ExamGecko
Search Search Login
Home Home / HP / HPE6-A68

HP HPE6-A68 Practice Test - Questions Answers, Page 10

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A customer wants all guests who access a company's guest network to have their accounts approved by the receptionist, before they are given access to the network. How should the network administrator set this up in ClearPass? (Select two.)
Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)
A bank would like to deploy ClearPass Guest with web login authentication so that their customers can selfregister on the network to get network access when they have meetings with bank employees. However, they're concerned about security. What is true? (Choose three.)
Refer to the exhibit. Based on the Aruba TACACS+ dictionary shown, how is the Aruba-Role attribute used?
What must be configured to enable RADIUS authentication with ClearPass on a network access device (NAD)? (Select two.)
Which authentication protocols can be used for authenticating Windows clients that are Onboarded? (Select two.)
Which licenses are included in the built-in Starter kit for ClearPass?
Refer to the exhibit. An Enforcement Profile has been created in the Policy Manager as shown. Which action will ClearPass take based on this Enforcement Profile?
Refer to the exhibit. In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes? In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?
Refer to the exhibit. Based on the Authentication sources configuration shown, which statement accurately describes the outcome if the user is not found?

Question 91

Report
Export
Collapse

When is the RADIUS server certificate used? (Select two.)

A.
During dual SSID onboarding, when the client connects to the Guest network
A.
During dual SSID onboarding, when the client connects to the Guest network
Answers
B.
During EAP-PEAP authentication in single SSID onboarding
B.
During EAP-PEAP authentication in single SSID onboarding
Answers
C.
During post-Onboard EAP-TLS authentication, when the client verifies the server certificate
C.
During post-Onboard EAP-TLS authentication, when the client verifies the server certificate
Answers
D.
During Onboard Web Login Pre-Auth, when the client loads the Onboarding web page
D.
During Onboard Web Login Pre-Auth, when the client loads the Onboarding web page
Answers
E.
During post-Onboard EAP-TLS authentication, when the server verifies the client certificate
E.
During post-Onboard EAP-TLS authentication, when the server verifies the client certificate
Answers
Suggested answer: C, D

Question 92

Report
Export
Collapse

Refer to the exhibit.

Based on the configuration of the Enforcement Profiles in the Onboard Authorization service shown, which Onboarding action will occur?

A.
The device will be disconnected from the network after Onboarding so that an EAP-TLS authentication is not performed.
A.
The device will be disconnected from the network after Onboarding so that an EAP-TLS authentication is not performed.
Answers
B.
The device will be disconnected from and reconnected to the network after Onboarding is completed.
B.
The device will be disconnected from and reconnected to the network after Onboarding is completed.
Answers
C.
The device's onboard authorization request will be denied.
C.
The device's onboard authorization request will be denied.
Answers
D.
The device will be disconnected after post-Onboarding EAP-TLS authentication, so a second EAPTLS authentication is performed.
D.
The device will be disconnected after post-Onboarding EAP-TLS authentication, so a second EAPTLS authentication is performed.
Answers
E.
After logging in on the Onboard web login page, the device will be disconnected form and reconnected to the network before Onboard begins.
E.
After logging in on the Onboard web login page, the device will be disconnected form and reconnected to the network before Onboard begins.
Answers
Suggested answer: B

Question 93

Report
Export
Collapse

In a single SSID Onboarding, which method can be used in the Enforcement Policy to distinguish between a provisioned device and a device that has not gone through the Onboard workflow?

A.
Active Directory Attributes
A.
Active Directory Attributes
Answers
B.
Network Access Device used
B.
Network Access Device used
Answers
C.
Endpoint OS Category
C.
Endpoint OS Category
Answers
D.
Onguard Agent used
D.
Onguard Agent used
Answers
E.
Authentication Method used
E.
Authentication Method used
Answers
Suggested answer: E

Question 94

Report
Export
Collapse

An organization implements dual SSID Onboarding. The administrator used the Onboard service template to create services for dual SSID Onboarding.

Which statement accurately describes the outcome?

A.
The Onboard Provisioning service is triggered when the user connects to the provisioning SSID to Onboard their device.
A.
The Onboard Provisioning service is triggered when the user connects to the provisioning SSID to Onboard their device.
Answers
B.
The Onboard Authorization service is triggered when the user connects to the secure SSID.
B.
The Onboard Authorization service is triggered when the user connects to the secure SSID.
Answers
C.
The Onboard Authorization service is triggered during the Onboarding process.
C.
The Onboard Authorization service is triggered during the Onboarding process.
Answers
D.
The device connects to the secure SSID for provisioning.
D.
The device connects to the secure SSID for provisioning.
Answers
E.
The Onboard Authorization service is never triggered.
E.
The Onboard Authorization service is never triggered.
Answers
Suggested answer: C

Question 95

Report
Export
Collapse

Refer to the exhibit.

Which statements accurately describe the status of the Onboarded devices in the configuration for the network settings shown? (Select two.)

A.
They will connect to Employee_Secure SSID after provisioning.
A.
They will connect to Employee_Secure SSID after provisioning.
Answers
B.
They will connect to Employee_Secure SSID for provisioning their devices.
B.
They will connect to Employee_Secure SSID for provisioning their devices.
Answers
C.
They will use WPA2-PSK with AES when connecting to the SSID.
C.
They will use WPA2-PSK with AES when connecting to the SSID.
Answers
D.
They will connect to secure_emp SSID after provisioning.
D.
They will connect to secure_emp SSID after provisioning.
Answers
E.
They will perform 802.1X authentication when connecting to the SSID.
E.
They will perform 802.1X authentication when connecting to the SSID.
Answers
Suggested answer: D, E

Question 96

Report
Export
Collapse

Which use cases will require a ClearPass Guest application license? (Select two.)

A.
Guest device fingerprinting
A.
Guest device fingerprinting
Answers
B.
Guest endpoint health assessment
B.
Guest endpoint health assessment
Answers
C.
Sponsor based guest user access
C.
Sponsor based guest user access
Answers
D.
Guest user self-registration for access
D.
Guest user self-registration for access
Answers
E.
Guest personal device onboarding
E.
Guest personal device onboarding
Answers
Suggested answer: C, D

Question 97

Report
Export
Collapse

A customer would like to deploy ClearPass with these requirements:

-2000 devices need to be Onboarded

-2000 corporate devices need to run posture checks daily

-500 guest users need to authenticate each day using the web login feature What is the license mix that customer will need to purchase?

A.
CP-HW-5k, 2500 ClearPass Enterprise
A.
CP-HW-5k, 2500 ClearPass Enterprise
Answers
B.
CP-HW-25k, 4500 ClearPass Enterprise
B.
CP-HW-25k, 4500 ClearPass Enterprise
Answers
C.
CP-HW-500, 2500 ClearPass Enterprise
C.
CP-HW-500, 2500 ClearPass Enterprise
Answers
D.
CP-HW-25k, 4000 ClearPass Enterprise
D.
CP-HW-25k, 4000 ClearPass Enterprise
Answers
E.
CP-HW-5k, 4500 ClearPass Enterprise
E.
CP-HW-5k, 4500 ClearPass Enterprise
Answers
Suggested answer: B

Question 98

Report
Export
Collapse

Refer to the exhibit.

Based on the Translation Rule configuration shown, what will be the outcome?

A.
An AD user from group Administrators will be assigned the operator profile of IT Administrators.
A.
An AD user from group Administrators will be assigned the operator profile of IT Administrators.
Answers
B.
All ClearPass Policy Manager admin users who are members of the Administrators AD group will be assigned the TACACS profile of IT Administrators.
B.
All ClearPass Policy Manager admin users who are members of the Administrators AD group will be assigned the TACACS profile of IT Administrators.
Answers
C.
All active directory users will be assigned the operator profile of IT Administrators.
C.
All active directory users will be assigned the operator profile of IT Administrators.
Answers
D.
A user from AD group MatchAdmin will be assigned the operator profile of IT Administrators.
D.
A user from AD group MatchAdmin will be assigned the operator profile of IT Administrators.
Answers
Suggested answer: A

Question 99

Report
Export
Collapse

Refer to the exhibit.

Based on the Aruba TACACS+ dictionary shown, how is the Aruba-Role attribute used?

A.
The Aruba-Admin-Role on the controller is applies to users using TACACS+ to login to the Policy Manager
A.
The Aruba-Admin-Role on the controller is applies to users using TACACS+ to login to the Policy Manager
Answers
B.
To assign different privileges to clients during 802.1X authentication
B.
To assign different privileges to clients during 802.1X authentication
Answers
C.
To assign different privileges to administrators logging into an Aruba NAD
C.
To assign different privileges to administrators logging into an Aruba NAD
Answers
D.
It is used by ClearPass to assign TIPS roles to clients during 802.1X authentication
D.
It is used by ClearPass to assign TIPS roles to clients during 802.1X authentication
Answers
E.
To assign different privileges to administrators logging into ClearPass
E.
To assign different privileges to administrators logging into ClearPass
Answers
Suggested answer: C

Question 100

Report
Export
Collapse

In which ways can ClearPass derive client roles during policy service processing? (Select two.)

A.
From the attributes configured in Active Directory
A.
From the attributes configured in Active Directory
Answers
B.
From the server derivation rule in the Aruba Controller server group for the client
B.
From the server derivation rule in the Aruba Controller server group for the client
Answers
C.
From the Aruba Network Access Device
C.
From the Aruba Network Access Device
Answers
D.
From the attributes configured in a Network Access Device
D.
From the attributes configured in a Network Access Device
Answers
E.
Through a role mapping policy
E.
Through a role mapping policy
Answers
Suggested answer: A, E
Total 116 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms