http://www.TwPass.com
HP0-Y24
HP
Securing HP ProCurve Networks
http://www.twpass.com/twpass.com/exam.aspx?eCode= HP0-Y24
The HP0-Y24 practice exam is written and formatted by Certified Senior IT Professionals working in
today's prospering companies and data centers all over the world! The HP0-Y24 Practice Test covers
all the exam topics and objectives and will prepare you for success quickly and efficiently.
The HP0-Y24 exam is very challenging, but with our HP0-Y24 questions and answers practice exam,
you can feel confident in obtaining your success on the HP0-Y24 exam on your FIRST TRY!
HP HP0-Y24 Exam Features
- Detailed questions and answers for HP0-Y24 exam
- Try a demo before buying any HP exam
- HP0-Y24 questions and answers, updated regularly
- Verified HP0-Y24 answers by Experts and bear almost 100% accuracy
- HP0-Y24 tested and verified before publishing
- HP0-Y24 exam questions with exhibits
- HP0-Y24 same questions as real exam with multiple choice options
Acquiring HP certifications are becoming a huge task in the field of I.T. More over these
exams like HP0-Y24 exam are now continuously updating and accepting this challenge is itself a task.
This HP0-Y24 test is an important part of HP certifications. We have the resources to
prepare you for this. The HP0-Y24 exam is essential and core part of HP certifications and
once you clear the exam you will be able to solve the real life problems yourself.Want to take
advantage of the Real HP0-Y24 Test and save time and money while developing your skills to pass
your HP HP0-Y24 Exam? Let us help you climb that ladder of success and pass your HP0-Y24 now!
HP0-Y24
QUESTION: 1
The exhibit shows the results of a Windows Vista client authenticating to a 5400zl switch with
NPS as a RADIUS server What is the cause of the Endpoint Integrity State? A: The NAP agent
is disabled on the endpoint B: The RADIUS client is not configured as NAP capable C: The
endpoint is not compliant with NAP/NPS policies D: The NPS server denied access to the user
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=1
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 2
Which authentication protocols are supported by SNMPv3 on the TMS zl Module?(select two)
A: MD4 B: SHA-1 C: SHA-512 D: MD5 E HMAC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=2
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 3
Which role does the authenticator play in the 8021X authentication process? A: It encapsulates
an EAP-access-request inside of a RADIUS response-identity packet and forwards it for
validation B: It creates and sends an access-challenge message to the supplicant to request
client credentials C: It provides two-way translation between EAP messages and RADIUS
messages D: It validates the EAP-identity-request and responds with either an accept or reject
message
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=3
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 4
You are checking the Policy History for an offenderYou look in the Properties section and see
that the offender has triggered many IP Address Sweep events to port 4040 Which threats does
this most likely indicate? (Select two) A: The offender is launching a land attack B: The
offender is conducting a port scan on a single server C: The offender is conducting a port scan
on many devices D: The offender is infected with a worm
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=4
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 5
If a ProCurve Threat Management Services zl Module is installed into slot A in an 8212zl
switch, what is the maximum operating temperature of the chassis? A: 30 degrees Celsius B: 40
degrees Celsius C: 50 degrees Celsius D: 60 degrees Celsius
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=5
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 6
You are responsible for a network built with ProCurve ProVision ASIC switches and need to
implement a threat management solution that can monitor traffic across the network and
analyzy traffic with both signature and anomaly-based methods Which solution would meet
these needs? A: Implement ProCurve NIM to analyze network traffic for threats B: Implement
a ProCurve TMS zl Module in Routing mode at the perimeter of the network to monitor traffic
to and from the Internet connection C: Implement a ProCurve TMS zl Module in Monitor
mode at the core of the network with NIM and use the remote mirroring capabilities of the
switches D: Implement ProCurve NIM to perform anomaly-based threat detection and
Microsoft NAP to perform signature-based threat detection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=6
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 7
Click the Exhibit button Which alert shown in the exhibit is the least sensitive? A: A B: B C: C
D: D
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=7
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 8
Which ProCurve switches support the Virus Throttle technology? (Select two) A: Switch
3400cl B: Switch 5300xl C: Switch 8100fl D: Switch 8200zl E Switch 9300m
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=8
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 9
Click the Exhibit button Sorry, picture is missing What is the reason to configure the policy
settings shown in the exhibit? A: You want the policy to respond to threats from offenders
within this group B: You have set the policy to a source group, so you must set the target group
to match C: You want to perform the same action to a group of devices or ports independent of
where the offender is located D: You want to perform an action on the device that triggered the
policy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=9
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 10
You see IP Address Spoofing alerts triggered by many external IP addresses such as your ISP
DNS server What should you do? A: Notify your ISP that you are being subjected to a
distributed DoS attack B: Exclude external IP addresses from the IP Address spoofing NBAD
Analyzer C: Enable a policy to deal with IP Address Spoofing and DNS Tunneling alerts D:
Exclude your router by MAC address from the IP Address Spoofing NBAD Anaylzer
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=10
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 11
Which attributes can IDM apply to a user�s session after the user has been authenticated?
