CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

HP HPE6-A68 Dumps

Page: 1 / 4
Total 116 questions
Get HPE6-A68 Full Access Download HPE6-A68 PDF

Aruba Certified ClearPass Professional (ACCP) V6.7 Questions and Answers

Question 1

Refer to the exhibit.

Which types of records will the report shown display?

Options:

A.

all RADIUS authentications from the 10.8.10.100 NAD to ClearPass

B.

all failed RADIUS authentications through ClearPass

C.

only Windows devices that have authenticated through the 10.8.10.100 NAD

D.

all successful RADIUS authentications through ClearPass

E.

all successful RADIUS authentications from the 10.8.10.100 NAD to ClearPass

Question 2

Which steps are required to use ClearPass as a TACACS+ Authentication server for a network device? (Select two.)

Options:

A.

Configure a TACACS Enforcement Profile on ClearPass for the desired privilege level.

B.

Configure a RADIUS Enforcement Profile on ClearPass for the desired privilege level.

C.

Configure ClearPass as an Authentication server on the network device.

D.

Configure ClearPass roles on the network device.

E.

Enable RADIUS accounting on the NAD.

Question 3

Which statement accurately describes configuration of Data and Management ports on the ClearPass appliance? (Select two.)

Options:

A.

Configuration of the management port is optional.

B.

Configuration of the management port is mandatory.

C.

Configuration of the data port is mandatory.

D.

Configuration of the data port is optional.

E.

Static IP addresses are only allowed on the management port, not the data port.

Question 4

Refer to the exhibit.

An AD user’s department attribute value is configured as “QA”. The user authenticates from a laptop running MAC OS X.

Which role is assigned to the user in ClearPass?

Options:

A.

HR Local

B.

Remote Employee

C.

[Guest]

D.

Executive

E.

IOS Device

Question 5

Based on the Policy configuration shown, which VLAN will be assigned when a user with ClearPass role Engineer authenticates to the network successfully on Saturday using connection protocol WEBAUTH?

Options:

A.

Full Access VLAN

B.

Employee VLAN

C.

Internet VLAN

D.

Deny Access

Question 6

A customer would like to deploy ClearPass with these requirements:

  • every day, 100 employees need to authenticate with their corporate laptops using EAP-TLS
  • every Friday, a meeting with business partners takes place and an additional 50 devices need to authenticate using Web Login Guest Authentication

What should the customer do regarding licenses? (Select two.)

Options:

A.

When counting policy manager licenses, include the additional 50 business partner devices.

B.

When counting policy manager licenses, exclude the additional 50 business partner devices.

C.

Purchase Onboard licenses.

D.

Purchase guest licenses.

E.

Purchase Onguard licenses.

Question 7

Refer to the exhibit.

The ClearPass Event Viewer displays an error when a user authenticates with EAP-TLS to ClearPass through an Aruba Controller Wireless Network.

What is the cause of this error?

Options:

A.

The controller’s shared secret used during the certificate exchange is incorrect.

B.

The NAS source interface IP is incorrect.

C.

The client sent an incorrect shared secret for the 802.1X authentication.

D.

The controller used an incorrect shared secret for the RADIUS authentication.

E.

The client’s shared secret used during the certificate exchange is incorrect.

Question 8

Refer to the exhibit.

A user logged in to the Self-Service Portal as shown.

What do the traffic received and sent statistics present?

Options:

A.

These show the total amount of traffic the guest transmitted, as seen through RADIUS CoA packets from the NAD to ClearPass.

B.

These show the total amount of traffic the NAD transmitted to ClearPass, as seen through RADIUS accounting messages from the NAD to ClearPass.

C.

These show the total amount of traffic the guest transmitted after account expiration, as seen through RADIUS accounting messages sent from the NAD to ClearPass.

D.

These show the total amount of traffic the guest transmitted, as seen through RADIUS CoA packets from the client to ClearPass.

E.

These show the total amount of traffic the guest transmitted, as seen through RADIUS accounting messages sent from the NAD to ClearPass.

Question 9

Refer to the exhibit.

Based on the configuration of the Enforcement Profiles in the Onboard Authorization service shown, which Onboarding action will occur?

Options:

A.

The device will be disconnected from the network after Onboarding so that an EAP-TLS authentication is not performed.

