CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

HP HPE6-A81 Dumps

Page: 1 / 2
Total 60 questions
Get HPE6-A81 Full Access Download HPE6-A81 PDF

Aruba Certified ClearPass Expert Written Exam Questions and Answers

Question 1

A customer is troubleshooting a user that has complained about randomly having issues connecting the network with EAP PEAP using the Corporate Laptop. The initial checks are showing a number of authentication failures but no sign of issues with the ClearPass server or AD.

What can the Customer do to monitor this user Authentication trend closely over the next few days?

Options:

A.

configure a Report using Radius Failed Authentication template and schedule it to run every 5 mins

B.

configure an Alert using Failed Authentication template with Threshold 1. Interval 5 mins

C.

add the user name in the Insight/Alert/Watchlitst and get the authentication failures notifications within 30 seconds

D.

add to ClearPass Insight Dashboard the Authentication Status widget for this specific user

Question 2

Refer to the exhibit.

A customer is trying to configure a TACACS Authentication Service for administrative what could be the reason for the Login Status REJECT?

Options:

A.

The password used by the administrative user is wrong.

B.

The Enforcement profile used is not a TACACS profile.

C.

The Read-only Administrator role does not exist on the Controller.

D.

The Enforcement profile is not designed to be used on Aruba Controller

Question 3

A customer is planning to implement machine and user authentication on infrastructure with one Aruba Controller and a single ClearPass Server. What should the customer consider while designing this solution? (Select three.)

Options:

A.

The customer does not need to worry about Multi-Master Catht Survivability because the Controller will also cache the machine state.

B.

The Windows User must log off. restart or disconnect their machine to initiate a machine authentication before the cache expires.

C.

The machine authentication status rs written in the Multi-master cache on the ClearPass Server for 24 hrs

D.

The Customer should enable Multi-Master Cache Survivability as the Aruba Controller will not cache the machine state.

E.

Machine Authentication only uses EAP TLS. as such a PKI infrastructure should be in place for machine authentication.

F.

Onboard must be used to install the Certificates on the personal devices to do the user and machine authentication

Question 4

Refer to the exhibit.

A year ago. your customer deployed an Aruba ClearPass Policy Manager Server for a Guest SSID hosted in an IAP Cluster The customer just created a new Web Login Page for the Guest SSiD Even though the previous Web Login page worked test with the new Web Login Page are failing and the customer has forwarded you the above screenshots.

What recommendation would you give the customer to fix the issue?

Options:

A.

The customer should reset the password for the username accxCdlexam.com using Guest Manage Accounts.

B.

The service type configured is not correct. The Guest authentication should be an Application authentication type of service.

C.

The Address filed under the WebLogin Vendor settings is not configured correctly. It should be set to instant, Aruba networks com,

D.

The WebLogin Pre-Auth Check is set to Aruba Application Authentication which requires a separate application service on the policy manager

Question 5

The customer would like to add a default common self-registration sponsor email under the initial value on all the ten self-registration pages created for different locations except for the guest registration page created for Sunnyvale location to use a different sponsor email in initial value. Under self-registration form fields, you have "Edit" and "Edit Base Field"

Which edit options will you choose to make minimal configuration changes to implement the customer's requirement? (Select two)

Options:

A.

Update the common sponsor email by clicking the "Edit" option of the sponsor email form field on the one of the self-registration register form page

B.

Update the sponsor email by clicking on both "Edit" and "Edit Base Field" options of the sponsor_email filed on the Sunnyvale register page

C.

Update the specific sponsor email by clicking on "Edit Base Field" option of the sponsor_email form filed on the Sunnyvale location register form page

D.

Update the common sponsor email by clicking the "Edit Base Field" option of the sponsor_email form field on the one of the self-registration form page

E.

Update the specific sponsor email by clicking on the "Edit" option of the sponsor_email form filed on the Sunnyvale self-registration register form page

Question 6

A customer has acquired another company that has its own Active Directory infrastructure. The 802 1X PEAP authentication works with the customer's original Active Directory servers but the customer would like to authenticate users from the acquired company as well.

What steps are required, in regards to the Authentication Sources, in order to support this request? (Select two.)

Options:

A.

Create a new Authentication Source, type Active Directory.

B.

Create a new Authentication Source, type Generic LDAP.

C.

Add the new AD server(s) as backup into the existing Authentication Source.

D.

There is no need to join ClearPass to the new AD domain.

E.

Join the ClearPass server(s) to the new AD domain.

Question 7

Refer to the exhibit.

A customer it troubleshooting a client not getting the SHV posture updated and the OnGuard agent shows the Health Status Not Known. What could the user do to update the health status?

Options:

A.

connect using an interface that is configured as Managed Interface

B.

reinstall the OnGuard agent from the Wired interface

C.

change the Policy Manager Zone mapping and add the WIRED interface range

D.

modify the agent.conf file and add the WIRED interface to it

Question 8

Where is the following information stored in Clear Pass?

- Roles and Posture for Connected Clients - System Health for OnGuard - Machine authentication State - CoA session info - Mapping of connected clients to NAS/NAD

Options:

A.

ClearPass system cache

B.

Multi-Master cache

C.

Insight database

D.

Endpoint database

Question 9

Refer to the exhibit.

A customer has just configured a Posture Policy and the T 2 -Health check Service. Next they installed the OnGuard Agent on a test client connected to the Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered What could be the reason'

Options:

A.

The OnGuard Agent trigger the events based on changing the Health Status.

B.

The OnGuard Agent is connecting to the Data Port interface on ClearPass.

C.

TCP port 6658 is not allowed between the client and the ClearPass server.

D.

OnGuard Web-Based Health Check interval has been configured to three minutes.

Page: 1 / 2
Total 60 questions
Get HPE6-A81 Full Access Download HPE6-A81 PDF