(Select two) A: VLAN identifier B: logout time C: login session limit D: user group E ingress
rate limit
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=11
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 12
Which type of Protocol Anomaly or Anomalies can the TMS zl Module detect? A: IP Address
Sweep B: DNS Tunnelin C: MIME Headers D: ICMP Echo Request
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=12
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 13
Click the Exhibit button What is the problem with the policy configuration shown in the
exhibits?(Note: There are four exhibits) A: The time has not been configured, so the policy can
never execute B: You should never include a source group in a security policy C: A policy is
allowed only one threat mitigation action; the second action should be a notify action D: A
detected threat will cut off network access for all endpoints in the network E
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=13
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 14
What are reasons to periodically return to the Anaiysis step of the security lifecycle? (Select
two) A: to look for alerts that might require a more effective response B: to conduct a complete
regulatory compliance audit C: to assess the baseline constructed by ProCurve NIM D: to
gather information to support proof of regulatory compliance E to look for possible intrusion
attempts, based on the resources that users acess
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=14
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 15
Click the Exhibit button ProCurve NIM is failing to dynamically mirror traffic to an IDS You
check the mirror on the switch that connects to the offender Based on the information in the
exhibit, what could be causing the problem with mirroring? A: The SNMP settings on the
switch, to which the IDS connects, do not match the settings of PCM B: The manager password
on the switch to which the offender connects does not match the settings of PCM C: The Find
Node tool has failed to locate the offender, so ProCurve NIM cannot execute the action D: No
port has been configured as a mirror destination
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=15
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 16
Your want to track the complete process of threat detection and mitigation in a NIM + IDS
deployment How should you search for the relevant events?(Select two) A: Filter for NIM
events in the Default Agent Group � Events tab B: Filter for Automation events in the Agent
Groups � Events tab C: Filter for NIM events in the Agent Groups � Events tab D: Filter for
NIM events on the Events tab for the IDS E Filter for NIM events in the Devices � Events tab
F Sort by Alert ID in the Policy Manager � Policies � History tab
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=16
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 17
Which statement is correct about the threat mitigation capabilities of ProCurve NIM? A: NIM
can apply a threat mitigation action to supported infrastructure devices B: NIM can mitigate
threats detected by NBAD, but must only log other threats C: NIM can detect threats but relies
on an Intrusion Prevention System (IPS) to mitigate them D: NIM can mitigate threats from
wired offenders, but not wireless offenders
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=17
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 18
You have configured a policy that matches the Port Disable action to a TCP Port Sweep alert
Which statement is correct? A: The Port Disable action should always be accompanied by the
Port Mirror action B: A port scan targeted against a server can cause the server to trigger the
TCP Port Sweep alert C: The TCP Port Sweep alert tracks endpoints by MAC address, so
MAC Lockout is a better action D: The TCP Port Sweep alert is not intended for triggering
threat mitigation actions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=18
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 19
Which protocols are supported by a ProCurve switch fov communication with a RADIUS
server that is used to authenticate 8021X supplicants? (select two): A: MD5-RADIUS B:
CHAP-RADIUS C: MS-CHAPv2-RADIUS D: PAP-SPAP-RADIUS E EAP-RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=19
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 20
Which features are provided in a ProCurve NIM standalone deployment? (Select two) A: threat
mitigation without the aid of PCM+ B: applying mitigation actions near the source of the threat
C: resetting of TCP sessions when threats are detected D: signature-based detection of worms
and other attacks E application of different policies,based on the threat�s place of origin
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=20
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 21
How do you configure PCM+ to generate periodic reports? A: Enable the periodic reports
setting in PCM+ Preferences B: Create policies with schedule-driven alerts and report actions
C: Select the Reports button in the global toolbar D: Configure the schedule in the appropriate
Reports Wizard
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=21
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 22