B.

The device will be disconnected from and reconnected to the network after Onboarding is completed.

C.

The device’s onboard authorization request will be denied.

D.

The device will be disconnected after post-Onboarding EAP-TLS authentication, so a second EAP-TLS authentication is performed.

E.

After logging in on the Onboard web login page, the device will be disconnected form and reconnected to the network before Onboard begins.

Question 10

A customer wants all guests who access a company’s guest network to have their accounts approved by the receptionist, before they are given access to the network.

How should the network administrator set this up in ClearPass? (Select two.)

Options:

A.

Enable sponsor approval confirmation in Receipt actions.

B.

Configure SMTP messaging in the Policy Manager.

C.

Configure a MAC caching service in the Policy Manager.

D.

Configure a MAC auth service in the Policy Manager.

E.

Enable sponsor approval in the captive portal authentication profile on the NAD.

Question 11

Refer to the exhibit.

Which statements accurately describe the cp82 ClearPass node? (Select two.)

Options:

A.

It becomes the Publisher when the primary Publisher fails.

B.

It operates as a Publisher in the same cluster as the primary Publisher when the primary is active.

C.

It operates as a Publisher in a separate cluster when the Publisher is active.

D.

It operates as a Subscriber when the Publisher is active.

E.

It stays as a Subscriber when the Publisher fails.

Question 12

ClearPass and a wired switch are configured for 802.1x authentication with RADIUS CoA (RFC 3576) on UDP port 3799. This port has been blocked by a firewall between the wired switch and ClearPass.

What will be the outcome of this state?

Options:

A.

RADIUS Authentications will fail because the wired switch will not be able to reach the ClearPass server.

B.

During RADIUS Authentication, certificate exchange between the wired switch and ClearPass will fail.

C.

RADIUS Authentications will timeout because the wired switch will not be able to reach the ClearPass server.

D.

RADIUS Authentication will succeed, but Post-Authentication Disconnect-Requests from ClearPass to the wired switch will not be delivered.

E.

RADIUS Authentication will succeed, but RADIUS Access-Accept messages from ClearPass to the wired switch for Change of Role will not be delivered.

Question 13

A university wants to deploy ClearPass with the Guest module. The university has two types that need to use web login authentication. The first type of users are students whose accounts are in an Active Directory server. The second type of users are friends of students who need to self-register to access the network.

How should the service be set up in the Policy Manager for this network?

Options:

A.

Guest User Repository and Active Directory server both as authentication sources

B.

Active Directory server as the authentication source, and Guest User Repository as the authorization source

C.

Guest User Repository as the authentication source, and Guest User Repository and Active Directory server as authorization sources

D.

Either the Guest User Repository or Active Directory server should be the single authentication source

E.

Guest User Repository as the authentication source and the Active Directory server as the authorization source

Question 14

Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)

Options:

A.

Generic LDAP Browser can be used to search the Base DN.

B.

An administrator can customize the selection of attributes fetched from an LDAP server.

C.

The bind DN can be in the administrator@domain format.

D.

A maximum of one generic LDAP server can be configured in ClearPass.

E.

A LDAP Browser can be used to search the Base DN.

Question 15

Refer to the exhibit.

Based on the guest Self-Registration with Sponsor Approval workflow shown, at which stage does the sponsor approve the user’s request?

Options:

A.

After the RADIUS Access-Request

B.

After the NAS login, but before the RADIUS Access-Request

C.

Before the user can submit the registration form

D.

After the RADIUS Access-Response

E.

After the receipt page is displayed, before the NAS login

Question 16

Refer to the exhibit.

Based on the Enforcement Policy configuration shown, when a user with Role Engineer connects to the network and the posture token assigned is Unknown, which Enforcement Profile will be applied?

Options:

A.

EMPLOYEE_VLAN

B.

RestrictedACL

C.

Deny Access Profile

D.

HR VLAN

E.

Remote Employee ACL

Question 17

Which types of files are stored in the Local Shared Folders database in ClearPass? (Select two.)

Options:

A.

Software image

B.

Backup files

C.

Log files

D.

Device fingerprint dictionaries

E.

Posture dictionaries

Page: 1 / 4
Total 116 questions
Get HPE6-A68 Full Access Download HPE6-A68 PDF