{"id":115234,"date":"2025-11-26T07:14:41","date_gmt":"2025-11-26T07:14:41","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=115234"},"modified":"2025-11-26T07:14:41","modified_gmt":"2025-11-26T07:14:41","slug":"updated-hpe7-a02-dumps-v10-02-effective-study-materials-to-ensure-your-hpe-network-security-professional-exam-success","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/updated-hpe7-a02-dumps-v10-02-effective-study-materials-to-ensure-your-hpe-network-security-professional-exam-success.html","title":{"rendered":"Updated HPE7-A02 Dumps (V10.02): Effective Study Materials to Ensure Your HPE Network Security Professional Exam Success"},"content":{"rendered":"<p>To truly stand out, the most updated HPE7-A02 dumps (V10.02) are available at DumpsBase, which are the greatest choice to ensure your HPE Network Security Professional Exam success. We have updated 135 practice exam questions and answers, helping you understand the HPE Network Security Professional Exam objectives. So you can clear the exam with ease. Trust, the HPE7-A02 dumps (V10.02) should be the effective study materials, which can fulfill all of your requirements. We help you in realizing all the <a href=\"https:\/\/www.dumpsbase.com\/hp.html\"><em><strong>HPE<\/strong><\/em><\/a> Network Security Professional Exam topics. By preparing with these updated HPE7-A02 dump questions, you will get the HPE Aruba Networking Certified Professional &#8211; Network Security certification on your initially attempt.<\/p>\n<h2>Below are the <span style=\"background-color: #ff9900;\"><em>HPE7-A02 free dumps (V10.02)<\/em><\/span> to help you check the quality before downloading:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam11194\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-11194\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-11194\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-440276'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>You are setting up an HPE Aruba Networking VIA solution for a company. You need to configure access control policies for applications and resources that remote clients can access when connected to the VPN. <br \/>\r<br>Where on the VPNC should you configure these policies?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='440276' \/><input type='hidden' id='answerType440276' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440276[]' id='answer-id-1703477' class='answer   answerof-440276 ' value='1703477'   \/><label for='answer-id-1703477' id='answer-label-1703477' class=' answer'><span>In the tunneled network settings within the VIA Connection Profile<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440276[]' id='answer-id-1703478' class='answer   answerof-440276 ' value='1703478'   \/><label for='answer-id-1703478' id='answer-label-1703478' class=' answer'><span>In the cloud security settings using IPsec maps<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440276[]' id='answer-id-1703479' class='answer   answerof-440276 ' value='1703479'   \/><label for='answer-id-1703479' id='answer-label-1703479' class=' answer'><span>In the roles to which VIA clients are assigned after IKE authentication<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440276[]' id='answer-id-1703480' class='answer   answerof-440276 ' value='1703480'   \/><label for='answer-id-1703480' id='answer-label-1703480' class=' answer'><span>In the roles to which VIA clients are assigned after VIA Web authentication<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-440277'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>A company wants HPE Aruba Networking ClearPass Policy Manager (CPPM) to respond to Syslog messages from its Palo Alto Next Generation Firewall (NGFW) by quarantining clients involved in security incidents. <br \/>\r<br>Which step must you complete to enable CPPM to process the Syslogs properly?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='440277' \/><input type='hidden' id='answerType440277' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440277[]' id='answer-id-1703481' class='answer   answerof-440277 ' value='1703481'   \/><label for='answer-id-1703481' id='answer-label-1703481' class=' answer'><span>Configure the Palo Alto as a context server on CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440277[]' id='answer-id-1703482' class='answer   answerof-440277 ' value='1703482'   \/><label for='answer-id-1703482' id='answer-label-1703482' class=' answer'><span>Install a Palo Alto Extension through ClearPass Guest.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440277[]' id='answer-id-1703483' class='answer   answerof-440277 ' value='1703483'   \/><label for='answer-id-1703483' id='answer-label-1703483' class=' answer'><span>Enable Insight and ingress event processing on the CPPM server.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440277[]' id='answer-id-1703484' class='answer   answerof-440277 ' value='1703484'   \/><label for='answer-id-1703484' id='answer-label-1703484' class=' answer'><span>Configure CPPM to trust the root CA certificate for the NGF<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-440278'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>A company has a variety of HPE Aruba Networking solutions, including an HPE Aruba Networking infrastructure and HPE Aruba Networking ClearPass Policy Manager (CPPM). The company passes traffic from the corporate LAN destined to the data center through a third-party SRX firewall. The company would like to further protect itself from internal threats. <br \/>\r<br>What is one solution that you can recommend?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='440278' \/><input type='hidden' id='answerType440278' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440278[]' id='answer-id-1703485' class='answer   answerof-440278 ' value='1703485'   \/><label for='answer-id-1703485' id='answer-label-1703485' class=' answer'><span>Have the third-party firewall send Syslogs to CPPM, which can work with network devices to lock internal attackers out of the network.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440278[]' id='answer-id-1703486' class='answer   answerof-440278 ' value='1703486'   \/><label for='answer-id-1703486' id='answer-label-1703486' class=' answer'><span>Use tunnel mode SSIDs and user-based tunneling (UBT) on AOS-CX switches to pass all internal traffic directly through the third-party firewall.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440278[]' id='answer-id-1703487' class='answer   answerof-440278 ' value='1703487'   \/><label for='answer-id-1703487' id='answer-label-1703487' class=' answer'><span>Add ClearPass Device Insight (CPDI) to the solution; integrate it with the third-party firewall to develop more complete device profiles.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440278[]' id='answer-id-1703488' class='answer   answerof-440278 ' value='1703488'   \/><label for='answer-id-1703488' id='answer-label-1703488' class=' answer'><span>Configure CPPM to poll the third-party firewall for a broad array of information about internal clients, such as profile and posture.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-440279'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>You are deploying a virtual Data Collector for use with HPE Aruba Networking ClearPass Device Insight (CPDI). You have identified VLAN 101 in the data center as the VLAN to which the Data Collector should connect to receive its IP address and connect to HPE Aruba Networking Central. <br \/>\r<br>Which Data Collector virtual ports should you tell the virtual admins to connect to VLAN 101?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='440279' \/><input type='hidden' id='answerType440279' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440279[]' id='answer-id-1703489' class='answer   answerof-440279 ' value='1703489'   \/><label for='answer-id-1703489' id='answer-label-1703489' class=' answer'><span>The one with the lowest MAC address<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440279[]' id='answer-id-1703490' class='answer   answerof-440279 ' value='1703490'   \/><label for='answer-id-1703490' id='answer-label-1703490' class=' answer'><span>The one with the highest port ID<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440279[]' id='answer-id-1703491' class='answer   answerof-440279 ' value='1703491'   \/><label for='answer-id-1703491' id='answer-label-1703491' class=' answer'><span>The one with the highest MAC address<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440279[]' id='answer-id-1703492' class='answer   answerof-440279 ' value='1703492'   \/><label for='answer-id-1703492' id='answer-label-1703492' class=' answer'><span>The one with the lowest port ID<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-440280'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>A company assigns a different block of VLAN IDs to each of its access layer AOS-CX switches. The switches run version 10.07. The IDs are used for standard purposes, such as for employees, VolP phones, and cameras. The company wants to apply 802.1X authentication to HPE Aruba Networking ClearPass Policy Manager (CPPM) and then steer clients to the correct VLANs for local forwarding. <br \/>\r<br>What can you do to simplify setting up this solution?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='440280' \/><input type='hidden' id='answerType440280' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440280[]' id='answer-id-1703493' class='answer   answerof-440280 ' value='1703493'   \/><label for='answer-id-1703493' id='answer-label-1703493' class=' answer'><span>Assign consistent names to VLANs of the same type across the AOS-CX switches and have user-roles reference names.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440280[]' id='answer-id-1703494' class='answer   answerof-440280 ' value='1703494'   \/><label for='answer-id-1703494' id='answer-label-1703494' class=' answer'><span>Use the trunk allowed VLAN setting to assign multiple VLAN IDs to the same role.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440280[]' id='answer-id-1703495' class='answer   answerof-440280 ' value='1703495'   \/><label for='answer-id-1703495' id='answer-label-1703495' class=' answer'><span>Change the VLAN IDs across the AOS-CX switches so that they are consistent.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440280[]' id='answer-id-1703496' class='answer   answerof-440280 ' value='1703496'   \/><label for='answer-id-1703496' id='answer-label-1703496' class=' answer'><span>Avoid configuring the VLAN in the role; use trunk VLANs to assign multiple VLANs to the port instead.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-440281'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Assume that an AOS-CX switch is already implementing DHCP snooping and ARP inspection successfully on several VLANs. <br \/>\r<br>What should you do to help minimize disruption time if the switch reboots?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='440281' \/><input type='hidden' id='answerType440281' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440281[]' id='answer-id-1703497' class='answer   answerof-440281 ' value='1703497'   \/><label for='answer-id-1703497' id='answer-label-1703497' class=' answer'><span>Configure the switch to act as an ARP proxy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440281[]' id='answer-id-1703498' class='answer   answerof-440281 ' value='1703498'   \/><label for='answer-id-1703498' id='answer-label-1703498' class=' answer'><span>Create static IP-to-MAC bindings for the DHCP and DNS servers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440281[]' id='answer-id-1703499' class='answer   answerof-440281 ' value='1703499'   \/><label for='answer-id-1703499' id='answer-label-1703499' class=' answer'><span>Save the IP-to-MAC bindings to external storage.