HPE Aruba Certified ClearPass Professional (ACCP) — Question 28

A network administrator needs to configure firewall rules for three roles:
✑ Finance
✑ Sales
✑ Employee
Several rules apply to both the Employee and Sales roles, but not to the Finance role. What is the simplest way to configure these rules?

Answer options

• A. Define the Employee and Sales roles as internal roles, and then configure the rules as global rules for internal users.
• B. Apply these rules as a subnet-based policy, and then ensure that only Employee and Sales users are assigned IP addresses in that subnet.
• C. Select either the Employee or Sales role, and then configure these rules within the global policy.
• D. Create a policy with these rules, and then apply that policy to the Employee and Sales roles.

Correct answer: D

Explanation

The correct answer is D because creating a specific policy for the Employee and Sales roles allows for easier management and clarity in rule application. Options A and B are less efficient as they involve unnecessary complexity or restrictions that could complicate the network setup. Option C limits the configuration to only one role, which is not suitable for the requirements.