HPE6-A84 Exam Dumps : Aruba Certified Network Security Expert Written Exam

The UBT solution requires that the VLAN assignments for the wired clients are done by the gateway, not by the switch. Therefore, the role configurations on the gateways should not have any VLAN assignments, as they would override the VLAN 20 that is specified in the enforcement profile. Instead, the role configurations should only have policies that define the access rights for the clients in the “eth-internet” role. This way, the gateway can assign the clients to VLAN 20 and apply the appropriate policies based on their role1

Alert duration and threshold settings are used to control how often and under what conditions email notifications are sent for gateway IDS/IPS events 1. By adjusting these settings, the customer can reduce the frequency of repeat email notifications for the same threat, while still being informed of any critical or new threats.

To adjust the alert duration and threshold settings in Aruba Central, the customer can follow these steps 1:

• In the Aruba Central app, set the filter to Global, a group, or a device.
• Under Analyze, click Alerts & Events.
• Click the Config icon to open the Alert Severities & Notifications page.
• Select the Gateway IDS/IPS tab to view the alert categories and severities for gateway IDS/IPS events.
• Click on an alert category to expand it and view the alert duration and threshold settings for each severity level.
• Enter a value in minutes for the alert duration. This is the time period during which the alert is active and email notifications are sent.
• Enter a value for the alert threshold. This is the number of times the alert must be triggered within the alert duration before an email notification is sent.
• Click Save.

By increasing the alert duration and/or threshold values, the customer can reduce the number of email notifications for recurring threats, as they will only be sent when the threshold is reached within the duration. For example, if the customer sets the alert duration to 60 minutes and the alert threshold to 10 for a Critical severity level, then an email notification will only be sent if the same threat occurs 10 times or more within an hour.

According to the ClearPass Policy Manager User Guide1, userAccountControl is a custom attribute in Active Directory that contains a set of flags that define the properties and behavior of user accounts. One of these flags is ACCOUNTDISABLE, which indicates whether the account is disabled or not. By adding this attribute to the filters in the AD authentication source, CPPM can retrieve this attribute for each user and use it as a condition in the enforcement policies to prevent users with disabled accounts from connecting even if they have valid certificates. Therefore, option C is the correct answer.