HP Exam HPE6-A78 Topic 3 Question 43 Discussion

Actual exam question for HP's HPE6-A78 exam

Question #: 43
Topic #: 3

Refer to the exhibit.

This company has ArubaOS-Switches. The exhibit shows one access layer switch, Swllcn-2. as an example, but the campus actually has more switches. The company wants to slop any internal users from exploiting ARP

What Is the proper way to configure the switches to meet these requirements?

AOn Switch-1, enable ARP protection globally, and enable ARP protection on ail VLANs.

BOn Switch-2, make ports connected to employee devices trusted ports for ARP protection

COn Swltch-2, enable DHCP snooping globally and on VLAN 201 before enabling ARP protection

DOn Swltch-2, configure static PP-to-MAC bindings for all end-user devices on the network

Show Suggested Answer

Suggested Answer: A

by Thaddeus at Nov 25, 2023, 04:04 AM

Limited Time Offer

25%

Off

Get Premium HPE6-A78 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lemuel

17 days ago

I'm torn between Options C and D. Maybe I'll just ask the switches to settle this in an ARP battle royale.

upvoted 0 times

...

Dexter

21 days ago

Option A is tempting, but I'm not sure enabling ARP protection on all VLANs is necessary. Probably overkill.

upvoted 0 times

...

Stefania

25 days ago

Option B seems a bit too simplistic. Trusted ports alone won't cut it - we need to enable ARP protection globally.

upvoted 0 times

...

Xuan

25 days ago

I'd go with Option D. Static IP-to-MAC bindings are a rock-solid way to prevent ARP attacks, though it might be a bit more manual.

upvoted 0 times

Kassandra

11 days ago

User3: It's worth the effort to ensure network security though.

upvoted 0 times

...

Kent

20 days ago

User2: Yeah, static IP-to-MAC bindings are reliable but might require more manual work.

upvoted 0 times

...

Josefa

22 days ago

User1: I think Option D is the best choice for preventing ARP attacks.

upvoted 0 times

...

Jeannine

1 months ago

Option C sounds like the way to go. DHCP snooping is a key prerequisite for ARP protection to work effectively.

upvoted 0 times

Yan

24 days ago

A) On Switch-1, enable ARP protection globally, and enable ARP protection on all VLANs.

upvoted 0 times

...

Samira

2 months ago

I'm not sure, but I think enabling DHCP snooping globally and on VLAN 201 before enabling ARP protection on Switch-2 could also be a valid option.

upvoted 0 times

...

Sherman

2 months ago

I disagree, I believe the correct answer is D) On Switch-2, configure static IP-to-MAC bindings for all end-user devices on the network.

upvoted 0 times

...

Fidelia

2 months ago

I think the answer is A) On Switch-1, enable ARP protection globally, and enable ARP protection on all VLANs.

upvoted 0 times

...