HPE7-A02 Exam Questions

You are setting up an HPE Aruba Networking VIA solution for a company. You have already created a VPN pool with IP addresses for the remote clients. During tests, however, the clie...

What is a typical use case for using HPE Aruba Networking ClearPass Onboard to provision devices?

What role can Internet Key Exchange (IKE)/IKEv2 play in an HPE Aruba Networking client-to-site VPN?

A company uses HPE Aruba Networking ClearPass Policy Manager (CPPM) as a TACACS+ server to authenticate managers on its AOS-CX switches. The company wants CPPM to control which com...

An AOS-CX switch has this admin user account configured on it: netadmin in the operators group. You have configured these commands on an AOS-CX switch: tacacs-server host cp.exampl...

A port-access role for AOS-CX switches has this policy applied to it: plaintext Copy code port-access policy mypolicy 10 class ip zoneC action drop 20 class ip zoneA action drop 10...

You are setting up HPE Aruba Networking SSE to prohibit users from uploading and downloading files from Dropbox. What is part of the process?

You are setting up user-based tunneling (UBT) between access layer AOS-CX switches and AOS-10 gateways. You have selected reserved (local) VLAN mode. Tunneled devices include IoT d...

A company has a third-party security appliance deployed in its data center. The company wants to pass all traffic for certain clients through that device before forwarding that tra...

You manage AOS-10 APs with HPE Aruba Networking Central. A role is configured on these APs with the following rules: Allow UDP on port 67 to any destination Allow any to network 10...

HPE Aruba Networking ClearPass Device Insight (CPDI) could not classify some endpoints using system and user rules. Using machine learning, it did assign those endpoints to a clust...

You are setting up HPE Aruba Networking SSE. Which use case requires you to apply a non- default device posture in a rule?

Refer to Exhibit. All of the switches in the exhibit are AOS-CX switches. What is the preferred configuration on Switch-2 for preventing rogue OSPF routers in this network?

A company has HPE Aruba Networking gateways that implement gateway IDS/IPS. Admins sometimes check the Security Dashboard, but they want a faster way to discover if a gateway start...

A company has Aruba APs that are controlled by Central and that implement WIDS. When you check WIDS events, you see a "detect valid SSID misuse" event. What can you interpret from...

A company is using HPE Aruba Networking ClearPass Device Insight (CPDI) (the standalone application). In the CPDI security settings, Security Analysis is On, the Data Source is Cle...

Which statement describes Zero Trust Security?

A company has a variety of HPE Aruba Networking solutions, including an HPE Aruba Networking infrastructure and HPE Aruba Networking ClearPass Policy Manager (CPPM). The company pa...

Refer to the exhibit. The exhibit shows a saved packet capture, which you have opened in Wireshark. You want to focus on the complete conversation between 10.1.70.90 and 10.1.79.11...

Refer to the Exhibit. These packets have been captured from VLAN 10. which supports clients that receive their IP addresses with DHCP. What can you interpret from the packets that...

A company is using HPE Aruba Networking Central SD-WAN Orchestrator to establish a hub- spoke VPN between branch gateways (BGWs) at 1164 site and VPNCs at multiple data centers. Wh...

A company has HPE Aruba Networking APs running AOS-10 that connect to AOS-CX switches. The APs will: Authenticate as 802.1X supplicants to HPE Aruba Networking ClearPass Policy Man...

A company has AOS-CX switches, which authenticate clients to HPE Aruba Networking ClearPass Policy Manager (CPPM). CPPM is set up to receive a variety of information about clients'...

A company already uses HPE Aruba Networking ClearPass Policy Manager (CPPM) as the RADIUS server for authenticating wireless clients with 802.1X. Now you are setting up 802.1X on A...

You are configuring the HPE Aruba Networking ClearPass Device Insight Integration settings on ClearPass Policy Manager (CPPM). For which use case should you set the 'Tag Updates Ac...

You are helping an organization deploy HPE Aruba Networking SSE. What is one reason to recommend that the company install agents on remote users' devices?

You want to examine the applications that a device is using and look for any changes in application usage over several different ranges. In which HPE Aruba Networking solution can...

A company wants to use HPE Aruba Networking ClearPass Policy Manager (CPPM) to profile Linux devices. You have decided to schedule a subnet scan of the devices' subnets. Which addi...

HPE Aruba Networking switches are implementing MAC-Auth to HPE Aruba Networking ClearPass Policy Manager (CPPM) for a company's printers. The company wants to quarantine a client t...

A company wants to apply role-based access control lists (ACLs) on AOS-CX switches, which are implementing authentication to HPE Aruba Networking ClearPass Policy Manager (CPPM). T...

A company has HPE Aruba Networking APs running AOS-10 and managed by HPE Aruba Networking Central. The company also has AOS-CX switches. The security team wants you to capture traf...

A company needs you to integrate HPE Aruba Networking ClearPass Policy Manager (CPPM) with HPE Aruba Networking ClearPass Device Insight (CPDI). What is one task you should do to p...

A company wants you to create a custom device fingerprint on CPPM with rules for profiling a group of specialized devices. What is one requirement?

Refer to the exhibit. The exhibit shows the TACACS+ enforcement profile that HPE Aruba Networking ClearPass Policy Manager (CPPM) assigns to a manager. When this manager logs into...

You are using Wireshark to view packets captured from HPE Aruba Networking infrastructure, but you're not sure that the packets are displaying correctly. In which circumstance does...

You have enabled "rogue AP containment" in the Wireless IPS settings for a company's HPE Aruba Networking APs. What form of containment does HPE Aruba Networking recommend?

The exhibit shows the 802.1X-related settings for Windows domain clients. What should admins change to make the settings follow best security practices?

Refer to the exhibit. You have verified that AOS-CX Switch-1 has constructed an IP-to-MAC binding table in VLANs 10-19. Now you need to enable ARP inspection for the endpoint conne...

A company has AOS-CX switches and HPE Aruba Networking APs, which run AOS-10 and bridge their SSIDs. Company security policies require 802.1X on all edge ports, some of which conne...

You need to create a rule in an HPE Aruba Networking ClearPass Policy Manager (CPPM) role mapping policy that references a ClearPass Device Insight Tag. Which Type (namespace) shou...

What is one benefit of integrating HPE Aruba Networking ClearPass Policy Manager (CPPM) with third-party solutions such as Mobility Device Management (MDM) and firewalls?

What is a benefit of Online Certificate Status Protocol (OCSP)?

You have created a Web-based Health Check Service that references a posture policy. You want the service to trigger a RADIUS change of authorization (CoA) when a client receives a...

You have configured an AOS-CX switch to implement 802.1X on edge ports. Assume ports operate in the default auth-mode. VoIP phones are assigned to the "voice" role and need to send...

A company wants to detect rogue APs and automatically prevent unauthorized access to its WLAN. Which security feature should be enabled?

What is the primary function of Public Key Infrastructure (PKI) in network security?

A security administrator at a company detects unauthorized devices attempting to connect to the network. The company uses Aruba ClearPass for authentication. Which solution should...

Which log level is the most critical for analyzing security threats?

Which authentication protocol is used in Aruba VPN deployments for secure user authentication?

A security team wants to use passive classification methods to profile unauthorized devices attempting to connect to their network. Which technique should be used?