A financial services company is implementing a Zero Trust architecture using Aruba solutions. The primary requirement is to enforce micro-segmentation for servers in the data center, ensuring that servers can only communicate with explicitly authorized clients and other servers. Which combination of Aruba technologies is BEST suited to enforce these granular, stateful policies at the switch port level?
A security analyst is investigating a suspected advanced persistent threat (APT) that has compromised a user's credentials. The analyst needs to trace the attacker's lateral movement across the network. According to Aruba's recommended incident response methodology, which log source should be examined FIRST to identify the initial point of compromise and all subsequent authenticated sessions using the stolen credentials?
A university is deploying a new Public Key Infrastructure (PKI) to secure its wireless network via 802.1X EAP-TLS. The security team wants to ensure that if a student's laptop is lost or stolen, its certificate can be immediately invalidated to prevent network access. Which TWO PKI components or protocols are essential for implementing this real-time certificate validation check during the authentication process? (Select TWO).
True or False: After a Network Analytic Engine (NAE) script is successfully installed and validated on an AOS-CX switch, it will automatically begin monitoring the network and generating alerts based on its logic.
A multinational corporation is enhancing its security posture by integrating ClearPass Device Insight (CPDI) with its existing ClearPass Policy Manager (CPPM) deployment. The goal is to dynamically adjust access policies based on the real-time risk score of endpoints. An administrator observes that CPDI has flagged a corporate laptop with a high-risk score due to it communicating with a known command-and-control server. Which automated remediation action is the most effective and commonly implemented response within CPPM?
During a forensic investigation into a data breach, a security professional has collected disk images and log files from several Aruba systems. To ensure the admissibility of this evidence in legal proceedings, it is crucial to maintain a verifiable record that the collected data has not been altered. Which cryptographic process should be applied to each piece of evidence to create a unique digital fingerprint for integrity verification?
A retail company is using Aruba WIPS to protect its wireless environment. An alert is generated for a rogue AP operating on the same SSID as the corporate network. The security team needs to contain this threat immediately to prevent employees and customers from connecting to it. What is the most effective and direct containment technique available within the Aruba WIPS solution?
An administrator is creating an NAE script to monitor Control Plane Policing (CoPP) statistics on an AOS-CX switch to detect potential Denial of Service (DoS) attacks. After deploying the script and creating the agent, alerts are being generated. Which protocol traffic, when seen in excessive amounts hitting the control plane, is a primary indicator of a reconnaissance attempt or the precursor to a larger attack?
A hospital is deploying a secure network for its Internet of Medical Things (IoMT) devices, such as infusion pumps and patient monitors. The primary security goal is to enforce a strict Zero Trust policy where these devices can only communicate with their designated management server and nothing else. Which THREE Aruba security features are essential to build this solution? (Select THREE).
When designing a role-based access control (RBAC) policy in ClearPass for a large enterprise, a network architect wants to ensure that access privileges are determined by an employee's department, which is stored in Active Directory. What is the correct ClearPass component to configure to fetch this department attribute and use it for policy decisions?