Which is a correct description of a Public Key Infrastructure (PKI)?
A. A device uses Intermediate Certification Authorities (CAs) to enable it to trust root CAs that are different from the root CA that signed its own certificate.
B. A user must manually choose to trust intermediate and end-entity certificates, or those certificates must be installed on the device as trusted in advance.
C. Root Certification Authorities (CAs) primarily sign certificates, and Intermediate Certification Authorities (CAs) primarily validate signatures.
D. A user must manually choose to trust a root Certification Authority (CA) certificate, or the root CA certificate must be installed on the device as trusted.
Explanation:
Public Key Infrastructure (PKI) relies on a trusted root Certification Authority (CA) to issue certificates. Devices and users must trust the root CA for the PKI to be effective. If a root CA certificate is not pre-installed or manually chosen to be trusted on a device, any certificates issued by that CA will not be inherently trusted by the device.
Reference:
[Reference: The concept and structure of PKI are detailed in various security literature, such as NIST Special Publication 800-32 - Introduction to Public Key Technology and the Federal PKI Infrastructure., ]
What are some functions of an AruDaOS user role?
A. The role determines which authentication methods the user must pass to gain network access
B. The role determines which firewall policies and bandwidth contract apply to the clients traffic
C. The role determines which wireless networks (SSiDs) a user is permitted to access
D. The role determines which control plane ACL rules apply to the client's traffic
Explanation:
An ArubaOS user role determines the firewall policies and bandwidth contracts that apply to the client’s traffic. When a user is authenticated, they are assigned a role, and this role has associated policies that govern network access rights, Quality of Service (QoS), Layer 2 forwarding, Layer 3 routing behaviors, and bandwidth contracts for users or devices.
References:
• Aruba Networks official documentation on user roles in ArubaOS.
• Technical guides that detail user role definitions and their impact on network policies.
How should admins deal with vulnerabilities that they find in their systems?
A. They should apply fixes, such as patches, to close the vulnerability before a hacker exploits it.
B. They should add the vulnerability to their Common Vulnerabilities and Exposures (CVE).
C. They should classify the vulnerability as malware. a DoS attack or a phishing attack.
D. They should notify the security team as soon as possible that the network has already been breached.
Explanation:
When vulnerabilities are identified in systems, it is crucial for administrators to act immediately to mitigate the risk of exploitation by attackers. The appropriate response involves applying fixes, such as software patches or configuration changes, to close the vulnerability. This proactive approach is necessary to protect the integrity, confidentiality, and availability of the system resources and data. It's important to prioritize these actions based on the severity and exploitability of the vulnerability to ensure that the most critical issues are addressed first.References:
• Best practices in system security management.
What is a use case for tunneling traffic between an Aruba switch and an AruDa Mobility Controller (MC)?
A. applying firewall policies and deep packet inspection to wired clients
B. enhancing the security of communications from the access layer to the core with data encryption
C. securing the network infrastructure control plane by creating a virtual out-of-band-management network
D. simplifying network infrastructure management by using the MC to push configurations to the switches
Explanation:
Tunneling traffic between an Aruba switch and an Aruba Mobility Controller (MC) allows for the centralized application of firewall policies and deep packet inspection to wired clients. By directing traffic through the MC, network administrators can implement a consistent set of security policies across both wired and wireless segments of the network, enhancing overall network security posture.
Reference:
[Reference: Aruba Networks documentation details the use cases for tunneling traffic to an MC, including the application of security and access controls on network traffic., ]
How can ARP be used to launch attacks?
A. Hackers can use ARP to change their NIC's MAC address so they can impersonate legiti-mate users.
B. Hackers can exploit the fact that the port used for ARP must remain open and thereby gain remote access to another user's device.
C. A hacker can use ARP to claim ownership of a CA-signed certificate that actually belongs to another device.
D. A hacker can send gratuitous ARP messages with the default gateway IP to cause devices to redirect traffic to the hacker's MAC address.
Explanation:
ARP (Address Resolution Protocol) can indeed be exploited to conduct various types of attacks, most notably ARP spoofing/poisoning. Gratuitous ARP is a special kind of ARP message which is used by an IP node to announce or update its IP to MAC mapping to the entire network. A hacker can abuse this by sending out gratuitous ARP messages pretending to associate the IP address of the router (default gateway) with their own MAC address. This results in traffic that was supposed to go to the router being sent to the attacker instead, thus potentially enabling the attacker to intercept, modify, or block traffic.
What is a correct guideline for the management protocols that you should use on ArubaOS-Switches?
