ExamGecko
Search Search Login
Home Home / HP / HPE6-A68

HP HPE6-A68 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A bank would like to deploy ClearPass Guest with web login authentication so that their customers can selfregister on the network to get network access when they have meetings with bank employees. However, they're concerned about security. What is true? (Choose three.)
A customer wants all guests who access a company's guest network to have their accounts approved by the receptionist, before they are given access to the network. How should the network administrator set this up in ClearPass? (Select two.)
Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)
Refer to the exhibit. Based on the Aruba TACACS+ dictionary shown, how is the Aruba-Role attribute used?
What must be configured to enable RADIUS authentication with ClearPass on a network access device (NAD)? (Select two.)
Which authentication protocols can be used for authenticating Windows clients that are Onboarded? (Select two.)
Which licenses are included in the built-in Starter kit for ClearPass?
Refer to the exhibit. An Enforcement Profile has been created in the Policy Manager as shown. Which action will ClearPass take based on this Enforcement Profile?
Refer to the exhibit. In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes? In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?
Refer to the exhibit. Based on the Authentication sources configuration shown, which statement accurately describes the outcome if the user is not found?

Question 1

Report
Export
Collapse

Refer to the exhibit.

An AD user's department attribute value is configured as "QA". The user authenticates from a laptop running MAC OS X.

Which role is assigned to the user in ClearPass?

A.
HR Local
A.
HR Local
Answers
B.
Remote Employee
B.
Remote Employee
Answers
C.
[Guest]
C.
[Guest]
Answers
D.
Executive
D.
Executive
Answers
E.
IOS Device
E.
IOS Device
Answers
Suggested answer: C

Explanation:

None of the Listed Role Name conditions are met.

Question 2

Report
Export
Collapse

Refer to the exhibit.

Based on the Attribute configuration shown, which statement accurately describes the status of attribute values?

A.
Only the attribute values of department and memberOf can be used in role mapping policies.
A.
Only the attribute values of department and memberOf can be used in role mapping policies.
Answers
B.
The attribute values of department, title, memberOf, telephoneNumber, and mail are directly applied as ClearPass.
B.
The attribute values of department, title, memberOf, telephoneNumber, and mail are directly applied as ClearPass.
Answers
C.
Only the attribute value of company can be used in role mapping policies, not the other attributes.
C.
Only the attribute value of company can be used in role mapping policies, not the other attributes.
Answers
D.
The attribute values of department and memberOf are directly applied as ClearPass roles.
D.
The attribute values of department and memberOf are directly applied as ClearPass roles.
Answers
E.
Only the attribute values of title, telephoneNumber, and mail can be used in role mapping policies.
E.
Only the attribute values of title, telephoneNumber, and mail can be used in role mapping policies.
Answers
Suggested answer: D

Question 3

Report
Export
Collapse

Which components can use Active Directory authorization attributes for the decision-making process? (Select two.)

A.
Profiling policy
A.
Profiling policy
Answers
B.
Certificate validation policy
B.
Certificate validation policy
Answers
C.
Role Mapping policy
C.
Role Mapping policy
Answers
D.
Enforcement policy
D.
Enforcement policy
Answers
E.
Posture policy
E.
Posture policy
Answers
Suggested answer: C, D

Explanation:

C: Role Mappings Page - Rules Editor Page Parameters

D: Enforcement Policy Attributes tab Parameters

Reference: http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/CPPM_User Guide/identity/RoleMappingPolicies.html http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/

CPPM_User Guide/PolicySim/PS_Enforcement_Policy.htm

Question 4

Report
Export
Collapse

Refer to the exhibit.

Based on the Authentication sources configuration shown, which statement accurately describes the outcome if the user is not found?

A.
If the user is not found in the remotelab AD but is present in the local user repository, a reject message is sent back to the NAD.
A.
If the user is not found in the remotelab AD but is present in the local user repository, a reject message is sent back to the NAD.
Answers
B.
If the user is not found in the local user repository but is present in the remotelab AD, a reject message is sent back to the NAD.
B.
If the user is not found in the local user repository but is present in the remotelab AD, a reject message is sent back to the NAD.
Answers
C.
If the user is not found in the local user repository a reject message is sent back to the NAD.
C.
If the user is not found in the local user repository a reject message is sent back to the NAD.
Answers
D.
If the user is not found in the local user repository and remotelab AD, a reject message is sent back to the NAD.
D.
If the user is not found in the local user repository and remotelab AD, a reject message is sent back to the NAD.
Answers
E.
If the user is not found in the local user repository a timeout message is sent back to the NAD.
E.
If the user is not found in the local user repository a timeout message is sent back to the NAD.
Answers
Suggested answer: D

Explanation:

Policy Manager looks for the device or user by executing the first filter associated with the authentication source.

After the device or user is found, Policy Manager then authenticates this entity against this authentication source. The flow is outlined below:

* On successful authentication, Policy Manager moves on to the next stage of policy evaluation, which collects role mapping attributes from the authorization sources.

* Where no authentication source is specified (for example, for unmanageable devices), Policy Manager passes the request to the next configured policy component for this service.

* If Policy Manager does not find the connecting entity in any of the configured authentication sources, it rejects the request.

