HP Exam HPE6-A84 Topic 2 Question 15 Discussion

Actual exam question for HP's HPE6-A84 exam

Question #: 15
Topic #: 2

Refer to the scenario.

A hospital has an AOS10 architecture that is managed by Aruba Central. The customer has deployed a pair of Aruba 9000 Series gateways with Security licenses at each clinic. The gateways implement IDS/IPS in IDS mode.

The Security Dashboard shows these several recent events with the same signature, as shown below:

Which step could give you valuable context about the incident?

AView firewall sessions on the APs and record the threat sources' type and OS.

BView the user-table on APs and record the threat sources' 802.11 settings.

CView the RAPIDS Security Dashboard and see if the threat sources are listed as rogues.

DFind the Central client profile for the threat sources and note their category and family.

Show Suggested Answer

Suggested Answer: C

According to the ClearPass Policy Manager User Guide1, userAccountControl is a custom attribute in Active Directory that contains a set of flags that define the properties and behavior of user accounts. One of these flags is ACCOUNTDISABLE, which indicates whether the account is disabled or not. By adding this attribute to the filters in the AD authentication source, CPPM can retrieve this attribute for each user and use it as a condition in the enforcement policies to prevent users with disabled accounts from connecting even if they have valid certificates. Therefore, option C is the correct answer.

by Paz at Apr 09, 2024, 11:47 PM

Limited Time Offer

25%

26 days ago

I think the answer is C) View the RAPIDS Security Dashboard and see if the threat sources are listed as rogues.

upvoted 0 times

...