HP ProCurve Security
Exam Questions, Answers,
I would like to thanks www.examcheats.net for giving
such a handy material fort papers.
A school needs to deploy a 5300 series switch in a lab
where students and faculty have physical access to the
switch. If the network administrator disables the front
panel "clear password" and "factory reset"
options, what must the administrator do to recover from
a lost manager-level password?
A. Press the "Reset" button and issue the
command no front-panel-security password-clear reset-on-clear
from the serial port within 60 seconds.
B. Contact HP Customer Care to obtain a one-time use
C. From the CLI, issue the command no front-panel-security
password-clear reset-on-clear and press the "clear"
button on the front panel.
D. Telnet from a client on the management VLAN, issue
the command front-panel-security password-recovery and
type pwrecover at the password prompt.
A software company uses 802.1X to authenticate all users
on the network and to allow contract employees access
to the network only during normal business hours. What
is the best approach for configuring this time restriction?
A. Configure a "Time Restriction" policy and
assign the user accounts for each contract employee
to the policy.
B. Configure an access policy on the RADIUS server that
associates a time restriction with usernames of the
C. Create a "contractors" group in Active
Directory (LDAP) and assign time restrictions to the
D. Configure an access policy on the RADIUS server that
associates a time restriction with a "contractors"
The network administrator of a university realizes that
students in the on campus housing are connecting wireless
acccess points and switches to the network. The administrator
wants to limit a particular port to one MAC address
at a time, but is not concerned about the actual address.
Which security feature on the 5300xl provides flexibility
while effectively limiting a port to a single MAC address
at a time?
A. Port security learn mode limited-continuous
B. MAC lockdown learn mode limited-continuous
C. MAC lockout learn mode limited-continuous
D. 802.1X MAC authentication
You have a new customer who is very concerned about
the security of his internal campus network. You suggest
that the HP ProCurve Access Control Solution may provide
the level of safety and security that he is looking
for. Which options are part of the HP ProCurve Access
Control Solution? Select THREE.
A. Web Authentication
B. Intrusion Detection Systems
C. Hardware Firewalls
D. Access Control Lists
E. 802.1X Authentication
F. Virtual Private Networks
G. Anti-Virus Software
A pharmaceutical company has recently moved into a new
three-story office building. They are sharing a core
routing switch between two departments: human resources,
and research and development. Both departments have
edge switches deployed and neither department wants
the other to have management access to their respective
HP ProCurve edge switches. Which security measures would
be recommended to limit management access to the respective
departments? Select TWO.
C. Authorized IP Managers
D. management VLANs
E. Microsoft Windows User Domain Security limits
The HP ProCurve Access Control Security Solution is
primarily designed to protect the edge of the internal
network. Which problem could be solved by implementing
the Access Control Security Solution?
A. a computer virus that infects PC operating systems
B. an Internet hacker who compromises a public web server
from outside the firewall
C. an unauthorized user who gains access to the campus
network through open ports
D. an Internet hacker who launches a Denial of Service
attack against a gateway router
There is a customer environment where both employees
and visitors will have access to network resources.
When considering issues dealing with physical security,
which questions should you consider? Select THREE.
A. Which ports are assigned to the management VLAN?
B. Who has access to the room?
C. Is there a 'visitor' policy?
D. Who knows the manager level passwords?
E. Is it in a secure area of the building?
F. Does the data center meet Military Level Security
G. Has accessibility been limited to administrators
SNMP version 3 introduces security features that may
be incompatible with managment applications that use
previous versions of SNMP. Which command allows an SNMPv2
management application to access an HP ProCurve switch
that must also support SNMPv3 in a secure network environment?
A. snmpv3 community ro
B. snmpv3 restricted-access
C. snmpv3 enable-v2-access
D. snmpv3 enable community ro
When a customer is implementing SSH on HP ProCurve switches,
what are the correct locations for the keys? Select
A. Client private keys are stored on the client.
B. Switch private keys are stored on the client.
C. Client public keys are stored on the switch.
D. Client private keys are stored on the switch.
E. Client private and public keys are stored on the
client and switch.