Which command is used to access the CLI passthrough for a ProCurve ONE Services zl
Module? A: services<SLOT-ID> B: services<SLOT-ID><INDEX-NUMBER> C: tms<SLOTID><INDEX-NUMBER> D: show services
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=22
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 23
A network administrator has successfully implemented Web-auth at the edge of their network
with ProCurve 2610 Series switches with FreeRADIUS as a RADIUS server Now the
administrator is investigating adding more control over the resources that are available to users
when they log into the network What should the administrator use to best accomplish this? A:
Microsoft Network Access Protection B: ProCurve Identity Driven Manager C: ProCurve
Mobility Manager D: ProCurve Network Immunity Manager
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=23
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 24
Click the Exhibit button Based on the exhibit, which statement is correct? A: The Service OS is
running on slot B: B: Threat Management Services is running on Slot C: C: The Service OS is
running on slot C: D: The Service OS is running on slot D:
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=24
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 25
What is a reason to create a custom group for a server zone and set that group as the source for
a NIM policy? A: Servers trigger more false positives, so you set the NBAD sensitivities lower
B: Threats are targeted to servers at all times, so you set the policy to any time C: Servers
handle more mission-critical traffic, so you set less drastic actions D: Threats that are targeted
to servers are more serious, so you set more drastic actions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=25
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 26
What is a feature of anomaly-based threat detection but not signature-based threat detection? A:
detecting worms B: detecting undocumented attacks C: detecting DoS attacks D: detecting
protocol anomalies
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=26
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 27
Click the Exhibit button How can you determine the name of the user who triggered the alert
with a major severity on the device with the IP address 1011010? A: Double-click on the
1011010 device in the list B: Right-click on the 1011010 device in the list and choose View
Alerts C: Change the dropdown box to view by Event instead of Severity D: Go to the Events
tab and filter on events from 1011010
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=27
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 28
Where do you enable and disable policies? A: Policy Manager -- > Policies --> Policies tab B:
Tools --> Preferences --> Policy Management window C: Tools --> Preferences --> Security
Monitoring window D: Policy Manager --> Policies --> Status tab
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=28
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 29
Based on a NAP statement of health, which dynamic network parameter is configurable with
IDM? A: port-security B: Access Control List C: DHCP Snooping D: MAC Lockout
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=29
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 30
When a TMS zl Module in slot C is acting as an IDS, which port is used for mirrored traffic?
A: C1 B: C2 C: whichever port you configure to accomplish this task D: the port the switches
management VLAN is assigned to
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=30
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 31
You are the administrator of a network with a Cisco 4200 Series IPS operating as IDS and
ProCurve switches You have just purchased the NIM plug-in for your installation of ProCurve
Manager Plus What should you do to integrate ProCurve NIM with the IDS in a NIM + IDS
deployment? A: Configure the IDS to send traps to NIM B: Place the IDS inline between key
resources and the rest of the network C: Install the NIM plug-in on the IDS D: Place the IDS
inline between the PCM+/NIM server and the rest of the network
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=31
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 32
What is the default state of a Port Access Entity configured for IEEE 8021X port-access
authentication? A: disabled B: authorized C: restricted D: idle E unauthorized
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=32
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 33
ProCurve NIM was registering very few TCP Port Sweep events You have raised the
sensitivity, and many false positive TCP Port Sweep events are now triggered throughout the
network What should you do next? (Select two) A: Lower the sensitivity to the previous level
B: Plan and create a Policy Manager policy to deal with false positive events C: Disable the
TCP Port Sweep NBAD engine D: Exclude the devices triggering the false positive events
from the TCP Port Sweep E Remove the TCP alert from the policy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=33
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 34
A ProCurve Threat Management Services zl Module can be installed into which switches?
