnse security on the AP install a CA-signed certificate. A company is deploying ArubaOS-CX switches to support 135 employees, which will tunnel client traffic to an Aruba Mobility Controller (MC) for the MC to apply firewall policies and deep packet inspection (DPI). This MC will be dedicated to receiving traffic from the ArubaOS-CX switches. What are the licensing requirements for the MC? one AP license per-switch one PEF license per-switch one PEF license per-switch. and one WCC license per-switch one AP license per-switch. and one PEF license per-switch. Device A is establishing an HTTPS session with the Arubapedia web sue using Chrome. The Arubapedia web server sends the certificate shown in the exhibit. What does the browser do as part of vacating the web server certificate? It uses the public key in the DigCert SHA2 Secure Server CA certificate to check the certificate's signature. It uses the public key in the DigCert root CA certificate to check the certificate signature It uses the private key in the DigiCert SHA2 Secure Server CA to check the certificate's signature. It uses the private key in the Arubapedia web site's certificate to check that certificate's signature. Your Aruba Mobility Master-based solution has detected a rogue AP among other information the ArubaOS Detected Radios page lists this Information for the AP SSID = PubllcWiFI BSSID = a8M27 12 34:56 Match method = Exact match Match type = Eth-GW-wired-Mac-Table The security team asks you to explain why this AP is classified as a rogue. What should you explain? The AP Is connected to your LAN because It is transmitting wireless traffic with your network's default gateway's MAC address as a source MAC Because it does not belong to the company, it is a rogue The AP has a BSSID that matches authorized client MAC addresses. This indicates that the AP is spoofing the MAC address to gam unauthorized access to your company's wireless services, so It is a rogue The AP has been detected as launching a DoS attack against your company's default gateway. This qualities it as a rogue which needs to be contained with wireless association frames immediately The AP is spoofing a routers MAC address as its BSSID. This indicates that, even though WIP cannot determine whether the AP is connected to your LAN. it is a rogue. How can you use the thumbprint? Install this thumbprint on management stations to use as two-factor authentication along with manager usernames and passwords, this will ensure managers connect from valid stations Copy the thumbprint to other Aruba switches to establish a consistent SSH Key for all switches this will enable managers to connect to the switches securely with less effort When you first connect to the switch with SSH from a management station, make sure that the thumbprint matches to ensure that a man-in-the-middie (MITM) attack is not occurring install this thumbprint on management stations the stations can then authenticate with the thumbprint instead of admins having to enter usernames and passwords. A company has an ArubaOS controller-based solution with a WPA3-Enterprise WLAN. which authenticates wireless clients to Aruba ClearPass Policy Manager (CPPM). The company has decided to use digital certificates for authentication A user's Windows domain computer has had certificates installed on it However, the Networks and Connections window shows that authentication has failed for the user. The Mobility Controllers (MC's) RADIUS events show that it is receiving Access-Rejects for the authentication attempt. What is one place that you can you look for deeper insight into why this authentication attempt is failing? the reports generated by Aruba ClearPass Insight the RADIUS events within the CPPM Event Viewer the Alerts tab in the authentication record in CPPM Access Tracker the packets captured on the MC control plane destined to UDP 1812. How should admins deal with vulnerabilities that they find in their systems? They should apply fixes, such as patches, to close the vulnerability before a hacker exploits it. They should add the vulnerability to their Common Vulnerabilities and Exposures (CVE). They should classify the vulnerability as malware. a DoS attack or a phishing attack. They should notify the security team as soon as possible that the network has already been breached. What is a guideline for creating certificate signing requests (CSRs) and deploying server Certificates on ArubaOS Mobility Controllers (MCs)? Create the CSR online using the MC Web Ul if your company requires you to archive the private key. if you create the CSR and public/private Keypair offline, create a matching private key online on the MC. Create the CSR and public/private keypair offline If you want to install the same certificate on multiple MCs. Generate the private key online, but the public key and CSR offline, to install the same certificate on multiple MCs. What is an Authorized client as defined by ArubaOS Wireless Intrusion Prevention System (WIP)? a client that has a certificate issued by a trusted Certification Authority (CA) a client that is not on the WIP blacklist a client that has successfully authenticated to an authorized AP and passed encrypted traffic a client that is on the WIP whitelist. What are the roles of 802.1X authenticators and authentication servers? The authenticator stores the user account database, while the server stores access policies. The authenticator supports only EAP, while the authentication server supports only RADIUS. The authenticator is a RADIUS client and the authentication server is a RADIUS server. The authenticator makes access decisions and the server communicates them to the supplicant. What correctly describes the Pairwise Master Key (PMK) in the specified wireless security protocol? In WPA3-Enterprise, the PMK is unique per session and derived using Simultaneous Authentication of Equals. In WPA3-Personal, the PMK is unique per session and derived using Simultaneous Authentication of Equals. In WPA3-Personal, the PMK is derived directly from the passphrase and is the same for every session. In WPA3-Personal, the PMK is the same for each session and is communicated to clients that authenticate. You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure management access to the ArubaOS Web UI Avoid using external manager authentication for the Web UI Change the default 4343 port for the web UI to TCP 443. Install a CA-signed certificate to use for the Web UI server certificate. Make sure to enable HTTPS for the Web UI and select the self-signed certificate Installed in the