HPE7-A02 Practice Questions

A.  

Use the firewall role to which users are assigned after VIA Web authentication to configure the forwarding rules.

B.  

Use the firewall role to which users are assigned after IKE authentication to configure the forwarding rules.

C.  

Enable split tunneling in the VIA Connection Profile and add the data center networks to the tunneled networks list.

D.  

Specify the data center networks in a VPN pool; associate that pool to the role to which users are assigned after IKE authentication.

A.  

It lets a device query whether a single certificate is revoked or not.

B.  

It lets a device dynamically renew its certificate before the certificate expires.

C.  

It lets a device download all the serial numbers for certificates revoked by a CA at once.

D.  

It lets a device determine whether to trust a certificate without needing any root certificates installed.

A.  

A WMI augmentation method is attached to these devices’ subnet segments.

B.  

CPDI has been integrated with CPPM and is receiving information from it.

C.  

Traffic is mirrored from core routing switches’ uplinks to Data Collectors’ SPAN ports.

D.  

All Data Collectors have both their Management and Data ports connected.

A.  

The posture is unhealthy, and CPDI has also detected at least one vulnerability on the device.

B.  

The posture is unhealthy, but CPDI has not detected any vulnerabilities on the device.

C.  

The posture is healthy, but CPDI has detected multiple vulnerabilities on the device.

D.  

The posture is unknown, and CPDI has detected exactly four vulnerabilities on the device.

A.  

The switch tunnels all users ' traffic to the gateway configured as the primary gateway in the UBT zone, unless that gateway fails.

B.  

The switch tunnels each user ' s traffic to the particular gateway assigned as that user ' s active user designed gateway.

C.  

The switch load balances client traffic across the primary and standby gateway configured in the UBT zone.

D.  

The switch tunnels all users ' traffic to the gateway assigned as the switch ' s active device designated gateway.

A.  

Whether the switches are using local user-roles (LURs) or downloadable user-roles (DURs).

B.  

Whether the APs bridge or tunnel traffic on their SSIDs.

C.  

Whether the switches have established tunnels with an HPE Aruba Networking gateway.

D.  

Whether the APs have static or DHCP-assigned IP addresses.

A.  

Create rules within a posture policy

B.  

Create rules within a WebAuth enforcement policy

C.  

Create the rules directly in a service’s Enforcement tab

D.  

Create rules directly in a service’s Posture tab

A.  

In the iot-wired role and on no physical interfaces

B.  

In the iot role and the iot-wired role and on no physical interfaces

C.  

In the iot-wired role and the access switch uplinks

D.  

In the iot role and the access switch uplinks

A.  

Configure rules to strip the domain name from the username.

B.  

Change the authentication method list to include both PEAP MSCHAPv2 and EAP-TLS.

C.  

Add the ClearPass Onboard local repository to the authentication source list.

D.  

Remove EAP-TLS from the authentication method list and add TEAP there instead.

A.  

Companies must apply the same access controls to all users, regardless of identity.

B.  

Companies that support remote workers cannot achieve zero trust security and must determine if the benefits outweigh the cost.

C.  

Companies should focus on protecting their resources rather than on protecting the boundaries of their internal network.

D.  

Companies can achieve zero trust security by strengthening their perimeter security to detect a wider range of threats.