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440281[]' id='answer-id-1703500' class='answer   answerof-440281 ' value='1703500'   \/><label for='answer-id-1703500' id='answer-label-1703500' class=' answer'><span>Configure the IP helper address on this switch, rather than a core routing switch.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-440282'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>The security team needs you to show them information about MAC spoofing attempts detected by HPE Aruba Networking ClearPass Policy Manager (CPPM). <br \/>\r<br>What should you do?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='440282' \/><input type='hidden' id='answerType440282' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440282[]' id='answer-id-1703501' class='answer   answerof-440282 ' value='1703501'   \/><label for='answer-id-1703501' id='answer-label-1703501' class=' answer'><span>Export the Access Tracker records on CPPM as an XML file.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440282[]' id='answer-id-1703502' class='answer   answerof-440282 ' value='1703502'   \/><label for='answer-id-1703502' id='answer-label-1703502' class=' answer'><span>Use ClearPass Insight to run an Active Endpoint Security report.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440282[]' id='answer-id-1703503' class='answer   answerof-440282 ' value='1703503'   \/><label for='answer-id-1703503' id='answer-label-1703503' class=' answer'><span>Integrate CPPM with ClearPass Device Insight (CPDI) and run a security report on CPD<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440282[]' id='answer-id-1703504' class='answer   answerof-440282 ' value='1703504'   \/><label for='answer-id-1703504' id='answer-label-1703504' class=' answer'><span>Show the security team the CPPM Endpoint Profiler dashboard.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-440283'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>You have created this rule in an HPE Aruba Networking ClearPass Policy Manager (CPPM) service's enforcement policy: IF Authorization [Endpoints Repository] <br \/>\r<br>Conflict EQUALS true THEN apply &quot;quarantine_profile&quot; <br \/>\r<br>What information can help you determine whether you need to configure cluster-wide profiler parameters to ignore some conflicts?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='440283' \/><input type='hidden' id='answerType440283' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440283[]' id='answer-id-1703505' class='answer   answerof-440283 ' value='1703505'   \/><label for='answer-id-1703505' id='answer-label-1703505' class=' answer'><span>Whether the company has rare Internet of Things (loT) devices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440283[]' id='answer-id-1703506' class='answer   answerof-440283 ' value='1703506'   \/><label for='answer-id-1703506' id='answer-label-1703506' class=' answer'><span>Whether some devices are incapable of captive portal or 802.1X authentication<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440283[]' id='answer-id-1703507' class='answer   answerof-440283 ' value='1703507'   \/><label for='answer-id-1703507' id='answer-label-1703507' class=' answer'><span>Whether the company has devices that use PXE boot<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440283[]' id='answer-id-1703508' class='answer   answerof-440283 ' value='1703508'   \/><label for='answer-id-1703508' id='answer-label-1703508' class=' answer'><span>Whether some devices are running legacy operating systems<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-440284'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>HPE Aruba Networking ClearPass Policy Manager (CPPM) uses a service to authenticate clients. You are now adding the Endpoints Repository as an authorization source for the service, and you want to add rules to the service's policies that apply different access levels based, in part, on a client's device category. You need to ensure that CPPM can apply the new correct access level after discovering new clients' categories. <br \/>\r<br>What should you enable on the service?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='440284' \/><input type='hidden' id='answerType440284' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440284[]' id='answer-id-1703509' class='answer   answerof-440284 ' value='1703509'   \/><label for='answer-id-1703509' id='answer-label-1703509' class=' answer'><span>The Posture Compliance option in the Service tab<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440284[]' id='answer-id-1703510' class='answer   answerof-440284 ' value='1703510'   \/><label for='answer-id-1703510' id='answer-label-1703510' class=' answer'><span>The Profile Endpoints option in the Service tab<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440284[]' id='answer-id-1703511' class='answer   answerof-440284 ' value='1703511'   \/><label for='answer-id-1703511' id='answer-label-1703511' class=' answer'><span>The Use cached Roles and Posture attributes from previous sessions option in the Enforcement tab<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440284[]' id='answer-id-1703512' class='answer   answerof-440284 ' value='1703512'   \/><label for='answer-id-1703512' id='answer-label-1703512' class=' answer'><span>The Audit End-host option in the Service tab<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-440285'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>You have installed an HPE Aruba Networking Network Analytic Engine (NAE) script on an AOS-CX switch to monitor a particular function. <br \/>\r<br>Which additional step must you complete to start the monitoring?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='440285' \/><input type='hidden' id='answerType440285' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440285[]' id='answer-id-1703513' class='answer   answerof-440285 ' value='1703513'   \/><label for='answer-id-1703513' id='answer-label-1703513' class=' answer'><span>Reboot the switch.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440285[]' id='answer-id-1703514' class='answer   answerof-440285 ' value='1703514'   \/><label for='answer-id-1703514' id='answer-label-1703514' class=' answer'><span>Enable NAE, which is disabled by default.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440285[]' id='answer-id-1703515' class='answer   answerof-440285 ' value='1703515'   \/><label for='answer-id-1703515' id='answer-label-1703515' class=' answer'><span>Edit the script to define monitor parameters.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440285[]' id='answer-id-1703516' class='answer   answerof-440285 ' value='1703516'   \/><label for='answer-id-1703516' id='answer-label-1703516' class=' answer'><span>Create an agent from the script.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-440286'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>A company uses HPE Aruba Networking ClearPass Policy Manager (CPPM) as a TACACS+ server to authenticate managers on its AOS-CX switches. You want to assign managers to groups on the AOS-CX switch by name. <br \/>\r<br>How do you configure this setting in a CPPM TACACS+ enforcement profile?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='440286' \/><input type='hidden' id='answerType440286' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440286[]' id='answer-id-1703517' class='answer   answerof-440286 ' value='1703517'   \/><label for='answer-id-1703517' id='answer-label-1703517' class=' answer'><span>Add the Shell service and set autocmd to the group name.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440286[]' id='answer-id-1703518' class='answer   answerof-440286 ' value='1703518'   \/><label for='answer-id-1703518' id='answer-label-1703518' class=' answer'><span>Add the Shell service and set priv-Ivl to the group name.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440286[]' id='answer-id-1703519' class='answer   answerof-440286 ' value='1703519'   \/><label for='answer-id-1703519' id='answer-label-1703519' class=' answer'><span>Add the Aruba: Common service and set Aruba-Admin-Role to the group name.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440286[]' id='answer-id-1703520' class='answer   answerof-440286 ' value='1703520'   \/><label for='answer-id-1703520' id='answer-label-1703520' class=' answer'><span>Add the Aruba: Common service and set Aruba-Priv-Admin-User to the group name.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-440287'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>Your company wants to implement Tunneled EAP (TEAP). <br \/>\r<br>How can you set up HPE Aruba Networking ClearPass Policy Manager (CPPM) to enforce certificated-based authentication for clients using TEAP?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='440287' \/><input type='hidden' id='answerType440287' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440287[]' id='answer-id-1703521' class='answer   answerof-440287 ' value='1703521'   \/><label for='answer-id-1703521' id='answer-label-1703521' class=' answer'><span>For the service using TEAP, set the authentication source to an internal database.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440287[]' id='answer-id-1703522' class='answer   answerof-440287 ' value='1703522'   \/><label for='answer-id-1703522' id='answer-label-1703522' class=' answer'><span>Select a service certificate when you specify TEAP as a service's authentication method.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440287[]' id='answer-id-1703523' class='answer   answerof-440287 ' value='1703523'   \/><label for='answer-id-1703523' id='answer-label-1703523' class=' answer'><span>Create an authentication method named &quot;TEAP&quot; with the type set to EAP-TL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440287[]' id='answer-id-1703524' class='answer   answerof-440287 ' value='1703524'   \/><label for='answer-id-1703524' id='answer-label-1703524' class=' answer'><span>Select an EAP-TLS-type authentication method for the TEAP method's inner method.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-440288'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>What is a use case for running periodic subnet scans on devices from HPE Aruba Networking ClearPass Policy Manager (CPPM)?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='440288' \/><input type='hidden' id='answerType440288' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440288[]' id='answer-id-1703525' class='answer   answerof-440288 ' value='1703525'   \/><label for='answer-id-1703525' id='answer-label-1703525' class=' answer'><span>Using DHCP fingerprints to determine a client's device category and OS<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440288[]' id='answer-id-1703526' class='answer   answerof-440288 ' value='1703526'   \/><label for='answer-id-1703526' id='answer-label-1703526' class=' answer'><span>Detecting devices that fail to comply with rules defined in CPPM posture policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440288[]' id='answer-id-1703527' class='answer   answerof-440288 ' value='1703527'   \/><label for='answer-id-1703527' id='answer-label-1703527' class=' answer'><span>Identifying issues with authenticating and authorizing clients<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440288[]' id='answer-id-1703528' class='answer   answerof-440288 ' value='1703528'   \/><label for='answer-id-1703528' id='answer-label-1703528' class=' answer'><span>Using WMI to collect additional information about Windows domain clients<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-440289'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>HPE Aruba Networking Central displays an alert about an Infrastructure Attack that was detected. You go to the Security &gt; RAPIDS events and see that the attack was &quot;Detect adhoc using Valid SSID.