HPE7-A02 Practice Exam Questions and Answers

A.  

Deploy gateways and have the APs tunnel traffic to the gateways. Then, enable the gateway IDS/IPS engine.

B.  

Enable Client IPS at the "custom" level, and then specify the check for YouTube.

C.  

Enable WebCC on all client firewall roles. Then, create WebCC category rules that deny suspicious URLs.

D.  

Enable DPI. Then, create application rules to deny YouTube on the firewall roles.

A.  

The posture is unknown, and CPDI has detected exactly four vulnerabilities on the device.

B.  

The posture is healthy, but CPDI has detected multiple vulnerabilities on the device.

C.  

The posture is unhealthy, and CPDI has also detected at least one vulnerability on the device.

D.  

The posture is unhealthy, but CPDI has not detected any vulnerabilities on the device.

A.  

Gateways at the remote clients' locations and devices accessed by the clients at the main site

B.  

The remote clients and devices accessed by the clients at the main site

C.  

The remote clients and a gateway at the main site

D.  

Gateways at the remote clients' locations and a gateway at the main site

A.  

Enabling unmanaged devices to succeed at certificate-based 802.1X

B.  

Enabling managed Windows domain computers to succeed at certificate-based 802.1X

C.  

Enhancing security for loT devices that need to authenticate with MAC-Auth

D.  

Enforcing posture-based assessment on managed Windows domain computers

A.  

Export the Access Tracker records on CPPM as an XML file.

B.  

Use ClearPass Insight to run an Active Endpoint Security report.

C.  

Integrate CPPM with ClearPass Device Insight (CPDI) and run a security report on CPDI.

D.  

Show the security team the CPPM Endpoint Profiler dashboard.

A.  

At the global level, create default IPsec policies for the SD-WAN Orchestrator to use.

B.  

In BGWs' groups, select the VPNCs to which to connect in a DC preference list.

C.  

In VPNCs' groups, establish VPN pools to control which branches connect to which VPNCs.

D.  

In BGWs' and VPNCs' groups, create default IKE policies for the SD-WAN Orchestrator to use.

A.  

UBT mode set to VLAN extend

B.  

A VXLAN VNI mapped to the VLAN assigned to the VolP phones

C.  

VLANs assigned to the VolP phones configured on the switch uplinks

D.  

A UBT reserved VLAN set to a VLAN dedicated for that purpose

A.  

That the pool uses valid, public IP addresses that are assigned to the company

B.  

That the pool is associated with the role to which the VIA clients are being assigned

C.  

That the pool uses an IP subnet that is different from any subnet configured on the VPNC

D.  

That the pool is referenced in the clients' VIA Connection Profile

A.  

Applying threat inspection to users when they access certain websites

B.  

Checking whether a client has antivirus software as a condition for receiving access to resources

C.  

Redirecting compromised clients to a remediation server

D.  

Integrating with HPE Aruba Networking ClearPass OnGuard

A.  

Connecting a known device of this type and getting it discovered in CPPM's Endpoints Repository.

B.  

Enabling HPE Aruba Networking ClearPass Device Insight integration with the correct Data Collector token.

C.  

Pre-defining the desired attributes and rules in an XML format file.

D.  

Disabling the "Automatically download Endpoint Profiler Fingerprints" feature in cluster-wide parameters.