Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

HP HPE6-A81 - Aruba Certified ClearPass Expert Written Exam

HP HPE6-A81 Premium Access     Download Demo    
Page: 2 / 2
Total 60 questions

Refer to the exhibit.

A customer is trying to configure a TACACS Authentication Service for administrative what could be the reason for the Login Status REJECT?

A.

The password used by the administrative user is wrong.

B.

The Enforcement profile used is not a TACACS profile.

C.

The Read-only Administrator role does not exist on the Controller.

D.

The Enforcement profile is not designed to be used on Aruba Controller

Which statements art true about controller-initiated and server-initiated login method? (Select two)

A.

Controller-initiated login method should be used if the guest user's network login will be handled by the controller-based AP to perform the HTTP post when the user attempts a login.

B.

Controller-initiated login method should be used of the guest user's network login will be handled by the guest browser to perform the HTTP port when the user attempts a login

C.

server-in it will login method should be used if the guest user s network login will be handled by the wired switch by standing the authentication request to (PPM when the user attempts a login

D.

server-initiated login method should be used if the guest user’s network login will be handled by ClearPass by sending the authentication request to itself when the user attempts a login

E.

server-initiated login method should be used if the guest users network login will be handled by the ClearPass by standing a CoA after authentication request is posted to itself when the user attempts a login

A customer has multiple Aruba Controllers integrated with ClearPass for guest access using a controller-initialed login method. The customer is aware that a public CA-signed captive portal certificate is required in Aruba controllers for controller-initiated workflows. The customer has purchased unique public CA-signed server certificates for each controller.

What configuration steps would you suggest to the customer to complete the deployment? (Select three.)

A.

From the weblogin/ self-registration page NAS Vendor settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

B.

Edit the HTML header in the weblogin/ self-registration register page with a script to match the controllers IP and captive portal certificate CN names respectively.

C.

From the Aruba controller, enable the option "Add switch IP address in the redirection URL" under the respective L3 Authentication profile mapped in the initial role

D.

From the Aruba controller, enable the option 'Add switch ip address in the redirection URL' under the respective guest AAA profile mapped in the VAP profile.

E.

Add all the controller IP address and its certificate common names in the DNS server's Forward Lookup Zones and Reverse Lookup Zones to resolve queries from client.

F.

From the weblogin/ self-registration page Login form settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

Refer to the exhibit.

What enforcement prof lit will be assigned to the Windows 10 MDH enabled devices if it completes user authentication and is already profiled by ClearPess?

A.

Cisco Full A. Access VLAN

B.

Default - Deny Access Profile

C.

Cisco Redirect ACL for profiling

D.

Cisco Redirect URL - Service Unavailable

Refer to the exhibit.

A customer it troubleshooting a client not getting the SHV posture updated and the OnGuard agent shows the Health Status Not Known. What could the user do to update the health status?

A.

connect using an interface that is configured as Managed Interface

B.

reinstall the OnGuard agent from the Wired interface

C.

change the Policy Manager Zone mapping and add the WIRED interface range

D.

modify the agent.conf file and add the WIRED interface to it

The customer has configured the guest self-registration with sponsor approval. The guest users that the sponsor email and the other requested details while registering the account but the users were able to complete the authentication and access the internet without the sponsor's approval.

What configuration settings will you check to make this setup work?

A.

Check if sponsor name field is enabled in the register form page

B.

Check if sponsor email field is enabled in the register form page

C.

Check if authentication option n is enabled in the self-registration page enabled.

D.

Check if sponsor confirmation is enabled in the self-registration page

Refer to the exhibit.

You have set up a home lab for ACCX exam preparation with Aruba Clear Pass integrated with Aruba Controller and Instant Access Point Guest Mac Caching functionality is configured only for Aruba Controller's guest SSID and a common Web Login page is configured for both NAD devices You tested and verified the mac caching functionality for a client by connecting it to the Aruba Controller's guest SSID.

What will happen when you disconnect the client from Aruba Controller's guest SSID and connect it to Instant APs guest SSID?

A.

The client will bypass the captive portal authentication by completing the MAC authentication.

B.

The client will fail the mac authentication and will be redirected to the captive portal page.

C.

The client does not have to complete any authentication as the re-connection was immediate.

D.

The client will be redirected to the captive portal page to complete the web authentication.