Which statement describes Zero Trust Security?

• A.Companies should focus on protecting their resources rather than on protecting the boundaries of their internal network.
• B.Companies must apply the same access controls to all users, regardless of identity.
• C.Companies that support remote workers cannot achieve zero trust security and must determine if the benefits outweigh the cost.
• D.Companies can achieve zero trust security by strengthening their perimeter security to detect a wider range of threats.

Comment: *

Name: *

Email: *

Verification: *

A company has a third-party security appliance deployed in its data center. The company wants to pass all traffic for certain clients through that device before forwarding that traffic toward its ultimate destination.
Which AOS-CX switch technology fulfills this use case?

• A.Virtual Network Based Tunneling (VNBT)
• B.MC-LAG
• C.Network Analytics Engine (NAE)
• D.Device profiles

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

The exhibit shows a saved packet capture, which you have opened in Wireshark. You want to focus on the complete conversation between 10.1.70.90 and 10.1.79.11 that uses source port 5448.
What is a simple way to do this in Wireshark?

• A.Apply a capture filter that selects for both the 10.1.70.90 and 10.1.79.11 IP addresses.
• B.Click the Source column and then the Destination column to sort the packets into the desired order.
• C.Apply a capture filter that selects for TCP port 5448.
• D.Right-click one of the packets between those addresses and choose to follow the stream.

Comment: *

Name: *

Email: *

Verification: *

You need to set up an HPE Aruba Networking VIA solution for a customer who needs to support 2100 remote employees. The customer wants employees to download their VIA connection profile from the VPNC. Only employees who authenticate with their domain credentials to HPE Aruba Networking ClearPass Policy Manager (CPPM) should be able to download the profile. (A RADIUS server group for CPPM is already set up on the VPNC.) How do you configure the VPNC to enforce that requirement?

• A.Set up a VIA Authentication Profile that uses CPPM's server group; reference that profile in the VIA Web Authentication Profile.
• B.Reference CPPM's server group in an AAA profile; then, apply that profile to the VPNC's Internet-facing ports.
• C.Create a new VPN Authentication Profile and then reference CPPM's default server group in that profile.
• D.Set up a VIA Authentication Profile that uses CPPM's server group; reference that profile in the VIA Connection Profile.

Comment: *

Name: *

Email: *

Verification: *

You need to use "Tips:Posture" conditions within an 802.1X service's enforcement policy.
Which guideline should you follow?

• A.Enable caching roles and posture attributes from previous sessions in the service's enforcement settings.
• B.Create rules that assign postures in the service's role mapping policy.
• C.Enable profiling in the service's general settings.
• D.Select the Posture Policy type for the service's enforcement policy.

Comment: *

Name: *

Email: *

Verification: *