Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. HP
  3. Aruba Certified ClearPass Expert (ACCX)
  4. HPE6-A81 - Aruba Certified ClearPass Expert Written Exam

HP HPE6-A81 Aruba Certified ClearPass Expert Written Exam Exam Practice Test

Demo: 8 questions
Total 60 questions
Get HPE6-A81 Full Access Download HPE6-A81 PDF

Aruba Certified ClearPass Expert Written Exam Questions and Answers

Question 1

What configuration steps should you follow to add terms and conditions page on Guest seIf-registration for CPPM? (Select two).

Options:

A.

Edit the creetoraccepiterms form field in register page and change HTML section by pointing the hyperlink to the HTML file uploaded

B.

Edit the accept_terms form field in receipt page and change HTML section by pointing the hyper link to the HTML file uploaded m Guest Manager

C.

Create an HTML page with custom terms and condition and upload it to public files under Clearpass Guest -> configuration -> content manager

D.

Edit the creatoracceprterms form field in receipt page and change HTML section by pointing the hyperlink to the HTML file uploaded

E.

Create an HTML page with custom terms and condition and upload it to private files under Clearpass Guest -> configuration -> content manager

Question 2

A customer is troubleshooting a user that has complained about randomly having issues connecting the network with EAP PEAP using the Corporate Laptop. The initial checks are showing a number of authentication failures but no sign of issues with the ClearPass server or AD.

What can the Customer do to monitor this user Authentication trend closely over the next few days?

Options:

A.

configure a Report using Radius Failed Authentication template and schedule it to run every 5 mins

B.

configure an Alert using Failed Authentication template with Threshold 1. Interval 5 mins

C.

add the user name in the Insight/Alert/Watchlitst and get the authentication failures notifications within 30 seconds

D.

add to ClearPass Insight Dashboard the Authentication Status widget for this specific user

Question 3

Refer to the exhibit.

You configured a new Wireless 802.1 X service for a Cisco WLC broadcasting the secure-AOM-5007 SSID. The client fails to connect to the SSIO. Using the screenshots as a reference, how would you fix this issue?

Options:

A.

Change the service condition to Radius:lETF Calling-Station-Id EQUALS Secure-ADM-5007

B.

Update the service condition Radws:IETF Called-Stat ion-Id CONTAINS secure-AOM-5007

C.

Remove the service condition Radius:IETF Service-Type BEL0NGS_T0 Login-User (1), 2.8

D.

Make sure that the Network Devices entry for the Cisco WLC has a vendor setting of "Airespace"

Question 4

Refer to the exhibit.

A customer has configured Onboard in a cluster. After the Primary server's failure, the BYOD devices fail to connect to the network. Which step below is the best starting point when troubleshooting'

Options:

A.

Verify the CPPM hostname in OSCP URL under TLS authentication method is updated to localhost instead of primary server's hostname.

B.

Reboot the active ClearPass server and reconnect the client to the SSID by selecting the correct certificate when prompted.

C.

Check if a DNS entry is available for the ClearPass hostname in the certificate, resolvable from the DNS server assigned to the client.

D.

Check EAP certificate on the secondary node is issued by the same common root Certificate Authority (CA).

Question 5

A customer has multiple Aruba Controllers integrated with ClearPass for guest access using a controller-initialed login method. The customer is aware that a public CA-signed captive portal certificate is required in Aruba controllers for controller-initiated workflows. The customer has purchased unique public CA-signed server certificates for each controller.

What configuration steps would you suggest to the customer to complete the deployment? (Select three.)

Options:

A.

From the weblogin/ self-registration page NAS Vendor settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

B.

Edit the HTML header in the weblogin/ self-registration register page with a script to match the controllers IP and captive portal certificate CN names respectively.

C.

From the Aruba controller, enable the option "Add switch IP address in the redirection URL" under the respective L3 Authentication profile mapped in the initial role

D.

From the Aruba controller, enable the option 'Add switch ip address in the redirection URL' under the respective guest AAA profile mapped in the VAP profile.

E.

Add all the controller IP address and its certificate common names in the DNS server's Forward Lookup Zones and Reverse Lookup Zones to resolve queries from client.

F.

From the weblogin/ self-registration page Login form settings, enable the check box for "The controller will send the IP to submit credentials" under Dynamic address.

Question 6

Which statements art true about Aruba down loadable user roles? (select three)

Options:

A.

Administering downloadable user roles can be difficult for a large enterprise.

B.

Can be applied only on ports or WLAN users authenticated by ClearPass.

C.

Can use these result for other authentication methods not involving ClearPass.

D.

Aruba downloadable user role are universally available across the environment.

E.

Aruba downloadable user role is a built in enforcement template in ClearPass.

F.

Downloadable role names must be defined in Aruba switch or controller.

Question 7

Refer to the exhibit.

Your customer has configured the 802.1 X service enforcement conditions with the Endpoint profiling data. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly What is the cause of the issue?

Options:

A.

An additional authorization source should be configured for profiling to work.

B.

The enforcement policy rules evaluation algorithm is not configured correctly.

C.

The option, use cached roles and posture from previous sessions should be enabled.

D.

The enforcement policy conditions configured with profiling data are not correct

Question 8

The customer has a 19.940 loT devices connected to the network and would like to use Allow All Mac Auth to authenticate the users and enforce the action based on the condition defined with the fingerprint details of the device. Which Authorization source would you use to decide the access of the devices?

Options:

A.

Clear Pass Profiler Database

B.

Endpoint Database

C.

Local User Database

D.

Guest Device Database

Load More HPE6-A81 Questions
Demo: 8 questions
Total 60 questions
Get HPE6-A81 Full Access Download HPE6-A81 PDF