A. Disable Telnet and use TFTP instead.
B. Disable SSH and use https instead.
C. Disable Telnet and use SSH instead
D. Disable HTTPS and use SSH instead
Explanation:
In managing ArubaOS-Switches, the best practice is to disable less secure protocols such as Telnet and use more secure alternatives like SSH (Secure Shell). SSH provides encrypted connections between network devices, which is critical for maintaining the security and integrity of network communications. This guideline is aligned with general security best practices that prioritize the use of protocols with strong, built-in encryption mechanisms to prevent unauthorized access and ensure data privacy.
Reference:
[Reference: This is a general network management and security practice recommended across various platforms, including but not limited to ArubaOS-Switch documentation and other network security resources., ]
What is one way that Control Plane Security (CPsec) enhances security for me network?
A. It protects wireless clients' traffic tunneled between APs and Mobility Controllers, from eavesdropping
B. It prevents Denial of Service (DoS) attacks against Mobility Controllers' (MCs") control plane.
C. It prevents access from unauthorized IP addresses to critical services, such as SSH on Mobility Controllers (MCs).
D. It protects management traffic between APs and Mobility Controllers (MCs) from eavesdropping.
Explanation:
Control Plane Security (CPsec) enhances security in the network by protecting management traffic between APs and Mobility Controllers (MCs) from eavesdropping. CPsec ensures that all control and management traffic that transits the network is encrypted, thus preventing potential attackers from gaining access to sensitive management data. It helps in securing the network's control plane, which is crucial for maintaining the integrity and privacy of the network operations.
References:
• Aruba Networks' CPsec documentation.
Which correctly describes a way to deploy certificates to end-user devices?
A. ClearPass Onboard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
B. ClearPass Device Insight can automatically discover end-user devices and deploy the proper certificates to them
C. ClearPass OnGuard can help to deploy certificates to end-user devices, whether or not they are members of a Windows domain
D. in a Windows domain, domain group policy objects (GPOs) can automatically install computer, but not user certificates
Explanation:
ClearPass Onboard is part of the Aruba ClearPass suite and it provides a mechanism to deploy certificates to end-user devices, regardless of whether or not they are members of a Windows domain. ClearPass Onboard facilitates the configuration and provisioning of network settings and security, including the delivery and installation of certificates to ensure secure network access. This capability enables a bring-your-own-device (BYOD) environment where devices can be securely managed and provided with the necessary certificates for network authentication.
What is an example or phishing?
A. An attacker sends TCP messages to many different ports to discover which ports are open.
B. An attacker checks a user’s password by using trying millions of potential passwords.
C. An attacker lures clients to connect to a software-based AP that is using a legitimate SSID.
D. An attacker sends emails posing as a service team member to get users to disclose their passwords.
Explanation:
Phishing is a type of social engineering attack where an attacker impersonates a trusted entity to deceive people into providing sensitive information, such as passwords or credit card numbers. An example of phishing is when an attacker sends emails posing as a service team member or a legitimate organization with the intention of getting users to disclose their passwords or other confidential information. These emails often contain links to fake websites that look remarkably similar to legitimate ones, tricking users into entering their details.
References:
• Cybersecurity guidelines on identifying and preventing phishing attacks.
A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-Switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. This company is using only CPPM and no other ClearPass solutions.
The ClearPass admins tell you that they want to use HTTP User-Agent strings to help classify endpoints.
What should you do as a part of configuring the ArubaOS-Switches to support this requirement?
A. Create a device fingerprinting policy that includes HTTP, and apply the policy to edge ports.
B. Create remote mirrors that collect traffic on edge ports, and mirror it to CPPM's IP address.
C. Configure CPPM as the sFlow collector, and make sure that sFlow is enabled on edge ports.
D. Connect the switches to CPPM's span ports, and set up mirroring of HTTP traffic on the switches.
A company has an Aruba solution with a Mobility Master (MM) Mobility Controllers (MCs) and campus Aps. What is one benefit of adding Aruba Airwave from the perspective of forensics?
A. Airwave can provide more advanced authentication and access control services for the AmbaOS solution
B. Airwave retains information about the network for much longer periods than ArubaOS solution
C. Airwave is required to activate Wireless Intrusion Prevention (WIP) services on the ArubaOS solution
D. AirWave enables low level debugging on the devices across the ArubaOS solution
A company with 439 employees wants to deploy an open WLAN for guests. The company wants the experience to be as follows:
*Guests select the WLAN and connect without having to enter a password.
*Guests are redirected to a welcome web page and log in.
The company also wants to provide encryption for the network for devices that are capable. Which security options should you implement for the WLAN?
A. Opportunistic Wireless Encryption (OWE) and WPA3-Personal
B. WPA3-Personal and MAC-Auth
C. Captive portal and Opportunistic Wireless Encryption (OWE) in transition mode
D. Captive portal and WPA3-Personal
| Page 1 out of 9 Pages |