HPE7-A02無料問題集「HP Aruba Certified Network Security Professional」

質問 1

You are establishing a cluster of HPE Aruba Networking ClearPass servers. (Assume that they are running version 6.9.).
For which type of certificate it is recommended to install a CA-signed certificate on the Subscriber before it joins the cluster?

（A）Database

（B）HTTPS

（C）RADIUS/EAP

（D）RadSec

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A security team needs to track a device's communication patterns and identify patterns such as how many destinations the device is accessing.
Which Aruba solution can show this information at a glance?

（A）AOS-CX Analytics Dashboard using the system-installed NAE agent

（B）HPE Aruba Networking ClearPass Policy Manager (CPPM) live monitoring Access Tracker

（C）HPE Aruba Networking ClearPass Insight Endpoints and Network Dashboards

（D）HPE Aruba Networking ClearPass Device Insight (CPDI) under a device's network activity

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application).
You have identified a device, which is currently
classified as one type, but you want to classify it as a custom type. You also want to classify all devices with similar attributes as this type, both already-discovered devices and new devices discovered later.
What should you do?

（A）Create a user rule from the Generic Devices page, select the desired attributes for the rule, and choose
"Save."

（B）In the device details, select reclassify, create a user rule based on its attributes, and choose "Save & Reclassify."

（C）Create a user tag from the Generic Devices page, select the desired attributes for the tag, and save the tag.

（D）In the device details, select filter, create a user tag based on the device attributes, and save the tag.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A company has HPE Aruba Networking APs (AOS-10), which authenticate clients to HPE Aruba Networking ClearPass Policy Manager (CPPM). CPPM is set up to receive a variety of information about clients' profile and posture. New information can mean that CPPM should change a client's enforcement profile.
What should you set up on the APs to help the solution function correctly?

（A）In the security settings, configure dynamic denylisting.

（B）In the RADIUS server settings for CPPM, enable querying the authentication status.

（C）In the RADIUS server settings for CPPM, enable Dynamic Authorization.

（D）In the WLAN profiles, enable interim RADIUS accounting.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

You have configured an AOS-CX switch to implement 802.1X on edge ports. Assume ports operate in the default auth-mode. VolP phones are assigned to the
"voice" role and need to send traffic that is tagged for VLAN 12.
Where should you configure VLAN 12?

（A）As the trunk native VLAN on edge ports and the trunk native VLAN on the "voice" role

（B）As the allowed trunk VLAN in the "voice" role (and not in the edge port settings)

（C）As a trunk allowed VLAN on edge ports and the trunk native VLAN in the "voice" role

（D）As the trunk native VLAN in the "voice" role (and not in the edge port settings)

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

(Note that the HPE Aruba Networking Central interface shown here might look slightly different from what you see in your HPE Aruba Networking Central interface as versions change; however, similar concepts continue to apply.) An HPE Aruba Networking 9x00 gateway is part of an HPE Aruba Networking Central group that has the settings shown in the exhibit. What would cause the gateway to drop traffic as part of its IDPS settings?

（A）Its IDPS engine failing

（B）Its site-to-site VPN connections failing

（C）Traffic showing anomalous behavior

（D）Traffic matching a rule in the active ruleset

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A company issues user certificates to domain computers using its Windows CA and the default user certificate template. You have set up HPE Aruba Networking ClearPass Policy Manager (CPPM) to authenticate 802.1X clients with those certificates. However, during tests, you receive an error that authorization has failed because the usernames do not exist in the authentication source.
What is one way to fix this issue and enable clients to successfully authenticate with certificates?

（A）Configure rules to strip the domain name from the username.

（B）Remove EAP-TLS from the authentication method list and add TEAP there instead.

（C）Add the ClearPass Onboard local repository to the authentication source list.

（D）Change the authentication method list to include both PEAP MSCHAPv2 and EAP-TLS.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

HPE7-A02 無料問題集「HP Aruba Certified Network Security Professional」

弊社を連絡する

関連リンク

トップ試験