Reference: ClearPass Policy Manager 6.5 User Guide (October 2015), page 134

https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/52/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf

Question 5

Report
Export
Collapse

Which authorization servers are supported by ClearPass? (Select two.)

A.
Aruba Controller
A.
Aruba Controller
Answers
B.
LDAP server
B.
LDAP server
Answers
C.
Cisco Controller
C.
Cisco Controller
Answers
D.
Active Directory
D.
Active Directory
Answers
E.
Aruba Mobility Access Switch
E.
Aruba Mobility Access Switch
Answers
Suggested answer: B, D

Explanation:

Authentication Sources can be one or more instances of the following examples:

* Active Directory

* LDAP Directory

* SQL DB

* Token Server

* Policy Manager local DB

Reference: ClearPass Policy Manager 6.5 User Guide (October 2015), page 114

https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/52/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf

Question 6

Report
Export
Collapse

Which CLI command is used to upgrade the image of a ClearPass server?

A.
Image update
A.
Image update
Answers
B.
System upgrade
B.
System upgrade
Answers
C.
Upgrade image
C.
Upgrade image
Answers
D.
Reboot
D.
Reboot
Answers
E.
Upgrade software
E.
Upgrade software
Answers
Suggested answer: B

Explanation:

When logged in as appadmin, you can manually install the Upgrade and Patch binaries imported via the CLI using the following commands:

* system update (for patches)

* system upgrade (for upgrades)

Reference: ClearPass Policy Manager 6.5 User Guide (October 2015), page 564

https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/52/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf

Question 7

Report
Export
Collapse

Which steps are required to use ClearPass as a TACACS+ Authentication server for a network device?

(Select two.)

A.
Configure a TACACS Enforcement Profile on ClearPass for the desired privilege level.
A.
Configure a TACACS Enforcement Profile on ClearPass for the desired privilege level.
Answers
B.
Configure a RADIUS Enforcement Profile on ClearPass for the desired privilege level.
B.
Configure a RADIUS Enforcement Profile on ClearPass for the desired privilege level.
Answers
C.
Configure ClearPass as an Authentication server on the network device.
C.
Configure ClearPass as an Authentication server on the network device.
Answers
D.
Configure ClearPass roles on the network device.
D.
Configure ClearPass roles on the network device.
Answers
E.
Enable RADIUS accounting on the NAD.
E.
Enable RADIUS accounting on the NAD.
Answers
Suggested answer: A, C

Explanation:

You need to make sure you modify your policy (Configuration » Enforcement » Policies » Edit - [Admin Network Login Policy]) and add your AD group settings in to the corresponding privilege level.

Question 8

Report
Export
Collapse

What are Operator Profiles used for?

A.
to enforce role based access control for Aruba Controllers
A.
to enforce role based access control for Aruba Controllers
Answers
B.
to enforce role based access control for ClearPass Policy Manager admin users
B.
to enforce role based access control for ClearPass Policy Manager admin users
Answers
C.
to enforce role based access control for ClearPass Guest Admin users
C.
to enforce role based access control for ClearPass Guest Admin users
Answers
D.
to assign ClearPass roles to guest users
D.
to assign ClearPass roles to guest users
Answers
E.
to map AD attributes to admin privilege levels in ClearPass Guest
E.
to map AD attributes to admin privilege levels in ClearPass Guest
Answers
Suggested answer: C

Explanation:

An operator profile determines what actions an operator is permitted to take when using ClearPass Guest.

Reference: http://www.arubanetworks.com/techdocs/ClearPass/CPGuest_UG_HTML_6.5/Content/OperatorLog ins/OperatorProfiles.htm

Question 9

Report
Export
Collapse

Refer to the exhibit.

In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?

In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?

A.
to send information via RADIUS packets to Aruba NADs
A.
to send information via RADIUS packets to Aruba NADs
Answers
B.
to gather and send Aruba NAD information to ClearPass
B.
to gather and send Aruba NAD information to ClearPass
Answers
C.
to send information via RADIUS packets to clients
C.
to send information via RADIUS packets to clients
Answers
D.
to gather information about Aruba NADs for ClearPass
D.
to gather information about Aruba NADs for ClearPass
Answers
E.
to send CoA packets from ClearPass to the Aruba NAD
E.
to send CoA packets from ClearPass to the Aruba NAD
Answers
Suggested answer: C

Question 10

Report
Export
Collapse

Refer to the exhibit.

Based on the Guest Role Mapping Policy shown, what is the purpose of the Role Mapping Policy?

A.
to display a role name on the Self-registration receipt page
A.
to display a role name on the Self-registration receipt page
Answers
B.
to send a firewall role back to the controller based on the Guest User's Role ID
B.
to send a firewall role back to the controller based on the Guest User's Role ID
Answers
C.
to assign Controller roles to guests
C.
to assign Controller roles to guests
Answers
D.
to assign three roles of [Contractor], [Guest] and [Employee] to every guest user
D.
to assign three roles of [Contractor], [Guest] and [Employee] to every guest user
Answers
E.
to create additional account roles for guest administrators to assign to guest accounts
E.
to create additional account roles for guest administrators to assign to guest accounts
Answers
Suggested answer: C
Total 116 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms