HPE6-A78 Practice Questions

A.  

Hackers use Artificial Intelligence (Al) to mimic a user’s online behavior so they can infiltrate a network and launch an attack.

B.  

Hackers use employees to circumvent network security and gather the information they need to launch an attack.

C.  

Hackers intercept traffic between two users, eavesdrop on their messages, and pretend to be one or both users.

D.  

Hackers spoof the source IP address in their communications so they appear to be a legitimate user.

A.  

Make sure DPI is enabled, and add application rules that deny gaming and peer-to-peer applications to the "user_groupr role.

B.  

Create ALGs for the gaming and peer-to-peer applications, and deny the "user_group1" role on the ALGs.

C.  

Add access control rules to the "user_group1" role, which deny HTTP/HTTPS traffic to IP addresses associated with gaming and peer-to-peer applications.

D.  

Create service aliases for the TCP ports associated with gaming and peer-to-per applications, and use those aliases in access control rules for the "user_group" rules.

A.  

only links in the campus LAN to ensure seamless roaming

B.  

only links between MC ports and the core routing switches

C.  

only links on the path between APs and the core routing switches

D.  

only links on the path between APs and the MC

A.  

Whether EAP-TLS is enabled in the AAA Profile settings for the WLAN on the IAP cluster

B.  

Whether the client has a valid certificate installed on it to let it support EAP-TLS

C.  

Whether EAP-TLS is enabled in the SSID Profile settings for the WLAN on the IAP cluster

D.  

Whether the client has a third-party 802.1X supplicant, as Windows 10 does not support EAP-TLS

A.  

ClearPass Onboard

B.  

ClearPass Access Tracker

C.  

ClearPass OnGuard

D.  

ClearPass Guest

A.  

They should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.

B.  

They should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).

C.  

They should classify the vulnerability as malware. a DoS attack or a phishing attack.

D.  

They should notify the security team as soon as possible that the network has already been breached.

A.  

It resides in the cloud and manages licensing and configuration for Collectors

B.  

It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.

C.  

It resides on-prem and is responsible for running active SNMP and Nmap scans

D.  

It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors

A.  

It is best practice to implement automatic containment of unauthorized devices to eliminate the need to locate and remove them.

B.  

Wireless containment only works against unauthorized wireless devices that connect to your corporate LAN, so it does not offer protection against Interfering APs.

C.  

Your company should consider legal implications before you enable automatic containment or implement manual containment.

D.  

Because wireless containment has a lower risk of targeting legitimate neighbors than wired containment, it is recommended in most use cases.

A.  

Use local authentication rather than external authentication to authenticate admins.

B.  

Change the password recovery password.

C.  

Set the local admin password to a long random value that is unknown or locked up securely.

D.  

Disable local authentication of administrators entirely.

A.  

A DDoS attack originates from external devices, while a DoS attack originates from internal devices.

B.  

A DoS attack targets one server; a DDoS attack targets all the clients that use a server.

C.  

A DDoS attack targets multiple devices, while a DoS is designed to incapacitate only one device.

D.  

A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device.