Aruba Certified Network Security Associate Exam Questions and Answers
You have an Aruba Mobility Controller (MC) that is locked in a closet. What is another step that Aruba recommends to protect the MC from unauthorized access?
You are configuring ArubaOS-CX switches to tunnel client traffic to an Aruba Mobility Controller (MC). What should you do to enhance security for control channel communications between the switches and the MC?
What is one of the policies that a company should define for digital forensics?
A company has Aruba Mobility Controllers (MCs). Aruba campus APs. and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type The ClearPass admins tell you that they want to run Network scans as part of the solution
What should you do to configure the infrastructure to support the scans?
Two wireless clients, client 1 and client 2, are connected to an ArubaOS Mobility Controller. Subnet 10.1.10.10/24 is a network of servers on the other side of the ArubaOS firewall. The exhibit shows all three firewall rules that apply to these clients.
Which traffic is permitted?
Refer to the exhibit.
This Aruba Mobility Controller (MC) should authenticate managers who access the Web Ul to ClearPass Policy Manager (CPPM) ClearPass admins have asked you to use RADIUS and explained that the MC should accept managers' roles in Aruba-Admin-Role VSAs
Which setting should you change to follow Aruba best security practices?
What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?
Refer to the exhibit.
This company has ArubaOS-Switches. The exhibit shows one access layer switch, Swllcn-2. as an example, but the campus actually has more switches. The company wants to slop any internal users from exploiting ARP
What Is the proper way to configure the switches to meet these requirements?
Which is a use case for enabling Control Plane Policing on Aruba switches?
What does the NIST model for digital forensics define?
Which attack is an example or social engineering?
Your company policies require you to encrypt logs between network infrastructure devices and Syslog servers. What should you do to meet these requirements on an ArubaOS-CX switch?
A company with 382 employees wants to deploy an open WLAN for guests. The company wants the experience to be as follows:
The company also wants to provide encryption for the network for devices mat are capable, you implement Tor the WLAN?
Which security options should
How should admins deal with vulnerabilities that they find in their systems?
Which scenario requires the Aruba Mobility Controller to use a Server Certificate?
You need to set up Aruba network infrastructure devices for management with SNMP. The SNMP server has this SNMPv3 user configured on it: username: airwave auth algorithm: sha auth key: fyluqp18@S!9a priv algorithm: aes priv key: 761oxaiaoeu19&
What correctly describes the setup on the infrastructure device?
You need to implement a WPA3-Enterprise network that can also support WPA2-Enterprise clients. What is a valid configuration for the WPA3-Enterprise WLAN?
What is the purpose of an Enrollment over Secure Transport (EST) server?
Your ArubaoS solution has detected a rogue AP with Wireless intrusion Prevention (WIP). Which information about the detected radio can best help you to locate the rogue device?
How can ARP be used to launch attacks?
Refer to the exhibit.
You have set up a RADIUS server on an ArubaOS Mobility Controller (MC) when you created a WLAN named "MyEmployees .You now want to enable the MC to accept change of authorization (CoA) messages from this server for wireless sessions on this WLAN.
What Is a part of the setup on the MC?
What is one way that WPA3-Enterprise enhances security when compared to WPA2-Enterprise?
What is a use case for Transport Layer Security (TLS)?
What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?
What is a consideration for implementing wireless containment in response to unauthorized devices discovered by ArubaOS Wireless Intrusion Detection (WIP)?
Refer to the exhibit.
You need to ensure that only management stations in subnet 192.168.1.0/24 can access the ArubaOS-Switches' CLI. Web Ul. and REST interfaces The company also wants to let managers use these stations to access other parts of the network What should you do?
An admin has created a WLAN that uses the settings shown in the exhibits (and has not otherwise adjusted the settings in the AAA profile) A client connects to the WLAN Under which circumstances will a client receive the default role assignment?
What are the roles of 802.1X authenticators and authentication servers?
You have an Aruba solution with multiple Mobility Controllers (MCs) and campus APs. You want to deploy a WPA3-Enterprise WLAN and authenticate users to Aruba ClearPass Policy Manager (CPPM) with EAP-TLS.
What is a guideline for ensuring a successful deployment?
What purpose does an initialization vector (IV) serve for encryption?
What is a guideline for creating certificate signing requests (CSRs) and deploying server Certificates on ArubaOS Mobility Controllers (MCs)?