factory. What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)? EAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake. EAP-TLS requires the supplicant to authenticate with a certificate, but PEAP allows the supplicant to use a username and password. EAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process EAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption. Refer to the exhibit, which shows the current network topology. You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the forwarding mode and Implements WPA3-Enterprise security What is a guideline for setting up the vlan for wireless devices connected to the WLAN? Assign the WLAN to a single new VLAN which is dedicated to wireless users Use wireless user roles to assign the devices to different VLANs in the 100-150 range Assign the WLAN to a named VLAN which specified 100-150 as the range of IDs. Use wireless user roles to assign the devices to a range of new vlan IDs. What is one way that WPA3-Personal enhances security when compared to WPA2-Personal? WPA3-Personal is more secure against password leaking Because all users nave their own username and password WPA3-Personal prevents eavesdropping on other users' wireless traffic by a user who knows the passphrase for the WLAN. WPA3-Personai is more resistant to passphrase cracking Because it requires passphrases to be at least 12 characters WPA3-Personal is more complicated to deploy because it requires a backend authentication server. What is symmetric encryption? It simultaneously creates ciphertext and a same-size MAC. It any form of encryption that ensures that thee ciphertext Is the same length as the plaintext. It uses the same key to encrypt plaintext as to decrypt ciphertext. It uses a Key that is double the size of the message which it encrypts. What is a Key feature of the ArubaOS firewall? The firewall is stateful which means that it can track client sessions and automatically allow return traffic for permitted sessions The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site. The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic. The firewall is designed to filter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments. Which is a correct description of a stage in the Lockheed Martin kill chain? In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker. In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated. In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker. A company with 382 employees wants to deploy an open WLAN for guests. The company wants the experience to be as follows: The company also wants to provide encryption for the network for devices that are capable, you implement for the WLAN? Which security options should WPA3-Personal and MAC-Auth Captive portal and WPA3-Personal Captive portal and Opportunistic Wireless Encryption (OWE) in transition mode Opportunistic Wireless Encryption (OWE) and WPA3-Personal. You are managing an Aruba Mobility Controller (MC). What is a reason for adding a "Log Settings" definition in the ArubaOS Diagnostics > Log > Log Settings page? Configuring the Syslog server settings for the server to which the MC forwards logs for a particular category and level Configuring the MC to generate logs for a particular event category and level, but only for a specific user or AP. Configuring a filter that you can apply to a defined Syslog server in order to filter events by subcategory Configuring the log facility and log format that the MC will use for forwarding logs to all Syslog servers. What is one way that Control Plane Security (CPsec) enhances security for my network? It protects wireless clients' traffic tunneled between APs and Mobility Controllers, from eavesdropping It prevents Denial of Service (DoS) attacks against Mobility Controllers' (MCs") control plane. It prevents access from unauthorized IP addresses to critical services, such as SSH on Mobility Controllers (MCs). It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping. You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find the error shown In the exhibit in the CPPM Event Viewer. What should you check? that the MC has been added as a domain machine on the Active Directory domain with which CPPM is synchronized that the shared secret configured for the CPPM authentication server matches the one defined for the device on CPPM that the IP address that the MC is using to reach CPPM matches the one defined for the device on CPPM that the MC has valid admin credentials configured on it for logging into the CPPM. What is an example or phishing? An attacker sends TCP messages to many different ports to discover which ports are open. An attacker checks a user’s password by using trying millions of potential passwords. An attacker lures clients to connect to a software-based AP that is using a legitimate SSID. An attacker sends emails posing as a service team member to get users to disclose their passwords. What is a reason to set up a packet capture on an Aruba Mobility Controller (MC)? The company wants to use ClearPass Policy Manager (CPPM) to profile devices and needs to receive HTTP User-Agent strings from the MC. The security team believes that a wireless endpoint connected to the MC is launching an attack and wants to examine the traffic more closely. You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control the traffic I based on application. You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control Web traffic based on the destination URL. You have been asked to find logs related to port authentication on an ArubaOS-CX switch for events logged in the past several hours But. you are having trouble searching through the logs What is one approach that you can take to find the relevant logs? Add the "-C and *-c port-access" options to the "show logging" command. Configure a logging filter for the "port-access" category, and apply that filter globally. Enable debugging for "portaccess" to move the relevant logs to a buffer. Specify a logging facility that selects for "port-access" messages. You are configuring ArubaOS-CX switches to tunnel client traffic to an Aruba Mobility Controller (MC). What should you do to enhance security for control channel communications between the switches and the MC? Create one UBT zone for control traffic and a second UBT zone for clients. Configure a long, random PAPI security key that matches on the switches and the MC. install certificates on the switches, and make sure that CPsec is enabled on the MC Make sure that the UBT client vlan is assigned to the interface on which the switches reach the MC and only that interface. |
Report abuse