&quot; <br \/>\r<br>What is one possible next step?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='440289' \/><input type='hidden' id='answerType440289' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440289[]' id='answer-id-1703529' class='answer   answerof-440289 ' value='1703529'   \/><label for='answer-id-1703529' id='answer-label-1703529' class=' answer'><span>Use HPE Aruba Networking Central floorplans or the detecting AP identities to locate the general area for the threat.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440289[]' id='answer-id-1703530' class='answer   answerof-440289 ' value='1703530'   \/><label for='answer-id-1703530' id='answer-label-1703530' class=' answer'><span>Look for the IP address associated with the offender and then check for that IP address among HPE Aruba Networking Central clients.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440289[]' id='answer-id-1703531' class='answer   answerof-440289 ' value='1703531'   \/><label for='answer-id-1703531' id='answer-label-1703531' class=' answer'><span>Make sure that you have tuned the threshold for that check, as false positives are common for it.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440289[]' id='answer-id-1703532' class='answer   answerof-440289 ' value='1703532'   \/><label for='answer-id-1703532' id='answer-label-1703532' class=' answer'><span>Make sure that clients have updated drivers, as faulty drivers are a common explanation for this attack type.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-440290'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>What is one use case for implementing user-based tunneling (UBT) on AOS-CX switches?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='440290' \/><input type='hidden' id='answerType440290' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440290[]' id='answer-id-1703533' class='answer   answerof-440290 ' value='1703533'   \/><label for='answer-id-1703533' id='answer-label-1703533' class=' answer'><span>Centralizing the distribution of wired traffic without requiring HPE Aruba Networking gateways<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440290[]' id='answer-id-1703534' class='answer   answerof-440290 ' value='1703534'   \/><label for='answer-id-1703534' id='answer-label-1703534' class=' answer'><span>Tunneling traffic directly to a third-party firewall in a client data center<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440290[]' id='answer-id-1703535' class='answer   answerof-440290 ' value='1703535'   \/><label for='answer-id-1703535' id='answer-label-1703535' class=' answer'><span>Adding 802.1X while continuing to use the existing VLAN and ACL structure in the Ethernet network<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440290[]' id='answer-id-1703536' class='answer   answerof-440290 ' value='1703536'   \/><label for='answer-id-1703536' id='answer-label-1703536' class=' answer'><span>Applying enhanced security features such as deep packet inspection (DPI) to wired traffic<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-440291'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>You need to use &quot;Tips: Posture&quot; conditions within an 802.1X service's enforcement policy. <br \/>\r<br>Which guideline should you follow?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='440291' \/><input type='hidden' id='answerType440291' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440291[]' id='answer-id-1703537' class='answer   answerof-440291 ' value='1703537'   \/><label for='answer-id-1703537' id='answer-label-1703537' class=' answer'><span>Enable caching roles and posture attributes from previous sessions in the service's enforcement settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440291[]' id='answer-id-1703538' class='answer   answerof-440291 ' value='1703538'   \/><label for='answer-id-1703538' id='answer-label-1703538' class=' answer'><span>Create rules that assign postures in the service's role mapping policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440291[]' id='answer-id-1703539' class='answer   answerof-440291 ' value='1703539'   \/><label for='answer-id-1703539' id='answer-label-1703539' class=' answer'><span>Enable profiling in the service's general settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440291[]' id='answer-id-1703540' class='answer   answerof-440291 ' value='1703540'   \/><label for='answer-id-1703540' id='answer-label-1703540' class=' answer'><span>Select the Posture Policy type for the service's enforcement policy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-440292'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Admins have recently turned on Wireless IDS\/IPS infrastructure detection at the high level on HPE Aruba Networking APs. When you check WIDS events, you see several RTS rate and CTS rate anomalies, which were triggered by neighboring APs. <br \/>\r<br>What can you interpret from this event?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='440292' \/><input type='hidden' id='answerType440292' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440292[]' id='answer-id-1703541' class='answer   answerof-440292 ' value='1703541'   \/><label for='answer-id-1703541' id='answer-label-1703541' class=' answer'><span>These neighboring APs are likely to be wireless clients that are inappropriately bridging their wired and wireless NICs; you should track down and remove them.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440292[]' id='answer-id-1703542' class='answer   answerof-440292 ' value='1703542'   \/><label for='answer-id-1703542' id='answer-label-1703542' class=' answer'><span>These neighboring APs might be hackers trying to launch a DoS, but are more likely operating normally; you should start by tuning the event thresholds.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440292[]' id='answer-id-1703543' class='answer   answerof-440292 ' value='1703543'   \/><label for='answer-id-1703543' id='answer-label-1703543' class=' answer'><span>These neighboring APs are actually rogue APs, and you should enable wireless tarpit containment on them.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440292[]' id='answer-id-1703544' class='answer   answerof-440292 ' value='1703544'   \/><label for='answer-id-1703544' id='answer-label-1703544' class=' answer'><span>These neighboring APs are actually rogue APs, and you should enable wireless de-authentication containment on them.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-440293'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>A company wants to turn on Wireless IDS\/IPS infrastructure and client detection at the high level on HPE Aruba Networking APs. The company does not want to enable any prevention settings. <br \/>\r<br>What should you explain about HPE Aruba Networking recommendations?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='440293' \/><input type='hidden' id='answerType440293' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440293[]' id='answer-id-1703545' class='answer   answerof-440293 ' value='1703545'   \/><label for='answer-id-1703545' id='answer-label-1703545' class=' answer'><span>HPE Aruba Networking recommends turning on both wired and wireless prevention whenever you enable detection at high.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440293[]' id='answer-id-1703546' class='answer   answerof-440293 ' value='1703546'   \/><label for='answer-id-1703546' id='answer-label-1703546' class=' answer'><span>HPE Aruba Networking recommends using hybrid AP mode, as opposed to Air Monitors (AMs), when implementing detection without prevention.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440293[]' id='answer-id-1703547' class='answer   answerof-440293 ' value='1703547'   \/><label for='answer-id-1703547' id='answer-label-1703547' class=' answer'><span>HPE Aruba Networking recommends disabling client detection when you configure infrastructure detection at high, as infrastructure detection includes all the client checks and more.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440293[]' id='answer-id-1703548' class='answer   answerof-440293 ' value='1703548'   \/><label for='answer-id-1703548' id='answer-label-1703548' class=' answer'><span>HPE Aruba Networking recommends configuring infrastructure and client detection at a custom level and disabling or tuning some of the settings that are likely to produce false positives.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-440294'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>What is one use case that companies can fulfill using HPE Aruba Networking ClearPass Policy Manager's (CPPM's) Device Profiler?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='440294' \/><input type='hidden' id='answerType440294' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440294[]' id='answer-id-1703549' class='answer   answerof-440294 ' value='1703549'   \/><label for='answer-id-1703549' id='answer-label-1703549' class=' answer'><span>Identifying device security vulnerabilities by CVE ID and receiving remediation recommendations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440294[]' id='answer-id-1703550' class='answer   answerof-440294 ' value='1703550'   \/><label for='answer-id-1703550' id='answer-label-1703550' class=' answer'><span>Leveraging artificial intelligence to more accurately identify Internet of Things (loT) devices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440294[]' id='answer-id-1703551' class='answer   answerof-440294 ' value='1703551'   \/><label for='answer-id-1703551' id='answer-label-1703551' class=' answer'><span>Quarantining devices that do not have the required antivirus software installed on them<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440294[]' id='answer-id-1703552' class='answer   answerof-440294 ' value='1703552'   \/><label for='answer-id-1703552' id='answer-label-1703552' class=' answer'><span>Assigning different AOS firewall roles to users on computers and the same users on smartphones<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-440295'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>A company needs you to integrate HPE Aruba Networking ClearPass Policy Manager (CPPM) with HPE Aruba Networking ClearPass Device Insight (CPDI). <br \/>\r<br>What is one task you should do to prepare?