(Select two) A: ProCurve 6200yl B: ProCurve 3500yl C: ProCurve 5400zl D: ProCurve 5300xl
E ProCurve 8212zl
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=34
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 35
Click Next or More to continue Show how to set up a dynamic local mirroring policy for the
network shown in the exhibit A:
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=35
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 36
How is the Endpoint Integrity feature activated so that IDM can use it? A: It is enabled through
the Preferences window of the PCM+ GUI B: It is enabled after the IDM server is configured
in Microsoft NAP C: It is automatically enabled when the IDM server discovers Microsoft
NAP D: It is enabled as an option when IDM is installed with PCM+
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=36
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 37
Click Next or More to continue PCM+ has been installed with default settings and begins to
configure discovered devices to send sFIow traffic samples However, the network has more
active ports than can be sampled at any one time PCM+ selects which ports should have
sampling enabled A:
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=37
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 38
Which source and destination attribute is always part of TMS zl Access policies? A: user
groups B: zones C: VLANs D: TCP or UDP ports
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=38
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 39
Which event type relies on the SNMP trap community being correctly configured on ProCurve
devices? A: Protocol Anomaly events B: IP Address Sweep events C: Virus Throttle events D:
IP Address Spoofing events
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=39
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 40
Network security can be described in terms of multiple layers of security The DHCP Spoofing
and Dynamic ARP Protection features correspond to which layer? A: infrastructure protection
B: network immunity protection C: device-to-device authentication D: network access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=40
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 41
Which statement is correct about the ProCurve ProActive Defense strategy? A: It operates at a
safe distance from the points of attack and the network resources being attacked B: It achieves
better-performing, more scalable networks by using high capacity core resources C: It enforces
access and policy decisions where users and applications connect to the network D: It creates a
cost-effective management framework by using core infrastructure protection measures
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=41
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 42
You are a network administrator and have been through the Security Lifecycle and are ready to
begin performing automatic actions How should ProCurve NIM be configured to respond to an
external alert? A: activate a port mirror B: activate traffic sampling C: run an External Alerts
report D: apply threat mitigation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=42
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 43
What is a benefit of the unified NIM + IDS deployment option? A: adds threat protection to the
features of ProCurve NIM, which include only threat detection B: allows ProCurve NIM to
mirror suspicious traffic to an external device for additional analysis C: takes immediate action
to protect key resources and also tracks threats to the source D: protects against threats from
wireless devices, which ProCurve NIM is not able to do on its own
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=43
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 44
Given a single TMS zl Module, a network administrator wants to protect a site of 1500 nodes
and 5 subnets The administrator does not want the TMS zl Module to be inline in the traffic
flow If the administrator is only concerned about traffic to and from the Internet and the data
center, how should the TMS zl Module be deployed? A: in IPS mode at the core of the network
B: by integrating with NIM to initiate dynamic mirroring based on sFIow samples from the
network C: as a router between all of the subnets with IPS enabled D: with static mirroring of
traffic from the Internet connection and the data center subnet
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=44
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 45
Click the Exhibit button TMSAccesgi What does the value "AddrGroup" describe? A: a list of
IP addresses and TCP/UDP port numbers B: traffic that has this destination will match this
policy C: It is irrelevant because Any Service is specified D: one or more IP addresses
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=45
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 46
Which variables can you reference in an Access Rule of an Access Policy Group in IDM?
