Independence Day Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 1b2718643m

HPE6-A81 Exam Dumps - Aruba Certified ClearPass Expert Written Exam

Question # 4

Refer to the exhibit.

A customer is trying to configure a TACACS Authentication Service for administrative what could be the reason for the Login Status REJECT?

A.

The password used by the administrative user is wrong.

B.

The Enforcement profile used is not a TACACS profile.

C.

The Read-only Administrator role does not exist on the Controller.

D.

The Enforcement profile is not designed to be used on Aruba Controller

Full Access
Question # 5

A customer has multiple Aruba Controllers integrated with ClearPass for guest access using a controller-initialed login method. The customer is aware that a public CA-signed captive portal certificate is required in Aruba controllers for controller-initiated workflows. The customer has purchased unique public CA-signed server certificates for each controller.

What configuration steps would you suggest to the customer to complete the deployment? (Select three.)

A.

From the weblogin/ self-registration page NAS Vendor settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

B.

Edit the HTML header in the weblogin/ self-registration register page with a script to match the controllers IP and captive portal certificate CN names respectively.

C.

From the Aruba controller, enable the option "Add switch IP address in the redirection URL" under the respective L3 Authentication profile mapped in the initial role

D.

From the Aruba controller, enable the option 'Add switch ip address in the redirection URL' under the respective guest AAA profile mapped in the VAP profile.

E.

Add all the controller IP address and its certificate common names in the DNS server's Forward Lookup Zones and Reverse Lookup Zones to resolve queries from client.

F.

From the weblogin/ self-registration page Login form settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

Full Access
Question # 6

Which statements art true about controller-initiated and server-initiated login method? (Select two)

A.

Controller-initiated login method should be used if the guest user's network login will be handled by the controller-based AP to perform the HTTP post when the user attempts a login.

B.

Controller-initiated login method should be used of the guest user's network login will be handled by the guest browser to perform the HTTP port when the user attempts a login

C.

server-in it will login method should be used if the guest user s network login will be handled by the wired switch by standing the authentication request to (PPM when the user attempts a login

D.

server-initiated login method should be used if the guest user’s network login will be handled by ClearPass by sending the authentication request to itself when the user attempts a login

E.

server-initiated login method should be used if the guest users network login will be handled by the ClearPass by standing a CoA after authentication request is posted to itself when the user attempts a login

Full Access
Question # 7

When building an SNMP-based enforcement profile what option can you assign to the user as actions? (Select three).

A.

Enforce a VLAN ID for the client

B.

Set a session timeout for the client

C.

Enforce Firewall policies

D.

Send captive portal web re-direct URL

E.

ClearPass Downloadable Role

F.

Reset the connection after the settings has been pushed

Full Access
Question # 8

A customer is planning to implement machine and user authentication on infrastructure with one Aruba Controller and a single ClearPass Server. What should the customer consider while designing this solution? (Select three.)

A.

The customer does not need to worry about Multi-Master Catht Survivability because the Controller will also cache the machine state.

B.

The Windows User must log off. restart or disconnect their machine to initiate a machine authentication before the cache expires.

C.

The machine authentication status rs written in the Multi-master cache on the ClearPass Server for 24 hrs

D.

The Customer should enable Multi-Master Cache Survivability as the Aruba Controller will not cache the machine state.

E.

Machine Authentication only uses EAP TLS. as such a PKI infrastructure should be in place for machine authentication.

F.

Onboard must be used to install the Certificates on the personal devices to do the user and machine authentication

Full Access