HP ProCurve Security
Exam Questions, Answers,
I would like to thanks Examcheets.com for giving
such a handy material fort papers.
A school needs to deploy a 5300 series switch in a
lab where students and faculty have physical access
to the switch. If the network administrator disables
the front panel "clear password" and "factory
reset" options, what must the administrator do
to recover from a lost manager-level password?
A. Press the "Reset" button and issue the
command no front-panel-security password-clear reset-on-clear
from the serial port within 60 seconds.
B. Contact HP Customer Care to obtain a one-time use
C. From the CLI, issue the command no front-panel-security
password-clear reset-on-clear and press the "clear"
button on the front panel.
D. Telnet from a client on the management VLAN, issue
the command front-panel-security password-recovery
and type pwrecover at the password prompt.
A software company uses 802.1X to authenticate all
users on the network and to allow contract employees
access to the network only during normal business
hours. What is the best approach for configuring this
A. Configure a "Time Restriction" policy
and assign the user accounts for each contract employee
to the policy.
B. Configure an access policy on the RADIUS server
that associates a time restriction with usernames
of the contract employees.
C. Create a "contractors" group in Active
Directory (LDAP) and assign time restrictions to the
D. Configure an access policy on the RADIUS server
that associates a time restriction with a "contractors"
The network administrator of a university realizes
that students in the on campus housing are connecting
wireless acccess points and switches to the network.
The administrator wants to limit a particular port
to one MAC address at a time, but is not concerned
about the actual address. Which security feature on
the 5300xl provides flexibility while effectively
limiting a port to a single MAC address at a time?
A. Port security learn mode limited-continuous
B. MAC lockdown learn mode limited-continuous
C. MAC lockout learn mode limited-continuous
D. 802.1X MAC authentication
You have a new customer who is very concerned about
the security of his internal campus network. You suggest
that the HP ProCurve Access Control Solution may provide
the level of safety and security that he is looking
for. Which options are part of the HP ProCurve Access
Control Solution? Select THREE.
A. Web Authentication
B. Intrusion Detection Systems
C. Hardware Firewalls
D. Access Control Lists
E. 802.1X Authentication
F. Virtual Private Networks
G. Anti-Virus Software
A pharmaceutical company has recently moved into a
new three-story office building. They are sharing
a core routing switch between two departments: human
resources, and research and development. Both departments
have edge switches deployed and neither department
wants the other to have management access to their
respective HP ProCurve edge switches. Which security
measures would be recommended to limit management
access to the respective departments? Select TWO.
C. Authorized IP Managers
D. management VLANs
E. Microsoft Windows User Domain Security limits
The HP ProCurve Access Control Security Solution is
primarily designed to protect the edge of the internal
network. Which problem could be solved by implementing
the Access Control Security Solution?
A. a computer virus that infects PC operating systems
B. an Internet hacker who compromises a public web
server from outside the firewall
C. an unauthorized user who gains access to the campus
network through open ports
D. an Internet hacker who launches a Denial of Service
attack against a gateway router
There is a customer environment where both employees
and visitors will have access to network resources.
When considering issues dealing with physical security,
which questions should you consider? Select THREE.
A. Which ports are assigned to the management VLAN?
B. Who has access to the room?
C. Is there a 'visitor' policy?
D. Who knows the manager level passwords?
E. Is it in a secure area of the building?
F. Does the data center meet Military Level Security
G. Has accessibility been limited to administrators
SNMP version 3 introduces security features that may
be incompatible with managment applications that use
previous versions of SNMP. Which command allows an
SNMPv2 management application to access an HP ProCurve
switch that must also support SNMPv3 in a secure network
A. snmpv3 community ro
B. snmpv3 restricted-access
C. snmpv3 enable-v2-access
D. snmpv3 enable community ro
When a customer is implementing SSH on HP ProCurve
switches, what are the correct locations for the keys?
A. Client private keys are stored on the client.
B. Switch private keys are stored on the client.
C. Client public keys are stored on the switch.
D. Client private keys are stored on the switch.
E. Client private and public keys are stored on the
client and switch.