(Select three) A: time period B: EAP method C: username D: switch ports E Endpoint Integrity
status F VLAN identifier
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=46
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 47
Which statement describes the implementation of IDM? A: The IDM management server
pushes configuration updates to each IDM agent B: The installation of the IDM agent includes
Microsoft NPS C: The PCM+ 30 accesstxt file is used to authorize HTTPS connections for
each IDM agent to the PCM server D: Endpoint Integrity support is enabled by running the
Secure Access Wizard
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=47
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 48
What can help you troubleshoot a policy in realtime from PCM? A: Notify (Email) B: Message
Dialog C: Traffic Sampling D: Port Mirror
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=48
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 49
When creating a VPN tunnel between a TMS zl Module and a 7000dl router, which type of
VPN is supported? A: IPSec B: SSH C: L2TP/IPSec D: SSL
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=49
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 50
Which events can be signs of an unauthorized port scan? (Select two) A: DNS Tunneling B:
UDP Chargen Protocol Anomaly C: Port Anomaly D: TCP FIN without ACK Flags Protocol
Anomaly E TCP Port Sweep
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=50
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 51
What are appropriate goals when you go through the security lifecycle for the first time?
(Select two) A: configure alerts B: analyze proof of compliance C: modify NBAD sensitivities
D: create new actions E assess actions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=51
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 52
You are the network administrator for an enterprise network that uses ProCurve ProVision
ASlC switches at the core, distribution layer, and the edge of the network There is already a
SonicWALL E-Class UTM installed at the core of the network How can ProCurve NIM be
deployed to enhance the security of the network? A: Configure NIM to mirror traffic to the
UTM when a security trap is received from the UTM B: Configure the UTM to initiate a port
shutdown using the NIM API C: Configure NIM to set a rate limit at the edge when an offender
is detected by the UTM D: Configure NIM to send sFlow data to the UTM
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=52
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 53
You have configured a policy to mirror suspicious traffic to an Intrusion Detection System
(IDS) However, at the same time, you also want ProCurve NIM to take immediate action
against the offender Which action settings should you use? A: Execute all; Port Mirror (first)
and Port Disable (second) B: Execute all; Port Mirror (first) and Port Rate Limit (second) C:
Execute until success; Port Mirror (first) and Port Disable (second) D: Execute until success;
Port Disable (first) and Port Mirror (second) E Execute until success; Port Rate Limit (first) and
Port Mirror (second)
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=53
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 54
Click the Exhibit button How can you determine how long it will take for the DNS Tunneling
NBAD Engine to finish the baselining process? A: Move your mouse over the yellow triangle
symbol in the DNS Tunneling row of the NBAD Analyzer Status window B: It is not possible
to tell from this window You must go to NIM tab in Agent Manager C: Right-click anywhere
on the DNS Tunneling row in the NBAD Analyzer window D: Double-click on the DNS
Tunneling name in the NBAD Analyzer Status window
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=54
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 55
You work in the network security office for a large company The company has already
deployed ProCurve NIM integrated with multiple TMS zl Modules, acting as an IDS, placed at
strategic points across the network The combination of the TMS zl Modules and NIM is
successfully detecting and quarantining network threats You are asked to find a way to stop
users who pose a network threat from moving to a new location and getting network access
again How can you accomplish this task? A: Configure Policy Manager to track the MAC
address of the threat and quarantine the threat when it moves B: Configure NIM to disable the
threats network interface so that it will remain disabled when moving to a new location C:
Implement 8021X authentication with ProCurve DM and integrate it with NIM D: Push a
policy to the IDS to block all traffic from the threat no matter where it connects to the network
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=55
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 56
A network has an Intrusion Prevention System (IPS) that is installed between a group of servers
and the rest of the network Which benefits does ProCurve NIM add into a NIM + IPS
deployment? (Select two) A: signature-based detection B: protection for other resources
throughout the network C: remediation of infected endpoints D: deep packet inspection E
applies actions closer to the point of origin of the attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=56
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 57
Which misconfiguration on PCM+ causes ProCurve NIM to fail to detect any anomalies in
traffic? A: an incorrect operator password B: the wrong sFlow version C: an incorrect manager
password D: an incorrect SNMP community name
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=57
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 58
Which infrastructure defense capabilities are provided by the ProCurve ProActive Defense
network security solution? (Select two) A: vulnerability assessment database B: connection rate
filtering C: spoofing protection of DHCP traffic D: managed security services E phishing
protection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=58
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 59
Click the Exhibit button What is the Index value for the Threat Management Services
software? A: 1 B: 2 C: 3 D: C E E
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=59
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 60
Which NAP Enforcement client must be enabled when NAP is operating in an 8021X
environment? A: DHCP Quarantine Enforcement client B: Remote Access Quarantine
Enforcement client C: IPSec Relaying Party D: TS Gateway Quarantine Enforcement client E
EAP Quarantine Enforcement client
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=60
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 61
What is the first step to configure a TMS zl Module as an IDS from factory defaults? A:
associate a VLAN with a zone B: configure a zone as a Management Zone C: change the
operating mode to monitor mode D: configure a management IP address
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=61
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 62
What is the intended purpose of the default traffic sampling action? A: to help PCM+/NIM
periodically begin to monitor new ports B: to prevent ProCurve NIM from triggering false
positives C: to send traffic for increased analysis to an Intrusion Detection System (IDS) D: to
allow ProCurve NIM to take immediate action against the most probable threats
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=62
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 63
Click the Exhibit button Which image in the exhibit shows an invalid NIM + IDS deployment?
