HP Implementing Aruba IntroSpect - HPE2-W05무료 덤프문제 풀어보기
Would this be a proper correlation between entity and attack stage? (You see an alert for a user sending DNS requests for TOR sites, and correlate this to data exfiltration.)
정답: A
Refer to the exhibit.
Would this be a correct option when configuring a user account for a ClearPass to use to communicate with IntroSpect? (The username and email address must match.)
Would this be a correct option when configuring a user account for a ClearPass to use to communicate with IntroSpect? (The username and email address must match.)
정답: B
설명: (Fast2test 회원만 볼 수 있음)
You have been asked to provide a Bill of Materials (BoM) for a mature small business with two sites. The IT Director prefers all hardware to be on-premise but is open to cloud-based solution. In conversations with the IT staff, you determine that the main site has approximately 550 network devices and 400 users. All users are in Active Directory. Eighty of the users use a Pulse Secure VPN to work remotely.
The second site is a warehouse operation with approximately 40 users and another 10 users that use Pulse Secure VPN. All wireless is using Aruba Networks Instant APs. There are Active Directory servers at both sites. All logs are currently being gathered into Splunk. The team feels that they can properly monitor the corporate site network with a single tap port on a central switch at the main office. There will be a network tap at the remote site.
Is this a suggestion you would make to the customer? (The customer should install the Fixed Configuration Analyzer in the data center to manage the tap and Splunk logs for the main site and a single Packet Processor at the warehouse site.)
The second site is a warehouse operation with approximately 40 users and another 10 users that use Pulse Secure VPN. All wireless is using Aruba Networks Instant APs. There are Active Directory servers at both sites. All logs are currently being gathered into Splunk. The team feels that they can properly monitor the corporate site network with a single tap port on a central switch at the main office. There will be a network tap at the remote site.
Is this a suggestion you would make to the customer? (The customer should install the Fixed Configuration Analyzer in the data center to manage the tap and Splunk logs for the main site and a single Packet Processor at the warehouse site.)
정답: A
A company wants to integrate ClearPass with the IntroSpect. Is this a supported version? (ClearPass
6.7.4.)
6.7.4.)
정답: B
You were called into a customer site to do an evaluation of installing IntroSpect for a small business.
During the discovery process, the customer asks you to explain when they would need to deploy a Packet Processor.
Does this explain the function of the Packet Processor? (They always need the Packet Processor to process AMON data from the Aruba Networks Mobility Controller.)
During the discovery process, the customer asks you to explain when they would need to deploy a Packet Processor.
Does this explain the function of the Packet Processor? (They always need the Packet Processor to process AMON data from the Aruba Networks Mobility Controller.)
정답: B
You are planning to configure ClearPass to send endpoint context to IntroSpect. You need to create a checklist of functions that must be enabled in ClearPass to support this. Is this an option that is required? (System Monitor Service.)
정답: B
Refer to the exhibit.
An IntroSpect admin is configuring an Aruba IntroSpect Packet Processor to add Microsoft AD server as a log source for analyzing the AD server logs. Are these correct Format and Source options? (Format = Standard, and Source Type = Syslog.)
An IntroSpect admin is configuring an Aruba IntroSpect Packet Processor to add Microsoft AD server as a log source for analyzing the AD server logs. Are these correct Format and Source options? (Format = Standard, and Source Type = Syslog.)
정답: A
While looking in the IntroSpect Analyzer Conversations screen you see there are a large number of DNS sessions coming from one IP address on the data center network VLAN. Would this be a logical next step? (The device at the IP address could be infected with malware seeking Command and Control. You should audit the device.)
정답: A
A customer is asking you to explain the difference between a data breach and a data leak. Does this explain the difference? (In both cases, data has left your network for the outside. A data breach is executed by an outside attacker, while a data leak is executed either deliberately or accidentally by an inside actor.)
정답: A