Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > HP > Aruba Certified ClearPass Expert (ACCX) > HPE6-A81

HPE6-A81 Aruba Certified ClearPass Expert Written Exam Question and Answers

Question # 4

Refer to the exhibit.

You are doing a ClearPass PoC at a customer site with a single Aruba Mobility Controller. The customer asked for a demonstration of a simple Web Login functionality. You used a service template to create the guest services. During testing, the user gets redirected back to the weblogin page with an Authentication failed message The guest configurations on the Aruba Mobility Controller are configured correctly Why would the guest fail to authenticate successfully?

A.

The authentication source mapped in the service is incorrect It should be mapped as [Guest Device Repository! (Local SQL DB].

B.

The Unique-Device- Count does not allow any Client devices. Update the Enforcement policy condition: Unique-Device-Count.

C.

The username and/or password used for authentication is incorrect Re-enter the correct password on the weblogin page.

D.

The username used for authentication does not exist in the Guest User Database. Create a new user and authenticate again

Full Access
Question # 5

What is used to validate the EAP Certificate? (Select two.)

A.

Key usage

B.

Date

C.

Server Identity

D.

SAN entries

E.

Common Name

Full Access
Question # 6

A corporate Clear Pass Cluster with two servers located at a single site, has both Management and Data port IP addresses configured. The Management port IPs art in the DataCenter networks subnet, while the Data port IPs are in the DMZ. What is the difference between using one Virtual IP for the AAA traffic versus sending AAA requests to the physical IPs for each server' (Select two.)

A.

Using the one Virtual IP can provide failover.

B.

One Virtual IP can be used together with the individual server IPs for load balancing.

C.

By using the Virtual IP, the failover wait time is faster than using individual server IPs.

D.

The failover can be accomplished only by using Virtual IP

E.

The Individual IPs can provide failover and load balancing.

Full Access
Question # 7

Refer to the exhibit.

A year ago. your customer deployed an Aruba ClearPass Policy Manager Server for a Guest SSID hosted in an IAP Cluster The customer just created a new Web Login Page for the Guest SSiD Even though the previous Web Login page worked test with the new Web Login Page are failing and the customer has forwarded you the above screenshots.

What recommendation would you give the customer to fix the issue?

A.

The customer should reset the password for the username accxCdlexam.com using Guest Manage Accounts.

B.

The service type configured is not correct. The Guest authentication should be an Application authentication type of service.

C.

The Address filed under the WebLogin Vendor settings is not configured correctly. It should be set to instant, Aruba networks com,

D.

The WebLogin Pre-Auth Check is set to Aruba Application Authentication which requires a separate application service on the policy manager

Full Access
Question # 8

You have configured a factory default Aruba controller with Clear Pass for guest access and the NAS vendor settings - Address field in the guest weblogin page is configured with Aruba controller's default self-signed certificate common name "securelogin.arubanetworks.com" that the client will use to submit the authentication request.

What happens when the client sends a DNS request to securelogin aruba networks com?

A.

The controller will intercept the ONS request sent to its HTTPS certificate common name and return its own IP address.

B.

Address field in the web login vendor settings should be set to IP address of the controller instead of certificate CN name.

C.

Client does not send the DNS request, the ClearPass resolves the hostname in the NAS vendor settings Address field.

D.

The controller will pass the request to the DNS server and server returns the IP of the controller from the DNS records.

Full Access
Question # 9

Refer to the exhibit.

A customer has just configured a Posture Policy and the T 2 -Health check Service. Next they installed the OnGuard Agent on a test client connected to the Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered What could be the reason'

A.

The OnGuard Agent trigger the events based on changing the Health Status.

B.

The OnGuard Agent is connecting to the Data Port interface on ClearPass.

C.

TCP port 6658 is not allowed between the client and the ClearPass server.

D.

OnGuard Web-Based Health Check interval has been configured to three minutes.

Full Access
Copyright myexamcollection.com. All Right Reserved.