A is correct
You are configuring ArubaOS-CX switches to tunnel client traffic to an Aruba Mobility Controller
(MC). What should you do to enhance security for control channel communications between the
switches and the MC?
C
You have been asked to rind logs related to port authentication on an ArubaOS-CX switch for events
logged in the past several hours But. you are having trouble searching through the logs What is one
approach that you can take to find the relevant logs?
A
A is correct
What is a reason to set up a packet capture on an Aruba Mobility Controller (MC)?
C
What is an example or phishing?
D
Refer to the exhibit.
You are deploying a new ArubaOS Mobility Controller (MC), which is enforcing authentication to
Aruba ClearPass Policy Manager (CPPM). The authentication is not working correctly, and you find
the error shown In the exhibit in the CPPM Event Viewer.
What should you check?
C
Correct must be B) - C cant be correct, because: if the IP isnt correct, we cant see anything in CPPM, because it cant reach it..
What is one way that Control Plane Security (CPsec) enhances security for me network?
A
CPsec protects control traffic between APs and MCs with secure IPsec tunnels. As
Im not quite sure, but i think its D) It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping.
CPsec (Control Plane Security) is an Aruba-specific feature that provides encryption and authentication for control traffic (not data traffic) between:
Aruba Access Points (APs)
Mobility Controllers (MCs)
You are managing an Aruba Mobility Controller (MC). What is a reason for adding a "Log Settings"
definition in the ArubaOS Diagnostics > System > Log Settings page?
A
Answer is B.
"Sometimes you might need to log or debug events on a particular user or AP. You can set up
this targeted logging in the Diagnostics > Logs > Log Settings page. Click the + icon."
B. Configuring the MC to generate logs for a particular event category and level, but only for a specific user or AP.
Sorry, i was wrong. Configuring the MC to generate logs for a particular event category and level, but only for a specific user or AP. is NOT right!
A company with 382 employees wants to deploy an open WLAN for guests. The company wants the
experience to be as follows:
The company also wants to provide encryption for the network for devices mat are capable, you
implement Tor the WLAN?
Which security options should
C
Which is a correct description of a stage in the Lockheed Martin kill chain?
B
In the installation phase:
The malware creates a backdoor into the system through which the hacker can access the system.
D. In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.
Let’s break it down by stage of the Lockheed Martin Cyber Kill Chain:
Exploitation (Stage 4):
The delivered malware is triggered, usually by exploiting a system vulnerability.
Installation (Stage 5):
The malware installs a backdoor or other persistent mechanism to maintain access for the attacker.
What is a Key feature of me ArubaOS firewall?
B
The ArubaOS firewall is stateful and role-based. By treating each client differently based on its role, the ArubaOS firewall can micro-segment traffic within the same VLAN.
A. correct
B. includes ALGs, but they have nothing to do with web site reputation
C. primary source for control are roles
D. can filter ethernet just as good
The firewall is stateful, meaning it tracks active sessions and automatically allows return traffic for connections that were initiated and permitted — such as allowing return packets for an outgoing web request.
And:
It enforces policies based on user roles, not just IP addresses or VLANs.
What is symmetric encryption?
C
What is one way that WPA3-PerSonal enhances security when compared to WPA2-Personal?
A
Answer is B, simultaneous authentication of equals
Refer to the exhibit, which shows the current network topology.
You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility
Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the
forwarding mode and Implements WPA3-Enterprise security
What is a guideline for setting up the vlan for wireless devices connected to the WLAN?
B
Answer is A, one VLAN for tunneled traffic to MC which enforces policies based on roles.
I'm not quite sure, but i think it refers to the config for the MC and not for the switches.
So the correct answer is then: D) Use wireless user roles to assign the devices to a range of new vlan IDs. ?
What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?
B
You are deploying an Aruba Mobility Controller (MC). What is a best practice for setting up secure
management access to the ArubaOS Web UP
C
A - only one zone for user and control traffic
B - correct
C - CPsec only on APs, not CX-switches
D. client vlan irrelevant
for ma is A
is possible to create two ubt zone where one is for control channel and asigned interface is mgmt vlan and other for client trafic
A is wrong. UBT zones do not exist as a separate control mechanism – this is not a recognized term or method for ensuring security.