HP Aruba Certified Network Security Professional Exam HPE7-A02 Question # 21 Topic 3 Discussion
HPE7-A02 Exam Topic 3 Question 21 Discussion:
Question #: 21
Topic #: 3
You are setting up policy rules in HPE Aruba Networking SSE. You want to create a single rule that permits users in a particular user group to access multiple applications. What is an easy way to meet this need?
A.
Associate the applications directly with the IdP used to authenticate the users; choose any for the destination in the policy rule.
B.
Apply the same tag to the applications; select the tag as a destination in the policy rule.
C.
Place all the applications in the same connector zone; select that zone as a destination in the policy rule.
D.
Select the applications within a non-default web profile; select that profile in the policy rule.
Tagging Applications: In HPE Aruba Networking SSE (Secure Service Edge), tagging is an efficient way to group multiple applications together for simplified management and rule creation.
Tags can be applied to applications, and a single policy rule can be configured to use the tag as the destination.
This eliminates the need to create multiple rules for each individual application, streamlining policy configuration.
Option B: Correct. Applying the same tag to multiple applications allows you to select the tag as the destination in a single policy rule, meeting the requirement efficiently.
Option A: Incorrect. Associating applications with the IdP and selecting "any" for the destination lacks granularity and security.
Option C: Incorrect. Using connector zones is more appropriate for network-level segmentation rather than grouping application policies.
Option D: Incorrect. Web profiles are generally used for web-based traffic policies, not for grouping applications in general.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit