Practice Free HPE7-A02 Exam Online Questions
A company is using HPE Aruba Networking Central SD-WAN Orchestrator to establish a hub-spoke
VPN between branch gateways (BGWs) at 1444 site and VPNCs at multiple data centers.
What is part of the configuration that admins need to complete?
- A . At the global level, create default IPsec policies for the SD-WAN Orchestrator to use.
- B . In BGWs’ groups, select the VPNCs to which to connect in a DC preference list.
- C . In VPNCs’ groups, establish VPN pools to control which branches connect to which VPNCs.
- D . In BGWs’ and VPNCs’ groups, create default IKE policies for the SD-WAN Orchestrator to use.
You are setting up HPE Aruba Networking SSE.
Which use case requires you to apply a non-default device posture in a rule?
- A . Applying threat inspection to users when they access certain websites
- B . Checking whether a client has antivirus software as a condition for receiving access to resources
- C . Redirecting compromised clients to a remediation server
- D . Integrating with HPE Aruba Networking ClearPass OnGuard
You are setting up HPE Aruba Networking SSE.
Which use case requires you to apply a non-default device posture in a rule?
- A . Applying threat inspection to users when they access certain websites
- B . Checking whether a client has antivirus software as a condition for receiving access to resources
- C . Redirecting compromised clients to a remediation server
- D . Integrating with HPE Aruba Networking ClearPass OnGuard
You are setting up HPE Aruba Networking SSE.
Which use case requires you to apply a non-default device posture in a rule?
- A . Applying threat inspection to users when they access certain websites
- B . Checking whether a client has antivirus software as a condition for receiving access to resources
- C . Redirecting compromised clients to a remediation server
- D . Integrating with HPE Aruba Networking ClearPass OnGuard
You are setting up HPE Aruba Networking SSE.
Which use case requires you to apply a non-default device posture in a rule?
- A . Applying threat inspection to users when they access certain websites
- B . Checking whether a client has antivirus software as a condition for receiving access to resources
- C . Redirecting compromised clients to a remediation server
- D . Integrating with HPE Aruba Networking ClearPass OnGuard
You are setting up HPE Aruba Networking SSE.
Which use case requires you to apply a non-default device posture in a rule?
- A . Applying threat inspection to users when they access certain websites
- B . Checking whether a client has antivirus software as a condition for receiving access to resources
- C . Redirecting compromised clients to a remediation server
- D . Integrating with HPE Aruba Networking ClearPass OnGuard
You are using OpenSSL to obtain a certificate signed by a Certification Authority (CA).
You have entered this command:
openssl req -new -out file1.pem -newkey rsa:3072 -keyout file2.pem Enter PEM pass phrase: **********
Verifying – Enter PEM pass phrase: **********
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]: California
Locality Name (eg, city) []: Sunnyvale
Organization Name (eg, company) [Internet Widgits Pty Ltd]: example.com
Organizational Unit Name (eg, section) []:Infrastructure
Common Name (e.g. server FQDN or YOUR name) []: radius.example.com
What is one guideline for continuing to obtain a certificate?
- A . You should use a third-party tool to encrypt file2.pem before sending it and file1.pem to the CA.
- B . You should concatenate file1.pem and file2.pem into a single file, and submit that to the desired CA to sign.
- C . You should submit file1.pem, but not file2.pem, to the desired CA to sign.
- D . You should submit file2.pem, but not file1.pem, to the desired CA to sign.
You are using OpenSSL to obtain a certificate signed by a Certification Authority (CA).
You have entered this command:
openssl req -new -out file1.pem -newkey rsa:3072 -keyout file2.pem Enter PEM pass phrase: **********
Verifying – Enter PEM pass phrase: **********
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]: California
Locality Name (eg, city) []: Sunnyvale
Organization Name (eg, company) [Internet Widgits Pty Ltd]: example.com
Organizational Unit Name (eg, section) []:Infrastructure
Common Name (e.g. server FQDN or YOUR name) []: radius.example.com
What is one guideline for continuing to obtain a certificate?
- A . You should use a third-party tool to encrypt file2.pem before sending it and file1.pem to the CA.
- B . You should concatenate file1.pem and file2.pem into a single file, and submit that to the desired CA to sign.
- C . You should submit file1.pem, but not file2.pem, to the desired CA to sign.
- D . You should submit file2.pem, but not file1.pem, to the desired CA to sign.
What can help justify the extra cost of air monitors (AMs) to a company?
- A . AMs support tarpit containment, which introduces fewer legal issues than deauthentication containment.
- B . AMs can support wireless clients when they are not actively containing a device, so companies benefit from better security and connectivity.
- C . AMs support additional IDS/IPS features, such as malware and Trojan detection, to enhance overall security.
- D . AMs can detect wireless threats much faster than hybrid APs, reducing the company’s vulnerability surface.
What can help justify the extra cost of air monitors (AMs) to a company?
- A . AMs support tarpit containment, which introduces fewer legal issues than deauthentication containment.
- B . AMs can support wireless clients when they are not actively containing a device, so companies benefit from better security and connectivity.
- C . AMs support additional IDS/IPS features, such as malware and Trojan detection, to enhance overall security.
- D . AMs can detect wireless threats much faster than hybrid APs, reducing the company’s vulnerability surface.