- Email support@dumps4free.com
What is a correct guideline for the management protocols that you should use on ArubaOS-Switches?
A. Disable Telnet and use TFTP instead.
B. Disable SSH and use https instead.
C. Disable Telnet and use SSH instead
D. Disable HTTPS and use SSH instead
Explanation:
In managing ArubaOS-Switches, the best practice is to disable less secure protocols such as Telnet and use more secure alternatives like SSH (Secure Shell). SSH provides encrypted connections between network devices, which is critical for maintaining the security and integrity of network communications. This guideline is aligned with general security best practices that prioritize the use of protocols with strong, built-in encryption mechanisms to prevent unauthorized access and ensure data privacy.
Reference:
[Reference: This is a general network management and security practice recommended across various platforms, including but not limited to ArubaOS-Switch documentation and other network security resources., ]
What is one way that Control Plane Security (CPsec) enhances security for me network?
A. It protects wireless clients' traffic tunneled between APs and Mobility Controllers, from eavesdropping
B. It prevents Denial of Service (DoS) attacks against Mobility Controllers' (MCs") control plane.
C. It prevents access from unauthorized IP addresses to critical services, such as SSH on Mobility Controllers (MCs).
D. It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping.
Explanation:
Control Plane Security (CPsec) enhances security in the network by protecting management traffic between APs and Mobility Controllers (MCs) from eavesdropping. CPsec ensures that all control and management traffic that transits the network is encrypted, thus preventing potential attackers from gaining access to sensitive management data. It helps in securing the network's control plane, which is crucial for maintaining the integrity and privacy of the network operations.
References:
• Aruba Networks' CPsec documentation.
Which correctly describes a way to deploy certificates to end-user devices?
A. ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
B. ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them
C. ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
D. in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates
Explanation:
ClearPass Onboard is part of the Aruba ClearPass suite and it provides a mechanism to deploy certificates to end-user devices, regardless of whether or not they are members of a Windows domain. ClearPass Onboard facilitates the configuration and provisioning of network settings and security, including the delivery and installation of certificates to ensure secure network access. This capability enables a bring-your-own-device (BYOD) environment where devices can be securely managed and provided with the necessary certificates for network authentication.
What is an example or phishing?
A. An attacker sends TCP messages to many different ports to discover which ports are open.
B. An attacker checks a user’s password by using trying millions of potential passwords.
C. An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.
D. An attacker sends emails posing as a service team member to get users to disclose their passwords.
Explanation:
Phishing is a type of social engineering attack where an attacker impersonates a trusted entity to deceive people into providing sensitive information, such as passwords or credit card numbers. An example of phishing is when an attacker sends emails posing as a service team member or a legitimate organization with the intention of getting users to disclose their passwords or other confidential information. These emails often contain links to fake websites that look remarkably similar to legitimate ones, tricking users into entering their details.
References:
• Cybersecurity guidelines on identifying and preventing phishing attacks.
A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-Switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. This company is using only CPPM and no other ClearPass solutions.
The ClearPass admins tell you that they want to use HTTP User-Agent strings to help classify endpoints.
What should you do as a part of configuring the ArubaOS-Switches to support this requirement?
A. Create a device fingerprinting policy that includes HTTP, and apply the policy to edge ports.
B. Create remote mirrors that collect traffic on edge ports, and mirror it to CPPM's IP address.
C. Configure CPPM as the sFlow collector, and make sure that sFlow is enabled on edge ports.
D. Connect the switches to CPPM's span ports, and set up mirroring of HTTP traffic on the switches.
| Page 2 out of 22 Pages |
| Previous |