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='440295' \/><input type='hidden' id='answerType440295' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440295[]' id='answer-id-1703553' class='answer   answerof-440295 ' value='1703553'   \/><label for='answer-id-1703553' id='answer-label-1703553' class=' answer'><span>Install the root CA for CPPM's HTTPS certificate as trusted in the CPDI application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440295[]' id='answer-id-1703554' class='answer   answerof-440295 ' value='1703554'   \/><label for='answer-id-1703554' id='answer-label-1703554' class=' answer'><span>Configure WMI, SSH, and SNMP external accounts for device scanning on CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440295[]' id='answer-id-1703555' class='answer   answerof-440295 ' value='1703555'   \/><label for='answer-id-1703555' id='answer-label-1703555' class=' answer'><span>Enable Insight in the CPPM server configuration settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440295[]' id='answer-id-1703556' class='answer   answerof-440295 ' value='1703556'   \/><label for='answer-id-1703556' id='answer-label-1703556' class=' answer'><span>Collect a Data Collector token from HPE Aruba Networking Central.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-440296'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>A company has an HPE Aruba Networking ClearPass cluster with several servers. <br \/>\r<br>ClearPass Policy Manager (CPPM) is set up to: <br \/>\r<br>. Update client attributes based on Syslog messages from third-party appliances <br \/>\r<br>. Have the clients reauthenticate and apply new profiles to the clients based on the updates <br \/>\r<br>To ensure that the correct profiles apply, what is one step you should take?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='440296' \/><input type='hidden' id='answerType440296' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440296[]' id='answer-id-1703557' class='answer   answerof-440296 ' value='1703557'   \/><label for='answer-id-1703557' id='answer-label-1703557' class=' answer'><span>Configure a CoA action for all tag updates in the ClearPass Device Insight integration settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440296[]' id='answer-id-1703558' class='answer   answerof-440296 ' value='1703558'   \/><label for='answer-id-1703558' id='answer-label-1703558' class=' answer'><span>Tune the CoA delay on the ClearPass servers to a value of 5 seconds or greater.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440296[]' id='answer-id-1703559' class='answer   answerof-440296 ' value='1703559'   \/><label for='answer-id-1703559' id='answer-label-1703559' class=' answer'><span>Set the cluster's Endpoint Context Servers polling interval to a value of 5 seconds or less.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440296[]' id='answer-id-1703560' class='answer   answerof-440296 ' value='1703560'   \/><label for='answer-id-1703560' id='answer-label-1703560' class=' answer'><span>Configure the cluster to periodically clean up (delete) unknown endpoints.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-440297'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>An admin has configured an AOS-CX switch with these settings: <br \/>\r<br>port-access role employees <br \/>\r<br>vlan access name employees <br \/>\r<br>This switch is also configured with CPPM as its RADIUS server. <br \/>\r<br>Which enforcement profile should you configure on CPPM to work with this configuration?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='440297' \/><input type='hidden' id='answerType440297' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440297[]' id='answer-id-1703561' class='answer   answerof-440297 ' value='1703561'   \/><label for='answer-id-1703561' id='answer-label-1703561' class=' answer'><span>RADIUS Enforcement type with HPE-User-Role VSA set to &quot;employees&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440297[]' id='answer-id-1703562' class='answer   answerof-440297 ' value='1703562'   \/><label for='answer-id-1703562' id='answer-label-1703562' class=' answer'><span>HPE Aruba Networking Downloadable Role Enforcement type with role name set to &quot;employees&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440297[]' id='answer-id-1703563' class='answer   answerof-440297 ' value='1703563'   \/><label for='answer-id-1703563' id='answer-label-1703563' class=' answer'><span>HPE Aruba Networking Downloadable Role Enforcement type with gateway role name set to &quot;employees&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440297[]' id='answer-id-1703564' class='answer   answerof-440297 ' value='1703564'   \/><label for='answer-id-1703564' id='answer-label-1703564' class=' answer'><span>RADIUS Enforcement type with Aruba-User-Role VSA set to &quot;employees&quot;<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-440298'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>You are using OpenSSL to obtain a certificate signed by a Certification Authority (CA). <br \/>\r<br>You have entered this command: <br \/>\r<br>openssl req -new -out file1.pem -newkey rsa: 3072 -keyout file2.pem Enter PEM pass phrase: ********** Verifying - Enter PEM pass phrase: ********** <br \/>\r<br>Country Name (2 letter code) [AU]: US <br \/>\r<br>State or Province Name (full name) [Some-State]: California <br \/>\r<br>Locality Name (eg, city) []: Sunnyvale <br \/>\r<br>Organization Name (eg, company) [Internet Widgits Pty Ltd]: example.com <br \/>\r<br>Organizational Unit Name (eg, section) []: Infrastructure <br \/>\r<br>Common Name (e.g. server FQDN or YOUR name) []: radius.example.com <br \/>\r<br>What is one guideline for continuing to obtain a certificate?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='440298' \/><input type='hidden' id='answerType440298' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440298[]' id='answer-id-1703565' class='answer   answerof-440298 ' value='1703565'   \/><label for='answer-id-1703565' id='answer-label-1703565' class=' answer'><span>You should use a third-party tool to encrypt file2.pem before sending it and file1.pem to the C<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440298[]' id='answer-id-1703566' class='answer   answerof-440298 ' value='1703566'   \/><label for='answer-id-1703566' id='answer-label-1703566' class=' answer'><span>You should concatenate file1.pem and file2.pem into a single file, and submit that to the desired CA to sign.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440298[]' id='answer-id-1703567' class='answer   answerof-440298 ' value='1703567'   \/><label for='answer-id-1703567' id='answer-label-1703567' class=' answer'><span>You should submit file1.pem, but not file2.pem, to the desired CA to sign.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440298[]' id='answer-id-1703568' class='answer   answerof-440298 ' value='1703568'   \/><label for='answer-id-1703568' id='answer-label-1703568' class=' answer'><span>You should submit file2.pem, but not file1.pem, to the desired CA to sign.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-440299'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>A company is implementing HPE Aruba Networking Wireless IDS\/IPS (WIDS\/WIPS) on its AOS-10 APs, which are managed in HPE Aruba Networking Central. <br \/>\r<br>What is one requirement for enabling detection of rogue APs?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='440299' \/><input type='hidden' id='answerType440299' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440299[]' id='answer-id-1703569' class='answer   answerof-440299 ' value='1703569'   \/><label for='answer-id-1703569' id='answer-label-1703569' class=' answer'><span>Each VLAN in the network assigned on at least one AP's or AM's port<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440299[]' id='answer-id-1703570' class='answer   answerof-440299 ' value='1703570'   \/><label for='answer-id-1703570' id='answer-label-1703570' class=' answer'><span>A Foundation with Security license for each of the APs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440299[]' id='answer-id-1703571' class='answer   answerof-440299 ' value='1703571'   \/><label for='answer-id-1703571' id='answer-label-1703571' class=' answer'><span>One AM deployed for every one AP deployed<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440299[]' id='answer-id-1703572' class='answer   answerof-440299 ' value='1703572'   \/><label for='answer-id-1703572' id='answer-label-1703572' class=' answer'><span>A manual radio profile that enables non-regulatory channels<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-440300'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>A company wants to apply a standard configuration to all AOS-CX switch ports and have the ports dynamically adjust their configuration based on the identity of the user or device that connects. They want to centralize configuration of the identity-based settings as much as possible. <br \/>\r<br>What should you recommend?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='440300' \/><input type='hidden' id='answerType440300' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440300[]' id='answer-id-1703573' class='answer   answerof-440300 ' value='1703573'   \/><label for='answer-id-1703573' id='answer-label-1703573' class=' answer'><span>Having HPE Aruba Networking ClearPass Policy Manager (CPPM) send standard RADIUS AVPs to customize port settings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440300[]' id='answer-id-1703574' class='answer   answerof-440300 ' value='1703574'   \/><label for='answer-id-1703574' id='answer-label-1703574' class=' answer'><span>Having switches pull port configurations dynamically from HPE Aruba Networking Activate<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440300[]' id='answer-id-1703575' class='answer   answerof-440300 ' value='1703575'   \/><label for='answer-id-1703575' id='answer-label-1703575' class=' answer'><span>Having switches download user-roles from HPE Aruba Networking gateways<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440300[]' id='answer-id-1703576' class='answer   answerof-440300 ' value='1703576'   \/><label for='answer-id-1703576' id='answer-label-1703576' class=' answer'><span>Having switches download user-roles from HPE Aruba Networking ClearPass Policy Manager (CPPM)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-440301'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>A company uses HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application option). In the details for a generic device cluster, you see a recommendation for &quot;Windows 8\/10&quot; with 70% accuracy. <br \/>\r<br>What does this mean?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='440301' \/><input type='hidden' id='answerType440301' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440301[]' id='answer-id-1703577' class='answer   answerof-440301 ' value='1703577'   \/><label for='answer-id-1703577' id='answer-label-1703577' class=' answer'><span>CPDI has detected that these devices match about 70% of the system rule for defining &quot;Windows 8\/10&quot; devices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440301[]' id='answer-id-1703578' class='answer   answerof-440301 ' value='1703578'   \/><label for='answer-id-1703578' id='answer-label-1703578' class=' answer'><span>CPDI has matched these devices against several, conflicting system rules. 70% of those rules are for &quot;Windows 8\/10&quot; devices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440301[]' id='answer-id-1703579' class='answer   answerof-440301 ' value='1703579'   \/><label for='answer-id-1703579' id='answer-label-1703579' class=' answer'><span>CPDI has grouped this cluster with similar classified devices. 70% of those classified devices are &quot;Windows 8\/10.