HP HPE6-A81 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

Your customer has configured the 802.1 X service enforcement conditions with the Endpoint profiling dat

a. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly What is the cause of the issue?

AAn additional authorization source should be configured for profiling to work.

BThe enforcement policy rules evaluation algorithm is not configured correctly.

CThe option, use cached roles and posture from previous sessions should be enabled.

DThe enforcement policy conditions configured with profiling data are not correct

Answer : C

Question 2

Refer to the exhibit.

A customer has incomplete information for endpoints in the Endpoint Repository. In order to make accurate decisions about what types of devices are connecting to the network. ClearPass is enabled to process the device information from IF-MAP interface, but no updates are received. What can the customer do to update those endpoints using IF-MAP?

AConfigure ClearPass Management IP in the DHCP Helper address

BConfigure IF-MAP on all networking devices to send additional information to ClearPass

CConfigure IF-MAP only on Aruba Mobility Controller, providing ClearPass username and password

DConfigure the authentication service to Audit the endpoints using, the embedded Nmap Server

Answer : A

Question 3

Refer to the exhibit.

A customer has configured Onboard in a cluster. After the Primary server's failure, the BYOD devices fail to connect to the network. Which step below is the best starting point when troubleshooting'

AVerify the CPPM hostname in OSCP URL under TLS authentication method is updated to localhost instead of primary server's hostname.

BReboot the active ClearPass server and reconnect the client to the SSID by selecting the correct certificate when prompted.

CCheck if a DNS entry is available for the ClearPass hostname in the certificate, resolvable from the DNS server assigned to the client.

DCheck EAP certificate on the secondary node is issued by the same common root Certificate Authority (CA).

Answer : A

Question 4

You art deploying Cleat Pass Policy Manager with Guest functionality for a customer with multiple Aruba Networks Mobility Controllers. The customer wants to avoid SSL errors during guest access but due to company security policy cannot use a wildcard certificate on ClearPass or the Controllers.

What is the most efficient way to configure the customer's guest solution? (Select two.)

AInstall the same public certificate on all Controllers with the common name 'controller.{company domain)

BBuild multiple Web Login pages with vendor settings configured for each controller

CBuild one Web Login page with vendor settings for captiveportal-controller (company domain)

DBuild one Web Login page with vendor settings for controller (company domain)

EInstall multiple public certificates with a different Common Name on each controller

Answer : D, E

Question 5

Refer to the exhibit.

A customer has just configured a Posture Policy and the T 2 -Health check Service. Next they installed the OnGuard Agent on a test client connected to the Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered What could be the reason'

AThe OnGuard Agent trigger the events based on changing the Health Status.

BThe OnGuard Agent is connecting to the Data Port interface on ClearPass.

CTCP port 6658 is not allowed between the client and the ClearPass server.

DOnGuard Web-Based Health Check interval has been configured to three minutes.

Answer : D

Question 6

Your customer has recently implemented a seIf-registration portal in ClearPass Guest to be used on a Guest SSID broadcast from an Aruba controller Your customer has started complaining that the users are not able to reliably access the Internet after clicking the login button on the receipt page They tell you that the users will click the login button multiple times and after about a minute they gam access.

What could be causing this issue?

AThe enforcement profile on ClearPass is set up with an IETF:session delay.

BThe self-registration page is configured with a 1 minute login delay.

CThe guest users are assigned a firewall user role that has a rate limit.

DThe guest users are assigned multiple DNS servers delaying DNS response.

Answer : A

Question 7

A customer is troubleshooting the OnGuard Client Activity and is looking into the Live Monitoring -> OnGuard Activity section. What is the Status field representing for this client ?

Athe Client health status is HEALTHY

Bthe Client has been successfully profiled

Cthe Client is online and sends keep-alive messages

Dthe Client is successful authenticated

Answer : B

HP Aruba Certified ClearPass Expert Written HPE6-A81 Exam Practice Test