A: A B: B C: C D: D
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=63
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 64
_How does raising the sensitivity for the IP Address Sweep alter the triggering of the event? A:
Endpoints contacting fewer destinations over more time now trigger the event B: Endpoints
contacting more destinations over less time now trigger the event C: Endpoints generating a
lesser volume of traffic now trigger the event D: Endpoints generating a greater volume of
traffic now trigger the event
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=64
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 65
A ProCurve Threat Management Services zl Module must compare mirrored traffic to a list of
signatures for detecting known threats In which mode must the TMS be configured? A:
Routing B: High Availability C: Intrusion Prevention D: Monitor
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=65
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 66
Network security can be described in terms of multiple layers of security Which security layer
does an unauthorized VLAN correspond to? A: network access control B: network immunity
protection C: control protocol detection D: device-to-device authentication
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=66
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 67
Which statement is correct about dynamic VLAN assignment for 8021X authenticator ports on
ProCurve switches? A: If a GVRP-learned VLAN is used, the RADIUS server must specify
that attribute B: The VLANs may be statically defined on the switch or learned through GVRP
C: If a client fails authentication, the port is reassigned to the Secure Management VLAN D: If
a client is authenticated, but no VLAN attribute is returned by a RADIUS server, the switch
blocks the port
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=67
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 68
Which Policy Manager actions do not execute configuration changes on an infrastructure
device? (Select two) A: MAC Lockout B: SNMP Trap C: Email Notification D: Quarantine
VLAN E Traffic Sampling
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=68
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 69
How can ProCurve NIM mitigate threats? A: It sends traps to external IPSs and has them
mitigate the threats B: It drops the offending traffic, protecting the resources located behind
NIM C: It sends out messages to reset offenders? TCP sessions D: It executes actions on the
device through which the offender connects
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=69
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 70
Which enforcement method is supported lay Microsoft NAP? A: Web-auth B: MAC-auth C:
8021X D: WPA-PSK
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=HP0-Y24&qno=70
-------------------------------------------------------------------------------------------------------------------------------------
TwPass Certification Exam Features;
-
TwPass offers over 2500 Certification exams for professionals.
More than 98,800 Satisfied Customers Worldwide.
Average 99.8% Success Rate.
Over 120 Global Certification Vendors Covered.
Services of Professional & Certified Experts available via support.
Free 90 days updates to match real exam scenarios.
Instant Download Access! No Setup required.
Price as low as $19, which is 80% more cost effective than others.
Verified answers researched by industry experts.
Study Material updated on regular basis.
Questions / Answers are downloadable in PDF format.
Mobile Device Supported (Android, iPhone, iPod, iPad)
No authorization code required to open exam.
Portable anywhere.
Guaranteed Success.
Fast, helpful support 24x7.
View list of All Exams (AE);
http://www.twpass.com/twpass.com/vendors.aspx
Download Any Certication Exam DEMO.
http://www.twpass.com/twpass.com/vendors.aspx
To purchase Full version of exam click below;
http://www.TwPass.com/