&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440301[]' id='answer-id-1703580' class='answer   answerof-440301 ' value='1703580'   \/><label for='answer-id-1703580' id='answer-label-1703580' class=' answer'><span>CPDI has used MAC OUI to group these devices together. The average device's MAC address matches 70% of the &quot;Windows 8\/10&quot; OU<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-440302'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>You need to set up HPE Aruba Networking ClearPass Policy Manager (CPPM) to provide certificate-based authentication of 802.1X supplicants. <br \/>\r<br>How should you upload the root CA certificate for the supplicants' certificates?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='440302' \/><input type='hidden' id='answerType440302' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440302[]' id='answer-id-1703581' class='answer   answerof-440302 ' value='1703581'   \/><label for='answer-id-1703581' id='answer-label-1703581' class=' answer'><span>As a ClearPass Server certificate with the RADIUS\/EAP usage<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440302[]' id='answer-id-1703582' class='answer   answerof-440302 ' value='1703582'   \/><label for='answer-id-1703582' id='answer-label-1703582' class=' answer'><span>As a Trusted CA with the AD\/LDAP usage<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440302[]' id='answer-id-1703583' class='answer   answerof-440302 ' value='1703583'   \/><label for='answer-id-1703583' id='answer-label-1703583' class=' answer'><span>As a Trusted CA with the EAP usage<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440302[]' id='answer-id-1703584' class='answer   answerof-440302 ' value='1703584'   \/><label for='answer-id-1703584' id='answer-label-1703584' class=' answer'><span>As a ClearPass Server certificate with the Database usage<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-440303'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>You need to set up an HPE Aruba Networking VIA solution for a customer who needs to support 2100 remote employees. The customer wants employees to download their VIA connection profile from the VPNC. Only employees who authenticate with their domain credentials to HPE Aruba Networking ClearPass Policy Manager (CPPM) should be able to download the profile. (A RADIUS server group for CPPM is already set up on the VPNC.) <br \/>\r<br>How do you configure the VPNC to enforce that requirement?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='440303' \/><input type='hidden' id='answerType440303' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440303[]' id='answer-id-1703585' class='answer   answerof-440303 ' value='1703585'   \/><label for='answer-id-1703585' id='answer-label-1703585' class=' answer'><span>Set up a VIA Authentication Profile that uses CPPM's server group; reference that profile in the VIA Web Authentication Profile.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440303[]' id='answer-id-1703586' class='answer   answerof-440303 ' value='1703586'   \/><label for='answer-id-1703586' id='answer-label-1703586' class=' answer'><span>Reference CPPM's server group in an AAA profile; then, apply that profile to the VPNC's Internet-facing ports.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440303[]' id='answer-id-1703587' class='answer   answerof-440303 ' value='1703587'   \/><label for='answer-id-1703587' id='answer-label-1703587' class=' answer'><span>Create a new VPN Authentication Profile and then reference CPPM's default server group in that profile.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440303[]' id='answer-id-1703588' class='answer   answerof-440303 ' value='1703588'   \/><label for='answer-id-1703588' id='answer-label-1703588' class=' answer'><span>Set up a VIA Authentication Profile that uses CPPM's server group; reference that profile in the VIA Connection Profile.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-440304'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>A company uses HPE Aruba Networking ClearPass Policy Manager (CPPM) and HPE Aruba Networking ClearPass Device Insight (CPDI) and has integrated the two. CPDI admins have created a tag. CPPM admins have created rules that use that tag in the wired 802.1X and wireless 802.1X services' enforcement policies. <br \/>\r<br>The company requires CPPM to apply the tag-based rules to a client directly after it learns that the client has that tag. <br \/>\r<br>What is one of the settings that you should verify on CPPM?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='440304' \/><input type='hidden' id='answerType440304' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440304[]' id='answer-id-1703589' class='answer   answerof-440304 ' value='1703589'   \/><label for='answer-id-1703589' id='answer-label-1703589' class=' answer'><span>The &quot;Device Sync&quot; setting is set to 1 in the ClearPass Device Insight Integration settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440304[]' id='answer-id-1703590' class='answer   answerof-440304 ' value='1703590'   \/><label for='answer-id-1703590' id='answer-label-1703590' class=' answer'><span>Both 802.1X services have the &quot;Profile Endpoints&quot; option enabled and an appropriate CoA profile selected in the Profiler tab.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440304[]' id='answer-id-1703591' class='answer   answerof-440304 ' value='1703591'   \/><label for='answer-id-1703591' id='answer-label-1703591' class=' answer'><span>Both 802.1X services have the &quot;Use cached Role and Posture attributes from the previous sessions&quot; setting.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440304[]' id='answer-id-1703592' class='answer   answerof-440304 ' value='1703592'   \/><label for='answer-id-1703592' id='answer-label-1703592' class=' answer'><span>The &quot;Polling Interval&quot; is set to 1 in the ClearPass Device Insight Integration settings.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-440305'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>Refer to the exhibit. <br \/>\r<br><br><img decoding=\"async\" width=420 height=438 id=\"\u56fe\u7247 11\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/uploads\/2025\/11\/image001-19.jpg\"><br><br \/>\r<br>All of the switches in the exhibit are AOS-CX switches. <br \/>\r<br>What is the preferred configuration on Switch-2 for preventing rogue OSPF routers in this network?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='440305' \/><input type='hidden' id='answerType440305' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440305[]' id='answer-id-1703593' class='answer   answerof-440305 ' value='1703593'   \/><label for='answer-id-1703593' id='answer-label-1703593' class=' answer'><span>Disable OSPF entirely on VLANs 10-19.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440305[]' id='answer-id-1703594' class='answer   answerof-440305 ' value='1703594'   \/><label for='answer-id-1703594' id='answer-label-1703594' class=' answer'><span>Configure OSPF authentication on VLANs 10-19 in password mode.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440305[]' id='answer-id-1703595' class='answer   answerof-440305 ' value='1703595'   \/><label for='answer-id-1703595' id='answer-label-1703595' class=' answer'><span>Configure OSPF authentication on Lag 1 in MD5 mode.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440305[]' id='answer-id-1703596' class='answer   answerof-440305 ' value='1703596'   \/><label for='answer-id-1703596' id='answer-label-1703596' class=' answer'><span>Configure passive-interface as the OSPF default and disable OSPF passive on Lag 1.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-440306'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>A company issues user certificates to domain computers using its Windows CA and the default user <br \/>\r<br>certificate template. You have set up HPE Aruba Networking ClearPass Policy Manager (CPPM) to authenticate 802.1X clients with those certificates. However, during tests, you receive an error that authorization has failed because the usernames do not exist in the authentication source. <br \/>\r<br>What is one way to fix this issue and enable clients to successfully authenticate with certificates?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='440306' \/><input type='hidden' id='answerType440306' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440306[]' id='answer-id-1703597' class='answer   answerof-440306 ' value='1703597'   \/><label for='answer-id-1703597' id='answer-label-1703597' class=' answer'><span>Configure rules to strip the domain name from the username.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440306[]' id='answer-id-1703598' class='answer   answerof-440306 ' value='1703598'   \/><label for='answer-id-1703598' id='answer-label-1703598' class=' answer'><span>Change the authentication method list to include both PEAP MSCHAPv2 and EAP-TL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440306[]' id='answer-id-1703599' class='answer   answerof-440306 ' value='1703599'   \/><label for='answer-id-1703599' id='answer-label-1703599' class=' answer'><span>Add the ClearPass Onboard local repository to the authentication source list.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440306[]' id='answer-id-1703600' class='answer   answerof-440306 ' value='1703600'   \/><label for='answer-id-1703600' id='answer-label-1703600' class=' answer'><span>Remove EAP-TLS from the authentication method list and add TEAP there instead.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-440307'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>A security team needs to track a device's communication patterns and identify patterns such as how many destinations the device is accessing. <br \/>\r<br>Which Aruba solution can show this information at a glance?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='440307' \/><input type='hidden' id='answerType440307' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440307[]' id='answer-id-1703601' class='answer   answerof-440307 ' value='1703601'   \/><label for='answer-id-1703601' id='answer-label-1703601' class=' answer'><span>HPE Aruba Networking ClearPass Insight Endpoints and Network Dashboards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440307[]' id='answer-id-1703602' class='answer   answerof-440307 ' value='1703602'   \/><label for='answer-id-1703602' id='answer-label-1703602' class=' answer'><span>HPE Aruba Networking ClearPass Policy Manager (CPPM) live monitoring Access Tracker<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440307[]' id='answer-id-1703603' class='answer   answerof-440307 ' value='1703603'   \/><label for='answer-id-1703603' id='answer-label-1703603' class=' answer'><span>HPE Aruba Networking ClearPass Device Insight (CPDI) under a device's network activity<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440307[]' id='answer-id-1703604' class='answer   answerof-440307 ' value='1703604'   \/><label for='answer-id-1703604' id='answer-label-1703604' class=' answer'><span>AOS-CX Analytics Dashboard using the system-installed NAE agent<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-440308'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>Refer to Exhibit. <br \/>\r<br><br><img decoding=\"async\" width=649 height=380 id=\"\u56fe\u7247 10\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/uploads\/2025\/11\/image002-19.jpg\"><br><br \/>\r<br>A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application). In the CPDI interface, you go to the Generic Devices page and see the view shown in the exhibit. <br \/>\r<br>What correctly describes what you see?