HPE7-A02 無料問題集「HP Aruba Certified Network Security Professional」

（A）HTTPS traffic from 10.2.2.2 to 10.5.5.5 is denied.

（B）Traffic from 10.5.3.3 in an active HTTPS session between 10.2.2.2 and 10.5.3.3 is permitted.

（C）HTTPS traffic from 10.2.2.2 to 203.0.113.12 is denied.

（D）Traffic from 198.51.100.12 in an active HTTP session between 10.2.2.2 and 198.51.100.12 is denied.

（A）AOS-CX Analytics Dashboard using the system-installed NAE agent

（B）HPE Aruba Networking ClearPass Policy Manager (CPPM) live monitoring Access Tracker

（C）HPE Aruba Networking ClearPass Insight Endpoints and Network Dashboards

（D）HPE Aruba Networking ClearPass Device Insight (CPDI) under a device's network activity

（A）Add the Aruba:Common service and set Aruba-Admin-Role to the group name.

（B）Add the Aruba:Common service and set Aruba-Priv-Admin-User to the group name.

（C）Add the Shell service and set autocmd to the group name.

（D）Add the Shell service and set priv-Ivl to the group name.

（A）Configure mirror sessions on the APs and switches to copy client HTTP traffic to CPPM.

（B）On the APs and switches, configure a redirect to ClearPass Guest in the role for devices being profiled.

（C）Schedule periodic subnet scans of all client subnets on CPPM.

（D）Add the CPPM server's IP address to the IP helper list in all client VLANs on routing switches.

（A）CPDI has detected that these devices match about 70% of the system rule for defining "Windows 8/10" devices.

（B）CPDI has matched these devices against several, conflicting system rules. 70% of those rules are for
"Windows 8/10" devices.

（C）CPDI has used MAC OUI to group these devices together. The average device's MAC address matches
70% of the "Windows 8/10" OUI.

（D）CPDI has grouped this cluster with similar classified devices. 70% of those classified devices are
"Windows 8/10."

（A）In the security settings, configure dynamic denylisting.

（B）In the RADIUS server settings for CPPM, enable querying the authentication status.

（C）In the RADIUS server settings for CPPM, enable Dynamic Authorization.

（D）In the WLAN profiles, enable interim RADIUS accounting.

（A）Reboot the switch.

（B）Enable NAE, which is disabled by default.

（C）Create an agent from the script.

（D）Edit the script to define monitor parameters.

（A）Use ClearPass Insight to run an Active Endpoint Security report.

（B）Show the security team the CPPM Endpoint Profiler dashboard.

（C）Export the Access Tracker records on CPPM as an XML file.

（D）Integrate CPPM with ClearPass Device Insight (CPDI) and run a security report on CPDI.

（A）Add this rule to zoneC: 5 ignore tcp any 10.2.12.0/24 eq https

（B）Add this rule to zoneC: 5 match any 10.2.12.0/24 eq https

（C）Add this rule to zoneA: 5 ignore tcp any 10.2.12.0/24 eq https

（D）Add this rule to zoneB: 5 match tcp any 10.2.12.0/24 eq https

（A）Admins have likely misconfigured SSID security settings on some of the company's APs. You should have them check those settings.

（B）This event might be a threat but is almost always a false positive. You should wait to see the event over several days before following up on it.

（C）Hackers are likely trying to pose as authorized APs. You should use the detecting radio information and immediately track down the device that triggered the event.

（D）Clients are failing to authenticate to corporate SSIDs. You should first check for misconfigured authentication settings and then investigate a possible threat.