Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > HP > HPE Aruba Certified > HPE6-A68

HPE6-A68 Aruba Certified ClearPass Professional (ACCP) 6.7 Question and Answers

Question # 4

Refer to the exhibit.

Based on the Enforcement Policy configuration shown, which Enforcement Profile will an employee receive when connecting an IOS device to the network or the first time using EAP-PEAP?

A.

Deny Access Profile

B.

Onboard Device Repository

C.

Cannot be determined

D.

Onboard Post-Provisioning – Aruba

E.

Onboard Pre-Provisioning – Aruba

Full Access
Question # 5

Based on the Policy configuration shown, which VLAN will be assigned when a user with ClearPass role Engineer authenticates to the network successfully using connection protocol WEBAUTH?

A.

Deny Access

B.

Employee VLAN

C.

Internet VLAN

D.

Full Access VLAN

Full Access
Question # 6

Refer to the exhibit.

Based on the ClearPass and Aruba Controller configuration settings for Onboarding shown, which statement accurately describes an employee’s new personal device connecting to the Onboarding network? (Select two.)

A.

Post-Onboarding, the device will be assigned the BYOD-Provision firewall role in the Aruba Controller.

B.

Pre-Onboarding, the device will be redirected to the ‘Onboarding Page’ Captive Portal.

C.

The BYOD-Provision role is a ClearPass internal role and exists in ClearPass.

D.

The device will not be redirected to any Onboarding page.

E.

Pre-Onboarding, the device will be assigned the BYOD-Provision firewall role in the Aruba Controller.

Full Access
Question # 7

A university wants to deploy ClearPass with the Guest module. The university has two types that need to use web login authentication. The first type of users are students whose accounts are in an Active Directory server. The second type of users are friends of students who need to self-register to access the network.

How should the service be set up in the Policy Manager for this network?

A.

Guest User Repository and Active Directory server both as authentication sources

B.

Active Directory server as the authentication source, and Guest User Repository as the authorization source

C.

Guest User Repository as the authentication source, and Guest User Repository and Active Directory server as authorization sources

D.

Either the Guest User Repository or Active Directory server should be the single authentication source

E.

Guest User Repository as the authentication source and the Active Directory server as the authorization source

Full Access
Question # 8

Which statement accurately describes configuration of Data and Management ports on the ClearPass appliance? (Select two.)

A.

Static IP addresses are only allowed on the management port.

B.

Configuration of the data port is mandatory.

C.

Configuration on the management port is mandatory.

D.

Configuration of the data port if optional.

E.

Configuration of the management port is optional.

Full Access
Question # 9

Which device type supports Exchange ActiveSync configuration with Onboard?

A.

Linux laptop

B.

Mac OS X device

C.

Apple iOS device

D.

Windows laptop

E.

Android device

Full Access
Question # 10

A customer wants all guests who access a company’s guest network to have their accounts approved by the receptionist, before they are given access to the network.

How should the network administrator set this up in ClearPass? (Select two.)

A.

Enable sponsor approval confirmation in Receipt actions.

B.

Configure SMTP messaging in the Policy Manager.

C.

Configure a MAC caching service in the Policy Manager.

D.

Configure a MAC auth service in the Policy Manager.

E.

Enable sponsor approval in the captive portal authentication profile on the NAD.

Full Access
Question # 11

What are Operator Profiles used for?

A.

to enforce role based access control for Aruba Controllers

B.

to enforce role based access control for ClearPass Policy Manager admin users

C.

to enforce role based access control for ClearPass Guest Admin users

D.

to assign ClearPass roles to guest users

E.

to map AD attributes to admin privilege levels in ClearPass Guest

Full Access
Question # 12

Refer to the exhibit.

A user who is tagged with the ClearPass roles of Role_Engineer and developer, but not testqa, connects to the network with a corporate Windows laptop.

Which Enforcement Profile is applied?

A.

WIRELESS_GUEST_NETWORK

B.

WIRELESS_CAPTIVE_NETWORK

C.

WIRELESS_HANDHELD_NETWORK

D.

Deny Access

E.

WIRELESS_EMPLOYEE_NETWORK

Full Access
Question # 13

Refer to the exhibit.

Based on the guest Self-Registration with Sponsor Approval workflow shown, at which stage does the sponsor approve the user’s request?

A.

After the RADIUS Access-Request

B.

After the NAS login, but before the RADIUS Access-Request

C.

Before the user can submit the registration form

D.

After the RADIUS Access-Response

E.

After the receipt page is displayed, before the NAS login

Full Access
Question # 14

Refer to the exhibit.

In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?

In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?

A.

to send information via RADIUS packets to Aruba NADs

B.

to gather and send Aruba NAD information to ClearPass

C.

to send information via RADIUS packets to clients

D.

to gather information about Aruba NADs for ClearPass

E.

to send CoA packets from ClearPass to the Aruba NAD

Full Access
Question # 15

Refer to the exhibit.

An Enforcement Profile has been created in the Policy Manager as shown.

Which action will ClearPass take based on the Enforcement Profile?

A.

It will send the Session-Timeout attribute in the RADIUS Access-Request packet to the NAD and the NAD will end the user’s session after 600 seconds.

B.

It will send the Session-Timeout attribute in the RADIUS Access-Accept packet to the User and the user’s session will be terminated after 600 seconds.

C.

It will count down 600 seconds and send a RADUIS CoA message to the NAD to end the user’s session after this time is up.

D.

It will count down 600 seconds and send a RADUIUS CoA message to the user to end the user’s session after this time is up.

E.

It will send the session –Timeout attribute in the RADIUS Access-Accept packet to the NAD and the NAD will end the user’s session after 600 seconds.

Full Access
Question # 16

Under which circumstances is it necessary to use an SNMP based Enforcement profile to send a VLAN?

A.

when a VLAN must be assigned to a wired user on an Aruba Mobility Controller

B.

when a VLAN must be assigned to a wireless user on an Aruba Mobility Controller

C.

when a VLAN must be assigned to a wired user on a third party wired switch that does not support RADIUS return attributes

D.

when a VLAN must be assigned to a wired user on an Aruba Mobility Access Switch

E.

when a VLAN must be assigned to a wired user on a third party wired switch that does not support RADIUS accounting

Full Access
Question # 17

A ClearPass administrator wants to make Enforcement decisions during 802.1x authentication based on a client’s Onguard posture token.

Which Enforcement profile should be used on the health check service?

A.

RADIUS CoA

B.

Quarantine VLAN

C.

Full Access VLAN

D.

RADIUS Accept

E.

RADIUS Reject

Full Access
Copyright myexamcollection.com. All Right Reserved.