<\/div><input type='hidden' name='question_id[]' id='qID_33' value='440308' \/><input type='hidden' id='answerType440308' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440308[]' id='answer-id-1703605' class='answer   answerof-440308 ' value='1703605'   \/><label for='answer-id-1703605' id='answer-label-1703605' class=' answer'><span>Each cluster is a group of unclassified devices that CPDI's machine learning has discovered to have similar attributes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440308[]' id='answer-id-1703606' class='answer   answerof-440308 ' value='1703606'   \/><label for='answer-id-1703606' id='answer-label-1703606' class=' answer'><span>Each cluster is a group of devices that match one of the tags configured by admins.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440308[]' id='answer-id-1703607' class='answer   answerof-440308 ' value='1703607'   \/><label for='answer-id-1703607' id='answer-label-1703607' class=' answer'><span>Each cluster is all the devices that have been assigned to the same category by one of CPDI's built-in system rules.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440308[]' id='answer-id-1703608' class='answer   answerof-440308 ' value='1703608'   \/><label for='answer-id-1703608' id='answer-label-1703608' class=' answer'><span>Each cluster is a group of devices that have been classified with user rules, but for which CPDI offers different recommendations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-440309'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>Which use case is fulfilled by applying a time range to a firewall rule on an AOS device?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='440309' \/><input type='hidden' id='answerType440309' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440309[]' id='answer-id-1703609' class='answer   answerof-440309 ' value='1703609'   \/><label for='answer-id-1703609' id='answer-label-1703609' class=' answer'><span>Enforcing the rule only during the specified time range<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440309[]' id='answer-id-1703610' class='answer   answerof-440309 ' value='1703610'   \/><label for='answer-id-1703610' id='answer-label-1703610' class=' answer'><span>Tuning the session timeout for sessions established with this rule<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440309[]' id='answer-id-1703611' class='answer   answerof-440309 ' value='1703611'   \/><label for='answer-id-1703611' id='answer-label-1703611' class=' answer'><span>Locking clients that violate the rule for the specified time range<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440309[]' id='answer-id-1703612' class='answer   answerof-440309 ' value='1703612'   \/><label for='answer-id-1703612' id='answer-label-1703612' class=' answer'><span>Setting the time range over which hit counts for the rule are aggregated<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-440310'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>You have set up a mirroring session between an AOS-CX switch and a management station, running Wireshark. You want to capture just the traffic sent in the mirroring session, not the management station's other traffic. <br \/>\r<br>What should you do?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='440310' \/><input type='hidden' id='answerType440310' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440310[]' id='answer-id-1703613' class='answer   answerof-440310 ' value='1703613'   \/><label for='answer-id-1703613' id='answer-label-1703613' class=' answer'><span>Apply this capture filter: ip proto 47<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440310[]' id='answer-id-1703614' class='answer   answerof-440310 ' value='1703614'   \/><label for='answer-id-1703614' id='answer-label-1703614' class=' answer'><span>Edit protocol preferences and enable ARUBA_ER<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440310[]' id='answer-id-1703615' class='answer   answerof-440310 ' value='1703615'   \/><label for='answer-id-1703615' id='answer-label-1703615' class=' answer'><span>Edit protocol preferences and enable HPE_ER<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440310[]' id='answer-id-1703616' class='answer   answerof-440310 ' value='1703616'   \/><label for='answer-id-1703616' id='answer-label-1703616' class=' answer'><span>Apply this capture filter: udp port 5555<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-440311'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>A company needs to enforce 802.1X authentication for its Windows domain computers to HPE Aruba Networking ClearPass Policy Manager (CPPM). The company needs the computers to authenticate as both machines and users in the same session. <br \/>\r<br>Which authentication method should you set up on CPPM?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='440311' \/><input type='hidden' id='answerType440311' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440311[]' id='answer-id-1703617' class='answer   answerof-440311 ' value='1703617'   \/><label for='answer-id-1703617' id='answer-label-1703617' class=' answer'><span>TEAP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440311[]' id='answer-id-1703618' class='answer   answerof-440311 ' value='1703618'   \/><label for='answer-id-1703618' id='answer-label-1703618' class=' answer'><span>PEAP MSCHAPv2<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440311[]' id='answer-id-1703619' class='answer   answerof-440311 ' value='1703619'   \/><label for='answer-id-1703619' id='answer-label-1703619' class=' answer'><span>EAP-TTLS<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440311[]' id='answer-id-1703620' class='answer   answerof-440311 ' value='1703620'   \/><label for='answer-id-1703620' id='answer-label-1703620' class=' answer'><span>EAP-TLS<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-440312'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application). You have identified a device, which is currently classified as one type, but you want to classify it as a custom type. You also want to classify all devices with similar attributes as this type, both already-discovered devices and new devices discovered later. <br \/>\r<br>What should you do?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='440312' \/><input type='hidden' id='answerType440312' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440312[]' id='answer-id-1703621' class='answer   answerof-440312 ' value='1703621'   \/><label for='answer-id-1703621' id='answer-label-1703621' class=' answer'><span>Create a user tag from the Generic Devices page, select the desired attributes for the tag, and save the tag.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440312[]' id='answer-id-1703622' class='answer   answerof-440312 ' value='1703622'   \/><label for='answer-id-1703622' id='answer-label-1703622' class=' answer'><span>In the device details, select reclassify, create a user rule based on its attributes, and choose &quot;Save &amp; Reclassify.&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440312[]' id='answer-id-1703623' class='answer   answerof-440312 ' value='1703623'   \/><label for='answer-id-1703623' id='answer-label-1703623' class=' answer'><span>In the device details, select filter, create a user tag based on the device attributes, and save the tag.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440312[]' id='answer-id-1703624' class='answer   answerof-440312 ' value='1703624'   \/><label for='answer-id-1703624' id='answer-label-1703624' class=' answer'><span>Create a user rule from the Generic Devices page, select the desired attributes for the rule, and \r\nchoose &quot;Save.&quot;<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-440313'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>A company has HPE Aruba Networking Central-managed APs. The company wants to block all clients connected through the APs from using YouTube. <br \/>\r<br>Which steps should you take?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='440313' \/><input type='hidden' id='answerType440313' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440313[]' id='answer-id-1703625' class='answer   answerof-440313 ' value='1703625'   \/><label for='answer-id-1703625' id='answer-label-1703625' class=' answer'><span>Deploy gateways and have the APs tunnel traffic to the gateways. Then, enable the gateway IDS\/IPS engine.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440313[]' id='answer-id-1703626' class='answer   answerof-440313 ' value='1703626'   \/><label for='answer-id-1703626' id='answer-label-1703626' class=' answer'><span>Enable Client IPS at the &quot;custom&quot; level, and then specify the check for YouTube.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440313[]' id='answer-id-1703627' class='answer   answerof-440313 ' value='1703627'   \/><label for='answer-id-1703627' id='answer-label-1703627' class=' answer'><span>Enable WebCC on all client firewall roles. Then, create WebCC category rules that deny suspicious URLs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440313[]' id='answer-id-1703628' class='answer   answerof-440313 ' value='1703628'   \/><label for='answer-id-1703628' id='answer-label-1703628' class=' answer'><span>Enable DP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440313[]' id='answer-id-1703629' class='answer   answerof-440313 ' value='1703629'   \/><label for='answer-id-1703629' id='answer-label-1703629' class=' answer'><span>Then, create application rules to deny YouTube on the firewall roles.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-440314'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>You have run an Active Endpoint Security Report on HPE Aruba Networking ClearPass. The report indicates that hundreds of endpoints have MAC addresses but no known IP addresses. <br \/>\r<br>What is one step for addressing this issue?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='440314' \/><input type='hidden' id='answerType440314' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440314[]' id='answer-id-1703630' class='answer   answerof-440314 ' value='1703630'   \/><label for='answer-id-1703630' id='answer-label-1703630' class=' answer'><span>Set up network devices to implement RADIUS accounting to CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440314[]' id='answer-id-1703631' class='answer   answerof-440314 ' value='1703631'   \/><label for='answer-id-1703631' id='answer-label-1703631' class=' answer'><span>Add CPPM's IP address to the IP helper list on routing switches.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440314[]' id='answer-id-1703632' class='answer   answerof-440314 ' value='1703632'   \/><label for='answer-id-1703632' id='answer-label-1703632' class=' answer'><span>Set up switches to implement ARP inspection on client VLANs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440314[]' id='answer-id-1703633' class='answer   answerof-440314 ' value='1703633'   \/><label for='answer-id-1703633' id='answer-label-1703633' class=' answer'><span>Configure CPPM as a Syslog destination on network devices.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-440315'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>You need to create a rule in an HPE Aruba Networking ClearPass Policy Manager (CPPM) role mapping policy that references a ClearPass Device Insight Tag. <br \/>\r<br>Which Type (namespace) should you specify for the rule?