Valid HPE6-A47 Dumps shared by ExamDiscuss.com for Helping Passing HPE6-A47 Exam! ExamDiscuss.com now offer the newest HPE6-A47 exam dumps, the ExamDiscuss.com HPE6-A47 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com HPE6-A47 dumps with Test Engine here:
Access HPE6-A47 Dumps Premium Version
(67 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 26/28
A plan includes these security settings for the employee WLAN:
WPA2-Enterprise with AES encryption
802.1X with PEAP-MSCHAPv2
However, the customer wants to use certificates to authenticate user devices. Which change brings the plan in alignment with the customer requirements?
WPA2-Enterprise with AES encryption
802.1X with PEAP-MSCHAPv2
However, the customer wants to use certificates to authenticate user devices. Which change brings the plan in alignment with the customer requirements?
Correct Answer: A
The customer wants to use certificates to authenticate user devices, which means that they need a strong and secure method of verifying the identity of the devices that connect to the employee WLAN. The best option for this is to use EAP-TLS instead of PEAP-MSCHAPv2. EAP-TLS stands for Extensible Authentication Protocol-Transport Layer Security, and it is a protocol that uses certificates on both the client and the server side to establish a mutual authentication and a secure channel for data exchange. EAP-TLS is considered the most secure EAP method, as it prevents common attacks such as dictionary attacks, man-in-the-middle attacks, and replay attacks.
The other options are not suitable for the customer requirements:
Option B is incorrect because TKIP encryption is weaker than AES encryption. TKIP stands for Temporal Key Integrity Protocol, and it is an older encryption method that was designed to replace WEP, which had serious security flaws. However, TKIP also has some vulnerabilities, and it is not recommended for modern WLANs. AES stands for Advanced Encryption Standard, and it is a newer and stronger encryption method that provides better security and performance for WLANs.
Option C is incorrect because WPA2-PSK is less secure than WPA2-Enterprise. WPA2-PSK stands for Wi-Fi Protected Access 2-Pre-Shared Key, and it is a security mode that uses a common passphrase or key to authenticate all devices that connect to the WLAN. However, this passphrase or key can be easily compromised or shared, and it does not provide individual authentication or encryption for each device.
WPA2-Enterprise stands for Wi-Fi Protected Access 2-Enterprise, and it is a security mode that uses a RADIUS server to authenticate each device individually and dynamically generate encryption keys for each session. WPA2-Enterprise provides better security and scalability for WLANs.
Option D is incorrect because TTLS does not use certificates to authenticate user devices. TTLS stands for Tunneled Transport Layer Security, and it is a protocol that uses certificates only on the server side to establish a secure tunnel for data exchange. The client side can use different methods to authenticate, such as passwords, tokens, or certificates. However, TTLS does not require certificates on the client side, and it is less secure than EAP-TLS.
References:
ArubaOS 8.5 User Guide)
ArubaOS 8.5 Security Guide)
Aruba Certified Design Professional Official Certification Study Guide (HPE6-A47))
The other options are not suitable for the customer requirements:
Option B is incorrect because TKIP encryption is weaker than AES encryption. TKIP stands for Temporal Key Integrity Protocol, and it is an older encryption method that was designed to replace WEP, which had serious security flaws. However, TKIP also has some vulnerabilities, and it is not recommended for modern WLANs. AES stands for Advanced Encryption Standard, and it is a newer and stronger encryption method that provides better security and performance for WLANs.
Option C is incorrect because WPA2-PSK is less secure than WPA2-Enterprise. WPA2-PSK stands for Wi-Fi Protected Access 2-Pre-Shared Key, and it is a security mode that uses a common passphrase or key to authenticate all devices that connect to the WLAN. However, this passphrase or key can be easily compromised or shared, and it does not provide individual authentication or encryption for each device.
WPA2-Enterprise stands for Wi-Fi Protected Access 2-Enterprise, and it is a security mode that uses a RADIUS server to authenticate each device individually and dynamically generate encryption keys for each session. WPA2-Enterprise provides better security and scalability for WLANs.
Option D is incorrect because TTLS does not use certificates to authenticate user devices. TTLS stands for Tunneled Transport Layer Security, and it is a protocol that uses certificates only on the server side to establish a secure tunnel for data exchange. The client side can use different methods to authenticate, such as passwords, tokens, or certificates. However, TTLS does not require certificates on the client side, and it is less secure than EAP-TLS.
References:
ArubaOS 8.5 User Guide)
ArubaOS 8.5 Security Guide)
Aruba Certified Design Professional Official Certification Study Guide (HPE6-A47))
- Question List (28q)
- Question 1: Refer to the exhibit. (Exhibit) An architect determines that...
- Question 2: A customer has several clusters of Aruba 325 Instant APs. Th...
- Question 3: Read this scenario thoroughly, and then answer each question...
- Question 4: Refer to the exhibit. (Exhibit) A customer needs to upgrade ...
- Question 5: Refer to the exhibit. (Exhibit) The exhibit shows the curren...
- Question 6: An architect plans to purpose two Aruba Mobility Controllers...
- Question 7: An architect proposes an Aruba solution with a hardware Mobi...
- Question 8: A customer requires high availability for wireless services,...
- Question 9: An architect needs to plan the RF coverage. Which applicatio...
- Question 10: Which benefit does Aruba AirWare Clarity provide to customer...
- Question 11: The customer has an office environment with users who have l...
- Question 12: Refer to the exhibit. Exhibit 1. (Exhibit) Exhibit 2. (Exhib...
- Question 13: An enterprise needs an upgrade to 802.11ac. Users run applic...
- Question 14: An architect needs to deliver an upgrade to an 802.11ac-base...
- Question 15: Refer to the exhibit. (Exhibit) The customer requires fast f...
- Question 16: A customer has very high availability requirements for wirel...
- Question 17: A customer needs a networking solution that supports their M...
- Question 18: Refer to the exhibit. (Exhibit) What is one reason for an ar...
- Question 19: An Aruba wireless solution for a very high density (VHD) wir...
- Question 20: An architect simulates VoIP calls and tests the throughput a...
- Question 21: A customer requires a wireless upgrade. The architect propos...
- Question 22: An architect proposes an Aruba wireless solution for a custo...
- Question 23: What typically drives the need for an aggregation layer in m...
- Question 24: A customer currently has an Instant AP deployment. Which cus...
- Question 25: For which scenario does the Aruba backplane stacking technol...
- Question 26: A plan includes these security settings for the employee WLA...
- Question 27: An RF plan specifies wide sector directional antennas. Refer...
- Question 28: An architect plans to deploy a Mobility Controller (MC) at o...
