HPE7-A02試験無料問題集（130題）「HP Aruba Certified Network Security Professional 認定」

出題：1

A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application). In the CPDI security settings, Security Analysis is On, the Data Source is ClearPass Devices Insight, and Enable Posture Assessment is On. You see that device has a Risk Score of 90.
What can you know from this information?

A. The posture is healthy, but CPDI has detected multiple vulnerabilities on the device.

B. The posture is unhealthy, and CPDI has also detected at least one vulnerability on the device.

C. The posture is unknown, and CPDI has detected exactly four vulnerabilities on the device.

D. The posture is unhealthy, but CPDI has not detected any vulnerabilities on the device.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Refer to Exhibit:

An HPE Aruba Networking 9x00 gateway is part of an HPE Aruba Networking Central group that has the settings shown in the exhibit. What would cause the gateway to drop traffic as part of its IDPS settings?

A. Traffic matching a rule in the active ruleset

B. Traffic showing anomalous behavior

C. Its IDPS engine failing

D. Its site-to-site VPN connections failing

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A company has HPE Aruba Networking gateways that implement gateway IDS/IPS. Admins sometimes check the Security Dashboard, but they want a faster way to discover if a gateway starts detecting threats in traffic.
What should they do?

A. Set up email notifications using HPE Aruba Networking Central's global alert settings.

B. Integrate HPE Aruba Networking ClearPass Device Insight (CPDI) with Central and schedule hourly reports.

C. Use Syslog to integrate the gateways with HPE Aruba Networking ClearPass Policy Manager (CPPM) event processing.

D. Set up Webhooks that are attached to the HPE Aruba Networking Central Threat Dashboard.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

What is a typical use case for using HPE Aruba Networking ClearPass Onboard to provision devices?

A. Enhancing security for loT devices that need to authenticate with MAC-Auth

B. Enforcing posture-based assessment on managed Windows domain computers

C. Enabling unmanaged devices to succeed at certificate-based 802.1X

D. Enabling managed Windows domain computers to succeed at certificate-based 802.1X

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Which use case is fulfilled by applying a time range to a firewall rule on an AOS device?

A. Locking clients that violate the rule for the specified time range

B. Tuning the session timeout for sessions established with this rule

C. Setting the time range over which hit counts for the rule are aggregated

D. Enforcing the rule only during the specified time range

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Refer to the exhibit.

You have verified that AOS-CX Switch-1 has constructed an IP-to-MAC binding table in VLANs 10-19.
Now you need to enable ARP inspection for the endpoint connected to Switch-1. What must you do first to prevent traffic disruption?

A. Create a static IP-to-MAC binding on Switch-1 for the DHCP server.

B. Configure DHCP snooping on VLANs 10-19 on Switch-2.

C. Configure ARP inspection on VLANs 10-19 on Switch-2.

D. Configure Switch-1 uplinks as trusted ARP inspection ports.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

A company has HPE Aruba Networking Central-managed APs. The company wants to block all clients connected through the APs from using YouTube.
Which steps should you take?

A. Deploy gateways and have the APs tunnel traffic to the gateways. Then, enable the gateway IDS/IPS engine.

B. Enable WebCC on all client firewall roles. Then, create WebCC category rules that deny suspicious URLs.

C. Enable Client IPS at the "custom" level, and then specify the check for YouTube.

D. Enable DPI. Then, create application rules to deny YouTube on the firewall roles.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

You need to create a rule in an HPE Aruba Networking ClearPass Policy Manager (CPPM) role mapping policy that references a ClearPass Device Insight Tag.
Which Type (namespace) should you specify for the rule?

A. Tips

B. Endpoint

C. Device

D. Application

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

You have enabled "rogue AP containment" in the Wireless IPS settings for a company's HPE Aruba Networking APs. What form of containment does HPE Aruba Networking recommend?

A. Wireless tarpit and wired containment

B. Wireless tarpit only

C. Wireless deauthentication only

D. Wired containment

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A company needs you to integrate HPE Aruba Networking ClearPass Policy Manager (CPPM) with HPE Aruba Networking ClearPass Device Insight (CPDI). What is one task you should do to prepare?

A. Collect a Data Collector token from HPE Aruba Networking Central.

B. Install the root CA for CPPM's HTTPS certificate as trusted in the CPDI application.

C. Enable Insight in the CPPM server configuration settings.

D. Configure WMI, SSH, and SNMP external accounts for device scanning on CPPM.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

HPE7-A02試験無料問題集「HP Aruba Certified Network Security Professional 認定」