HP Aruba Certified Network Security Professional Exam HPE7-A02 Question # 23 Topic 3 Discussion
HPE7-A02 Exam Topic 3 Question 23 Discussion:
Question #: 23
Topic #: 3
A company uses both HPE Aruba Networking ClearPass Policy Manager (CPPM) and HPE Aruba Networking ClearPass Device Insight (CPDI). What is one way integrating the two solutions can help the company implement Zero Trust Security?
A.
CPPM can inform CPDI that it has assigned a particular Aruba-User-Role to a client; CPDI can then use that information to reclassify the client.
B.
CPDI can use tags to inform CPPM that clients are using prohibited applications. CPPM can then tell the network infrastructure to quarantine those clients.
C.
CPPM can provide CPDI with custom device fingerprint definitions in order to enhance the company's total visibility.
D.
CPDI can provide CPPM with extra information about users' identity. CPPM can then use that information to apply the correct identity-based enforcement.
CPDI (ClearPass Device Insight) identifies and profiles devices and applications on the network.
CPDI can tag devices based on their behavior or detected applications.
CPPM uses these tags to enforce policies, such as quarantining clients that violate security rules (e.g., using prohibited applications).
Option Analysis:
Option A: Incorrect. CPPM does not inform CPDI about role assignments; CPDI provides device context to CPPM.
Option B: Correct. CPDI tags clients, and CPPM uses those tags to enforce quarantine or other Zero Trust actions.
Option C: Incorrect. Custom fingerprint definitions are not part of this integration.
Option D: Incorrect. CPDI provides information about devices, not user identities.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit