ExamGecko
Search Search Login
Home Home / HP / HPE6-A68

HP HPE6-A68 Practice Test - Questions Answers, Page 6

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A customer wants all guests who access a company's guest network to have their accounts approved by the receptionist, before they are given access to the network. How should the network administrator set this up in ClearPass? (Select two.)
Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)
A bank would like to deploy ClearPass Guest with web login authentication so that their customers can selfregister on the network to get network access when they have meetings with bank employees. However, they're concerned about security. What is true? (Choose three.)
Refer to the exhibit. Based on the Aruba TACACS+ dictionary shown, how is the Aruba-Role attribute used?
What must be configured to enable RADIUS authentication with ClearPass on a network access device (NAD)? (Select two.)
Which authentication protocols can be used for authenticating Windows clients that are Onboarded? (Select two.)
Which licenses are included in the built-in Starter kit for ClearPass?
Refer to the exhibit. An Enforcement Profile has been created in the Policy Manager as shown. Which action will ClearPass take based on this Enforcement Profile?
Refer to the exhibit. In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes? In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?
Refer to the exhibit. Based on the Authentication sources configuration shown, which statement accurately describes the outcome if the user is not found?

Question 51

Report
Export
Collapse

Refer to the exhibit.

Based on the configuration for 'maximum devices' shown, which statement accurately describes its settings?

A.
The user cannot Onboard any devices.
A.
The user cannot Onboard any devices.
Answers
B.
It limits the total number of devices that can be provisioned by ClearPass.
B.
It limits the total number of devices that can be provisioned by ClearPass.
Answers
C.
It limits the total number of Onboarded devices connected to the network.
C.
It limits the total number of Onboarded devices connected to the network.
Answers
D.
It limits the number of devices that a single user can Onboard.
D.
It limits the number of devices that a single user can Onboard.
Answers
E.
It limits the number of devices that a single user can connect to the network.
E.
It limits the number of devices that a single user can connect to the network.
Answers
Suggested answer: D

Question 52

Report
Export
Collapse

Refer to the exhibit.

Based on the Enforcement Policy configuration shown, which Enforcement Profile will an employee receive when connecting an IOS device to the network or the first time using EAP-PEAP?

A.
Deny Access Profile
A.
Deny Access Profile
Answers
B.
Onboard Device Repository
B.
Onboard Device Repository
Answers
C.
Cannot be determined
C.
Cannot be determined
Answers
D.
Onboard Post-Provisioning – Aruba
D.
Onboard Post-Provisioning – Aruba
Answers
E.
Onboard Pre-Provisioning – Aruba
E.
Onboard Pre-Provisioning – Aruba
Answers
Suggested answer: E

Question 53

Report
Export
Collapse

Which device type supports Exchange ActiveSync configuration with Onboard?

A.
Linux laptop
A.
Linux laptop
Answers
B.
Mac OS X device
B.
Mac OS X device
Answers
C.
Apple iOS device
C.
Apple iOS device
Answers
D.
Windows laptop
D.
Windows laptop
Answers
E.
Android device
E.
Android device
Answers
Suggested answer: C

Explanation:

Exchange ActiveSync configurations you define can be used in configuration profiles to automatically configure an email account on an iOS device.

Reference: http://www.arubanetworks.com/techdocs/ClearPass/6.6/Guest/Content/Onboard/CreateEditActive Sync.htm

Question 54

Report
Export
Collapse

Refer to the exhibit.

An employee connects a corporate laptop to the network and authenticates for the first time using EAP-TLS.

Based on the Enforcement Policy configuration shown, which Enforcement Profile will be sent?

A.
Onboard Post-Provisioning – Aruba
A.
Onboard Post-Provisioning – Aruba
Answers
B.
Onboard Pre-Provisioning – Aruba
B.
Onboard Pre-Provisioning – Aruba
Answers
C.
Deny Access Profile
C.
Deny Access Profile
Answers
D.
Onboard Device Repository
D.
Onboard Device Repository
Answers
Suggested answer: A

Question 55

Report
Export
Collapse

Refer to the exhibit.

What is the purpose of the 'Clock Skew Allowance' setting? (Select two.)

A.
to ensure server certificate validation does not fail due to client clock sync issues
A.
to ensure server certificate validation does not fail due to client clock sync issues
Answers
B.
to set start time in client certificate to a few minutes before current time
B.
to set start time in client certificate to a few minutes before current time
Answers
C.
to adjust clock time on client device to a few minutes before current time
C.
to adjust clock time on client device to a few minutes before current time
Answers
D.
to ensure client certificate validation does not fail due to client clock sync issues
D.
to ensure client certificate validation does not fail due to client clock sync issues
Answers
E.
to set expiry time in client certificate to a few minutes longer than the default setting
E.
to set expiry time in client certificate to a few minutes longer than the default setting
Answers
Suggested answer: D

Explanation:

Clock Skew Allowance adds a small amount of time to the start and end of the client certificate's, not the server certificate's, validity period. This permits a newly issued certificate to be recognized as valid in a network where not all devices are perfectly synchronized.

Reference: http://www.arubanetworks.com/techdocs/ClearPass/6.6/Guest/Content/Onboard/EditingCASetting s.htm

Question 56

Report
Export
Collapse

Refer to the exhibit.

Based on the information shown, what will be the outcome when the administrator chooses "Deny Access to this Device? (Select two.)

A.
EAP-TLS Authentication will be unaffected
A.
EAP-TLS Authentication will be unaffected
Answers
B.
The user can Onboard their device again
B.
The user can Onboard their device again
Answers
C.
A new device certificate will be automatically pushed out to the device
C.
A new device certificate will be automatically pushed out to the device
Answers
D.
The user cannot Onboard their device again
D.
The user cannot Onboard their device again
Answers
E.
EAP-TLS Authentication will fail
E.
EAP-TLS Authentication will fail
Answers
Suggested answer: D, E

Explanation:

The Device Management (View by Device) page lists all devices and lets you manage the devices' access to the network. For each device, you can allow or deny network access.

When you select the Deny option, a message advises you that any certificates associated with it will be revoked. The device cannot be re-enrolled as long as access is denied. To re-enroll the device, you must use this field to allow access again.

Reference: http://www.arubanetworks.com/techdocs/ClearPass/6.6/Guest/Content/Onboard/DeviceManagem ent.htm

Question 57

Report
Export
Collapse

Refer to the exhibit.

Based on the configuration for the client's certificate private key as shown, which statements accurately describe the settings? (Select two.)

A.
The private key is stored in the ClearPass server.
A.
The private key is stored in the ClearPass server.
Answers
B.
The private key is stored in the user device.
B.
The private key is stored in the user device.
Answers
C.
The private key for TLS client certificates is not created.
C.
The private key for TLS client certificates is not created.
Answers
D.
More bits in the private key will increase security.
D.
More bits in the private key will increase security.
Answers
E.
More bits in the private key will reduce security.
E.
More bits in the private key will reduce security.
Answers
Suggested answer: B, D

Question 58

Report
Export
Collapse

What does Authorization allow users to do in a Policy Service?

A.
To use attributes in databases in role mapping and Enforcement.
A.
To use attributes in databases in role mapping and Enforcement.
Answers
B.
To use attributes stored in databases in Enforcement only, but not role mapping.
B.
To use attributes stored in databases in Enforcement only, but not role mapping.
Answers
C.
To use attributes stored in external databases for Enforcement, but not internal databases.
C.
To use attributes stored in external databases for Enforcement, but not internal databases.
Answers
D.
To use attributes stored in databases in role mapping only, but not Enforcement.
D.
To use attributes stored in databases in role mapping only, but not Enforcement.
Answers
E.
To use attributes sored in internal databases for Enforcement, but not external databases.
E.
To use attributes sored in internal databases for Enforcement, but not external databases.
Answers
Suggested answer: A

Question 59

Report
Export
Collapse

Which components of a ClearPass is mandatory?

A.
Authorization Source
A.
Authorization Source
Answers
B.
Profiler
B.
Profiler
Answers
C.
Role Mapping Policy
C.
Role Mapping Policy
Answers
D.
Enforcement
D.
Enforcement
Answers
E.
Posture
E.
Posture
Answers
Suggested answer: D

Explanation:

An enforcement policy is a way to organize enforcement profiles and apply them to users or Policy Manager roles. Based on the enforcement policy assigned to the role, enforcement profiles are applied to the service request.

Question 60

Report
Export
Collapse

DRAG DROP

Use the arrows to sort the steps to request a Policy Service on the left into the order they are performed on the right.


Question 60
Correct answer: Question 60
Total 116 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms