HP HPE6-A81 Exam Practice Test Instant Access

Question 1

Which statements are true about that integration between ClearPass Policy Manager and ClearPass Device Insight? (Select two)

APolicy Manager stops using ClearPass Profiler for fingerprinting and uses Device Insight Analyzer instead for endpoint in-depth data analysis.

BClearPass Device Insight updates ClearPass Policy Manager every 60 minutes if it detects a change in device classification like device spoofing.

CTo provide enhanced profiling and reporting. additional configuration is required to transmit data in both directions between CPPM and Device Insight.

DWhen Device Insight integration mode is enabled. you can still use Update Fingerprint button to Update Endpoints at Configuration > Identity > Endpoints

EAn attribute named Device Insight Tags art added to the Endpoints that art available to use in service, role-mapping, and enforcement policy Rules

Answer : C, D

Question 2

Refer to the exhibit.

What enforcement profile will be assigned to a client who has successfully completed the user and machine authentication with UNKNOWN posture token?

ARedirect to Aruba OnBoard Portal

BRedirect to Aruba Quarantine Profile

CRedirect to Aruba Dissolvable_page Profile

DDeny Access Profile

Answer : C

Question 3

A customer is troubleshooting a user that has complained about randomly having issues connecting the network with EAP PEAP using the Corporate Laptop. The initial checks are showing a number of authentication failures but no sign of issues with the ClearPass server or AD.

What can the Customer do to monitor this user Authentication trend closely over the next few days?

Aconfigure a Report using Radius Failed Authentication template and schedule it to run every 5 mins

Bconfigure an Alert using Failed Authentication template with Threshold 1. Interval 5 mins

Cadd the user name in the Insight/Alert/Watchlitst and get the authentication failures notifications within 30 seconds

Dadd to ClearPass Insight Dashboard the Authentication Status widget for this specific user

Answer : C

Question 4

Where is the following information stored in Clear Pass?

- Roles and Posture for Connected Clients - System Health for OnGuard - Machine authentication State - CoA session info - Mapping of connected clients to NAS/NAD

AClearPass system cache

BMulti-Master cache

CInsight database

DEndpoint database

Answer : C

Question 5

A customer has deployed an OnGuard Solution to all the corporate devices using a group policy result to push the OnGuard Agtnts. The network administrator is complaining that soma of the agents are communicating to the ClearPass server that is located in a DMZ. outside the firewall The network administrator wants all of the agents System Health Validation traffic to stay inside the Management subnets.

What can the ClearPass administrator do to move the traffic only to the ClearPass Management Ports?

ASelect the correct OnGuard Agent installer, and use the one configured for Management Port for the clients.

BFilter TCP port 6658 on the firewall, forcing the OnGuard agent to use the ClearPass Management port.

CConfigure a Policy Manager Zone mapping so the OnGuard agent will use the Management Port IP.

DEdit the agent.conf file being deployed to the clients to use the ClearPass Management Port for SHV updates

Answer : B

Question 6

Refer to the exhibit.

A customer is doing a new ClearPass installation and is setting up clustering between two ClearPass servers running a 6.8.6 version. The ClearPass server failed to add the subscriber node. The customer was able to login to the console of the ClearPass server with the same CLI password used during the cluster setup. The customer has sent you the screenshots seeking your support Why did an attempt to add a subscriber node failed showing that error?

AThe data and time in the subscriber was not synchronized with the NTP server

BThe subscriber server is running with a default self -signed HTTPS certificate

CThe default database certificate used in the publisher server is not a valid certificate

DThe subscriber server is running with a public signed and trusted HTTPS certificate

Answer : B

Question 7

A Customer has these requirements:

* 2.000 loT endpoints that use MAC authentication

* 6.000 endpoints using a mix of username/password and certificate (Corporate/BYOD) based authentication

* 1.000 guest endpoints at peak usage that use guest self-registration

* 1500 BYOD devices estimated as 3 devices per User (500 users)

* 2.500 endpoints that have OnGuard installed and connect on a daily basis

What licenses should be installed to meet customer requirements?

A11.500 Access. 1.500 Onboard. 2.500 OnGuard

B13.000 Access. 1.500 Onboard. 2.500 OnGuard

C9.000 Access. 500 Onboard. 2.500 OnGuard

D11.500 Access. 500 Onboard. 2.500 OnGuard

Answer : A

HP Aruba Certified ClearPass Expert Written HPE6-A81 Exam Practice Test