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='440315' \/><input type='hidden' id='answerType440315' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440315[]' id='answer-id-1703634' class='answer   answerof-440315 ' value='1703634'   \/><label for='answer-id-1703634' id='answer-label-1703634' class=' answer'><span>Application<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440315[]' id='answer-id-1703635' class='answer   answerof-440315 ' value='1703635'   \/><label for='answer-id-1703635' id='answer-label-1703635' class=' answer'><span>Tips<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440315[]' id='answer-id-1703636' class='answer   answerof-440315 ' value='1703636'   \/><label for='answer-id-1703636' id='answer-label-1703636' class=' answer'><span>Device<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440315[]' id='answer-id-1703637' class='answer   answerof-440315 ' value='1703637'   \/><label for='answer-id-1703637' id='answer-label-1703637' class=' answer'><span>Endpoint<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-41' style=';'><div id='questionWrap-41'  class='   watupro-question-id-440316'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>41. <\/span>A company has HPE Aruba Networking APs running AOS-10 and managed by HPE Aruba Networking Central. The company also has AOS-CX switches. The security team wants you to capture traffic from a particular wireless client. You should capture this client's traffic over a 15 minute time period and then send the traffic to them in a PCAP file. <br \/>\r<br>What should you do?<\/div><input type='hidden' name='question_id[]' id='qID_41' value='440316' \/><input type='hidden' id='answerType440316' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440316[]' id='answer-id-1703638' class='answer   answerof-440316 ' value='1703638'   \/><label for='answer-id-1703638' id='answer-label-1703638' class=' answer'><span>Go to the client's AP in HPE Aruba Networking Central. Use the &quot;Security&quot; page to run a packet capture.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440316[]' id='answer-id-1703639' class='answer   answerof-440316 ' value='1703639'   \/><label for='answer-id-1703639' id='answer-label-1703639' class=' answer'><span>Access the CLI for the client's A<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440316[]' id='answer-id-1703640' class='answer   answerof-440316 ' value='1703640'   \/><label for='answer-id-1703640' id='answer-label-1703640' class=' answer'><span>Set up a mirroring session between its radio and a management \r\nstation running Wireshark.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440316[]' id='answer-id-1703641' class='answer   answerof-440316 ' value='1703641'   \/><label for='answer-id-1703641' id='answer-label-1703641' class=' answer'><span>Access the CLI for the client's AP's switch. Set up a mirroring session between the AP's port and a management station running Wireshark.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440316[]' id='answer-id-1703642' class='answer   answerof-440316 ' value='1703642'   \/><label for='answer-id-1703642' id='answer-label-1703642' class=' answer'><span>Go to that client in HPE Aruba Networking Central. Use the &quot;Live Events&quot; page to run a packet capture.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-42' style=';'><div id='questionWrap-42'  class='   watupro-question-id-440317'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>42. <\/span>What is a use case for the HPE Aruba Networking ClearPass OnGuard dissolvable agent?<\/div><input type='hidden' name='question_id[]' id='qID_42' value='440317' \/><input type='hidden' id='answerType440317' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440317[]' id='answer-id-1703643' class='answer   answerof-440317 ' value='1703643'   \/><label for='answer-id-1703643' id='answer-label-1703643' class=' answer'><span>Continuously monitoring Windows domain clients for compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440317[]' id='answer-id-1703644' class='answer   answerof-440317 ' value='1703644'   \/><label for='answer-id-1703644' id='answer-label-1703644' class=' answer'><span>Implementing a one-time compliance scan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440317[]' id='answer-id-1703645' class='answer   answerof-440317 ' value='1703645'   \/><label for='answer-id-1703645' id='answer-label-1703645' class=' answer'><span>Auto-remediating posture issues on clients<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440317[]' id='answer-id-1703646' class='answer   answerof-440317 ' value='1703646'   \/><label for='answer-id-1703646' id='answer-label-1703646' class=' answer'><span>Periodically scanning Linux clients for security issues<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-43' style=';'><div id='questionWrap-43'  class='   watupro-question-id-440318'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>43. <\/span>A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application). In the CPDI security settings, Security Analysis is On, the Data Source is ClearPass Devices Insight, and Enable Posture Assessment is On. You see that device has a Risk Score of 90. <br \/>\r<br>What can you know from this information?<\/div><input type='hidden' name='question_id[]' id='qID_43' value='440318' \/><input type='hidden' id='answerType440318' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440318[]' id='answer-id-1703647' class='answer   answerof-440318 ' value='1703647'   \/><label for='answer-id-1703647' id='answer-label-1703647' class=' answer'><span>The posture is unhealthy, and CPDI has also detected at least one vulnerability on the device.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440318[]' id='answer-id-1703648' class='answer   answerof-440318 ' value='1703648'   \/><label for='answer-id-1703648' id='answer-label-1703648' class=' answer'><span>The posture is unhealthy, but CPDI has not detected any vulnerabilities on the device.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440318[]' id='answer-id-1703649' class='answer   answerof-440318 ' value='1703649'   \/><label for='answer-id-1703649' id='answer-label-1703649' class=' answer'><span>The posture is healthy, but CPDI has detected multiple vulnerabilities on the device.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440318[]' id='answer-id-1703650' class='answer   answerof-440318 ' value='1703650'   \/><label for='answer-id-1703650' id='answer-label-1703650' class=' answer'><span>The posture is unknown, and CPDI has detected exactly four vulnerabilities on the device.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-44' style=';'><div id='questionWrap-44'  class='   watupro-question-id-440319'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>44. <\/span>A company is implementing a client-to-site VPN based on tunnel-mode IPsec. <br \/>\r<br>Which devices are responsible for the IPsec encapsulation?<\/div><input type='hidden' name='question_id[]' id='qID_44' value='440319' \/><input type='hidden' id='answerType440319' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440319[]' id='answer-id-1703651' class='answer   answerof-440319 ' value='1703651'   \/><label for='answer-id-1703651' id='answer-label-1703651' class=' answer'><span>Gateways at the remote clients' locations and devices accessed by the clients at the main site<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440319[]' id='answer-id-1703652' class='answer   answerof-440319 ' value='1703652'   \/><label for='answer-id-1703652' id='answer-label-1703652' class=' answer'><span>The remote clients and devices accessed by the clients at the main site<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440319[]' id='answer-id-1703653' class='answer   answerof-440319 ' value='1703653'   \/><label for='answer-id-1703653' id='answer-label-1703653' class=' answer'><span>The remote clients and a gateway at the main site<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440319[]' id='answer-id-1703654' class='answer   answerof-440319 ' value='1703654'   \/><label for='answer-id-1703654' id='answer-label-1703654' class=' answer'><span>Gateways at the remote clients' locations and a gateway at the main site<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-45' style=';'><div id='questionWrap-45'  class='   watupro-question-id-440320'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>45. <\/span>1.You have configured an AOS-CX switch to implement 802.1X on edge ports. Assume ports operate in the default auth-mode. VolP phones are assigned to the &quot;voice&quot; role and need to send traffic that is tagged for VLAN 12. <br \/>\r<br>Where should you configure VLAN 12?<\/div><input type='hidden' name='question_id[]' id='qID_45' value='440320' \/><input type='hidden' id='answerType440320' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440320[]' id='answer-id-1703655' class='answer   answerof-440320 ' value='1703655'   \/><label for='answer-id-1703655' id='answer-label-1703655' class=' answer'><span>As the trunk native VLAN on edge ports and the trunk native VLAN on the &quot;voice&quot; role<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440320[]' id='answer-id-1703656' class='answer   answerof-440320 ' value='1703656'   \/><label for='answer-id-1703656' id='answer-label-1703656' class=' answer'><span>As a trunk allowed VLAN on edge ports and the trunk native VLAN in the &quot;voice&quot; role<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440320[]' id='answer-id-1703657' class='answer   answerof-440320 ' value='1703657'   \/><label for='answer-id-1703657' id='answer-label-1703657' class=' answer'><span>As the trunk native VLAN in the &quot;voice&quot; role (and not in the edge port settings)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440320[]' id='answer-id-1703658' class='answer   answerof-440320 ' value='1703658'   \/><label for='answer-id-1703658' id='answer-label-1703658' class=' answer'><span>As the allowed trunk VLAN in the &quot;voice&quot; role (and not in the edge port settings)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-46' style=';'><div id='questionWrap-46'  class='   watupro-question-id-440321'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>46. <\/span>A company uses HPE Aruba Networking ClearPass Policy Manager (CPPM) as a TACACS+ server to authenticate managers on its AOS-CX switches. The company wants CPPM to control which commands managers are allowed to enter. You see there is no field to enter these commands in ClearPass. <br \/>\r<br>How do you start configuring the command list on CPPM?<\/div><input type='hidden' name='question_id[]' id='qID_46' value='440321' \/><input type='hidden' id='answerType440321' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440321[]' id='answer-id-1703659' class='answer   answerof-440321 ' value='1703659'   \/><label for='answer-id-1703659' id='answer-label-1703659' class=' answer'><span>Add the Shell service to the managers' TACACS+ enforcement profiles.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440321[]' id='answer-id-1703660' class='answer   answerof-440321 ' value='1703660'   \/><label for='answer-id-1703660' id='answer-label-1703660' class=' answer'><span>Edit the TACACS+ settings in the AOS-CX switches' network device entries.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440321[]' id='answer-id-1703661' class='answer   answerof-440321 ' value='1703661'   \/><label for='answer-id-1703661' id='answer-label-1703661' class=' answer'><span>Create an enforcement policy with the TACACS+ type.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440321[]' id='answer-id-1703662' class='answer   answerof-440321 ' value='1703662'   \/><label for='answer-id-1703662' id='answer-label-1703662' class=' answer'><span>Edit the settings for CPPM's default TACACS+ admin roles.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-47' style=';'><div id='questionWrap-47'  class='   watupro-question-id-440322'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>47. <\/span>A company lacks visibility into the many different types of user and loT devices deployed in its internal network, making it hard for the security team to address those devices. <br \/>\r<br>Which HPE Aruba Networking solution should you recommend to resolve this issue?<\/div><input type='hidden' name='question_id[]' id='qID_47' value='440322' \/><input type='hidden' id='answerType440322' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440322[]' id='answer-id-1703663' class='answer   answerof-440322 ' value='1703663'   \/><label for='answer-id-1703663' id='answer-label-1703663' class=' answer'><span>HPE Aruba Networking ClearPass Device Insight (CPDI)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440322[]' id='answer-id-1703664' class='answer   answerof-440322 ' value='1703664'   \/><label for='answer-id-1703664' id='answer-label-1703664' class=' answer'><span>HPE Aruba Networking Network Analytics Engine (NAE)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440322[]' id='answer-id-1703665' class='answer   answerof-440322 ' value='1703665'   \/><label for='answer-id-1703665' id='answer-label-1703665' class=' answer'><span>HPE Aruba Networking Mobility Conductor<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440322[]' id='answer-id-1703666' class='answer   answerof-440322 ' value='1703666'   \/><label for='answer-id-1703666' id='answer-label-1703666' class=' answer'><span>HPE Aruba Networking ClearPass OnBoard<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-48' style=';'><div id='questionWrap-48'  class='   watupro-question-id-440323'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>48. <\/span>A company has HPE Aruba Networking APs running AOS-10 that connect to AOS-CX switches. <br \/>\r<br>The APs will: <br \/>\r<br>. Authenticate as 802.1X supplicants to HPE Aruba Networking ClearPass Policy Manager (CPPM) <br \/>\r<br>. Be assigned to the &quot;APs&quot; role on the switches <br \/>\r<br>. Have their traffic forwarded locally <br \/>\r<br>What information do you need to help you determine the VLAN settings for the &quot;APs&quot; role?<\/div><input type='hidden' name='question_id[]' id='qID_48' value='440323' \/><input type='hidden' id='answerType440323' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440323[]' id='answer-id-1703667' class='answer   answerof-440323 ' value='1703667'   \/><label for='answer-id-1703667' id='answer-label-1703667' class=' answer'><span>Whether the APs have static or DHCP-assigned IP addresses<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440323[]' id='answer-id-1703668' class='answer   answerof-440323 ' value='1703668'   \/><label for='answer-id-1703668' id='answer-label-1703668' class=' answer'><span>Whether the switches are using local user-roles (LURs) or downloadable user-roles (DURs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440323[]' id='answer-id-1703669' class='answer   answerof-440323 ' value='1703669'   \/><label for='answer-id-1703669' id='answer-label-1703669' class=' answer'><span>Whether the switches have established tunnels with an HPE Aruba Networking gateway<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440323[]' id='answer-id-1703670' class='answer   answerof-440323 ' value='1703670'   \/><label for='answer-id-1703670' id='answer-label-1703670' class=' answer'><span>Whether the APs bridge or tunnel traffic on their SSIDs<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-49' style=';'><div id='questionWrap-49'  class='   watupro-question-id-440324'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>49. <\/span>A company has HPE Aruba Networking APs, which authenticate users to HPE Aruba Networking ClearPass Policy Manager (CPPM). <br \/>\r<br>What does HPE Aruba Networking recommend as the preferred method for assigning clients to a role on the AOS firewall?<\/div><input type='hidden' name='question_id[]' id='qID_49' value='440324' \/><input type='hidden' id='answerType440324' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440324[]' id='answer-id-1703671' class='answer   answerof-440324 ' value='1703671'   \/><label for='answer-id-1703671' id='answer-label-1703671' class=' answer'><span>Configure CPPM to assign the role using a RADIUS enforcement profile with a RADIUS: IETF Username attribute.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440324[]' id='answer-id-1703672' class='answer   answerof-440324 ' value='1703672'   \/><label for='answer-id-1703672' id='answer-label-1703672' class=' answer'><span>Configure CPPM to assign the role using a RADIUS enforcement profile with an Aruba-User-Role VS<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440324[]' id='answer-id-1703673' class='answer   answerof-440324 ' value='1703673'   \/><label for='answer-id-1703673' id='answer-label-1703673' class=' answer'><span>Create server rules on the APs to assign clients to roles based on RADIUS IETF attributes returned by CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440324[]' id='answer-id-1703674' class='answer   answerof-440324 ' value='1703674'   \/><label for='answer-id-1703674' id='answer-label-1703674' class=' answer'><span>Create user rules on the APs to assign clients to roles based on a variety of criteria.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-50' style=';'><div id='questionWrap-50'  class='   watupro-question-id-440325'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>50. <\/span>A company has HPE Aruba Networking APs and AOS-CX switches, as well as HPE Aruba Networking ClearPass. The company wants CPPM to have HTTP User-Agent strings to use in profiling devices. <br \/>\r<br>What can you do to support these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_50' value='440325' \/><input type='hidden' id='answerType440325' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440325[]' id='answer-id-1703675' class='answer   answerof-440325 ' value='1703675'   \/><label for='answer-id-1703675' id='answer-label-1703675' class=' answer'><span>Add the CPPM server's IP address to the IP helper list in all client VLANs on routing switches.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440325[]' id='answer-id-1703676' class='answer   answerof-440325 ' value='1703676'   \/><label for='answer-id-1703676' id='answer-label-1703676' class=' answer'><span>Schedule periodic subnet scans of all client subnets on CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440325[]' id='answer-id-1703677' class='answer   answerof-440325 ' value='1703677'   \/><label for='answer-id-1703677' id='answer-label-1703677' class=' answer'><span>Configure mirror sessions on the APs and switches to copy client HTTP traffic to CPP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-440325[]' id='answer-id-1703678' class='answer   answerof-440325 ' value='1703678'   \/><label for='answer-id-1703678' id='answer-label-1703678' class=' answer'><span>On the APs and switches, configure a redirect to ClearPass Guest in the role for devices being profiled.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-51'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons11194\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"11194\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-04-12 18:23:51\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1776018231\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"440276:1703477,1703478,1703479,1703480 | 440277:1703481,1703482,1703483,1703484 | 440278:1703485,1703486,1703487,1703488 | 440279:1703489,1703490,1703491,1703492 | 440280:1703493,1703494,1703495,1703496 | 440281:1703497,1703498,1703499,1703500 | 440282:1703501,1703502,1703503,1703504 | 440283:1703505,1703506,1703507,1703508 | 440284:1703509,1703510,1703511,1703512 | 440285:1703513,1703514,1703515,1703516 | 440286:1703517,1703518,1703519,1703520 | 440287:1703521,1703522,1703523,1703524 | 440288:1703525,1703526,1703527,1703528 | 440289:1703529,1703530,1703531,1703532 | 440290:1703533,1703534,1703535,1703536 | 440291:1703537,1703538,1703539,1703540 | 440292:1703541,1703542,1703543,1703544 | 440293:1703545,1703546,1703547,1703548 | 440294:1703549,1703550,1703551,1703552 | 440295:1703553,1703554,1703555,1703556 | 440296:1703557,1703558,1703559,1703560 | 440297:1703561,1703562,1703563,1703564 | 440298:1703565,1703566,1703567,1703568 | 440299:1703569,1703570,1703571,1703572 | 440300:1703573,1703574,1703575,1703576 | 440301:1703577,1703578,1703579,1703580 | 440302:1703581,1703582,1703583,1703584 | 440303:1703585,1703586,1703587,1703588 | 440304:1703589,1703590,1703591,1703592 | 440305:1703593,1703594,1703595,1703596 | 440306:1703597,1703598,1703599,1703600 | 440307:1703601,1703602,1703603,1703604 | 440308:1703605,1703606,1703607,1703608 | 440309:1703609,1703610,1703611,1703612 | 440310:1703613,1703614,1703615,1703616 | 440311:1703617,1703618,1703619,1703620 | 440312:1703621,1703622,1703623,1703624 | 440313:1703625,1703626,1703627,1703628,1703629 | 440314:1703630,1703631,1703632,1703633 | 440315:1703634,1703635,1703636,1703637 | 440316:1703638,1703639,1703640,1703641,1703642 | 440317:1703643,1703644,1703645,1703646 | 440318:1703647,1703648,1703649,1703650 | 440319:1703651,1703652,1703653,1703654 | 440320:1703655,1703656,1703657,1703658 | 440321:1703659,1703660,1703661,1703662 | 440322:1703663,1703664,1703665,1703666 | 440323:1703667,1703668,1703669,1703670 | 440324:1703671,1703672,1703673,1703674 | 440325:1703675,1703676,1703677,1703678\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"440276,440277,440278,440279,440280,440281,440282,440283,440284,440285,440286,440287,440288,440289,440290,440291,440292,440293,440294,440295,440296,440297,440298,440299,440300,440301,440302,440303,440304,440305,440306,440307,440308,440309,440310,440311,440312,440313,440314,440315,440316,440317,440318,440319,440320,440321,440322,440323,440324,440325\";\nWatuPROSettings[11194] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 11194;\t    \nWatuPRO.post_id = 115234;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.66160100 1776018231\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(11194);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>To truly stand out, the most updated HPE7-A02 dumps (V10.02) are available at DumpsBase, which are the greatest choice to ensure your HPE Network Security Professional Exam success. We have updated 135 practice exam questions and answers, helping you understand the HPE Network Security Professional Exam objectives. So you can clear the exam with ease. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17493],"tags":[20440,20439],"class_list":["post-115234","post","type-post","status-publish","format-standard","hentry","category-hpe","tag-hpe-network-security-professional-exam-objectives","tag-hpe7-a02-dump-questions"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/115234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=115234"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/115234\/revisions"}],"predecessor-version":[{"id":115235,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/115234\/revisions\/115235"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=115234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=115234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=115234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}