HPE6-A81 Aruba Certified ClearPass Expert Written Exam Questions and Answers
Refer to the exhibit.
A customer has just configured a Posture Policy and the T 2 -Health check Service. Next they installed the OnGuard Agent on a test client connected to the Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered What could be the reason '
Which statements are true about that integration between ClearPass Policy Manager and ClearPass Device Insight? (Select two)
Refer to the exhibit.
A customer with multiple Aruba Controllers has just installed a new certificate for " ' .customerdomain.com- on all Aruba Controllers While testing the existing guest Self-Registration page the customer noticed that the logins are failing While troubleshooting they are finding no entries in the Event Viewer or Access Tracker for the tests Suspecting that the Aruba Controllers may not be properly posting the credentials from the guest browser, they open the NAS Vendor Settings for the Guest Self-Registration Page.
Refer to the exhibit.
A customer hat configured the Aruba Controller for administrative authentication using ClearPass as A TACAC5 serve ' During tasting, the read-only user is getting the root access role What could be a possible reason for this behavior? (Select two.)
You have designed a ClearPass solution for an Information Technology Business Park with 50,377 concurrent sessions including the visitors. The deployment includes eight ClearPass servers handling RADIUS authentication. Guest Self-Registration. Onboard and OnGuard. CPPM1 is acting as Publisher. CPPM2 to CPPM8 are added as subscriber nodes CPPM4 is the designated Standby Publisher. Servers CPPM2 and CPPM3 will be handling the Guest and Onboard HTTPS traffic. On a few devices, Corporate users will perform username and password based authentication with Active Directory accounts and on few devices, they will be using private CA signed TLS certificates to do the authentication The customer has three Active Directories (AD1, AD2 and A03) part of Multi-Domain Forest. To provide authentication redundancy, the customer has configured multiple Virtual IP settings between ClearPass servers in a cluster.
On all the Network Access Devices (NAD), the primary authentication server is configured as the VIP IP address and the secondary authentication server rs configured as CPPM1 MGMT IP address Based on the information provided, which ClearPass nodes will you join to the AD domain
You have configured a Guest SSIO with Captive-portaI Web Authentication and MAC authentication. The MAC caching expiry time set to 12 hours and the Guest Account expiration time is set to 8 hours. What will happen if the guest were to disconnect from the SSID and re-connect 9 hours later?
Refer to the exhibit.
A customer has incomplete information for endpoints in the Endpoint Repository. In order to make accurate decisions about what types of devices are connecting to the network. ClearPass is enabled to process the device information from IF-MAP interface, but no updates are received. What can the customer do to update those endpoints using IF-MAP?
A customer has a Clear Pass cluster deployment with four servers, two servers at the data center and two servers at a large remote site connected over an SO-WAN solution. The customer would like to implement OnGuard. Guest Self-Registration, and 802.1 X authentication across their entire environment. During testing the customer is complaining that users connecting to an Instant Cluster Employee S5ID at the remote site, with the OnGuard Persistent Agent installed are randomly getting their health check missed.
What could be a possible cause of this behavior?
Refer to the exhibit.
What could be causing the error message received on the OnGuard client?
Refer to the exhibit.
A customer it troubleshooting a client not getting the SHV posture updated and the OnGuard agent shows the Health Status Not Known. What could the user do to update the health status?
Refer to the exhibit.
You configured a new Wireless 802.1 X service for a Cisco WLC broadcasting the secure-AOM-5007 SSID. The client fails to connect to the SSIO. Using the screenshots as a reference, how would you fix this issue?
The customer would like to add a default common self-registration sponsor email under the initial value on all the ten self-registration pages created for different locations except for the guest registration page created for Sunnyvale location to use a different sponsor email in initial value. Under self-registration form fields, you have " Edit " and " Edit Base Field "
Which edit options will you choose to make minimal configuration changes to implement the customer ' s requirement? (Select two)
The customer has a 19.940 loT devices connected to the network and would like to use Allow All Mac Auth to authenticate the users and enforce the action based on the condition defined with the fingerprint details of the device. Which Authorization source would you use to decide the access of the devices?
A corporate Clear Pass Cluster with two servers located at a single site, has both Management and Data port IP addresses configured. The Management port IPs art in the DataCenter networks subnet, while the Data port IPs are in the DMZ. What is the difference between using one Virtual IP for the AAA traffic versus sending AAA requests to the physical IPs for each server ' (Select two.)
Refer to the exhibit.
You have integrated the Cisco switch with ClearPass to do MAC-Auth for Cisco IP Phones. The phones connect to the network successfully but when you try to change the status of the device from the access tracker, you see only the ArubaOS Radius terminate session options and not the Cisco vendor terminate session options. What will you check to fix this issue?
PDF + Testing Engine
Testing Engine
PDF (Q&A)
