The Rebirth Guide To HPE6-A82 Exam Price

NEW QUESTION 1
Which configuration options are necessary to add a Network Access Device into the ClearPass Policy Manager? (Select two.)

• A. ClearPass Admin Password
• B. https certificate
• C. NAD IP Address
• D. Shared Secret
• E. CLI Console Password

Answer: CD

NEW QUESTION 2
Which ClearPass feature assesses endpoint context and client device type?

• A. Profiling
• B. Posture
• C. Captive Portal
• D. Onboard

Answer: A

NEW QUESTION 3
A customer with 985 employees would like to authenticate employees using a captive portal guest web login page Employees should use their AD credentials to login on this page
Which statement is true?

• A. The customer needs to add second guest service in the policy manager for the guest network.
• B. The customer needs to add the AD server as an authentication source in a guest service
• C. Employees must be taken to a separate web login page on the guest network
• D. The customer needs to add the AD servers RADIUS certificate to the guest network.

Answer: B

NEW QUESTION 4
Which option support DHCP profiling for devices in a network?

• A. enabling DHCP relay on our network access devices so DHCP requests are forwarded to ClearPass
• B. enabling the DHCP server to profile endpoints and forward meta-data to ClearPass
• C. DHCP profiling is enabled on ClearPass by default configuration of the network access devices is not necessary
• D. configuring ClearPass as a DHCP relay for the client

Answer: A

NEW QUESTION 5
What is an effect of the Cache Timeout setting on the authentication source settings for Active Directory?

• A. ClearPass will validate the user credentials, then, for the duration of the cach
• B. ClearPass will just fetchaccount attributes.
• C. The Cache Timeout is designed to reduce the amount of traffic between ClearPass and the A/D server by caching the credentials
• D. The Cache Timeout is designed to reduce the amount of traffic between ClearPass and the A/D server by caching the attributes.
• E. ClearPass will validate the user credentials on the first attempt, then will always fetch the account attributes

Answer: C

Explanation:
https://community.arubanetworks.com/blogs/arunkumar1/2020/10/20/what-is-the-differencebetween- authentication-cache-timeout-and-machine-authentication-cache-timeout

NEW QUESTION 6
Which authentication method requires a client certificate?

• A. PEAP
• B. Guest serf-registration
• C. EAP-TLS
• D. MAC Authentication

Answer: C

NEW QUESTION 7
Which is true regarding the Cisco Device Sensor feature in ClearPass? (Select two.)

• A. Requires the purchase of a supported Cisco Access Point licensed as an Aruoa Monitor Mode A
• B. to then act as !he sensor
• C. Forwards DHCP and HTTP user-agent info to ClearPass using Control and Datagram Transport Layer Security (DTLS) encapsulation
• D. Gathers raw endpoint data from Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP)
• E. Forwards DHCP and HTTP user-agent info to ClearPass using RADIUS accounting packets
• F. Requires a Cisco Smart Net license to be installed on the Network Access Device (NAD) utilizing the feature

Answer: CE

NEW QUESTION 8
When ClearPass is communicating with external context servers, which connection protocol is typically used?

• A. YAML
• B. SOAP and XML
• C. REST APIs over HTTPS
• D. FTP over SSH

Answer: B

NEW QUESTION 9
Refer to the exhibit.

A client is attempting to authenticate using their Windows account with a bad password if the Remote Lab AD server is down for maintenance, what win be the expected result?

• A. ClearPass receives a timeout attempt when trying the Remote Lab AD server firs
• B. It will then try the server Backup 1 and receive a result of Active Directory Authentication faile
• C. No further processing will occur.
• D. ClearPass try either server Backup 1 or Backup 2 depending on which has responded the fastest in prior attempts to authenticate ClearPass will then receive a result of Active Directory Authentication failed.No further processing will occur.
• E. ClearPass receives a timeout attempt when trying the Remote Lab AD server firs
• F. It will then try the server Backup 1 and Backup 2; both will send a result authentication failed.
• G. ClearPass receive a timeout attempt when trying the Remote Lab AD server firs
• H. No further processing will occur until the Remote Lab AD server is marked as "Down" by the Administrator.

Answer: A

NEW QUESTION 10
What is a function of the posture token in ClearPass OnGuard? (Select two )

• A. Identifies clients that are not security compliant
• B. Initiates the Auto-Remediation process
• C. Controls access to network resources
• D. Denies access to unhealthy clients
• E. indicates the Health Status of the Client

Answer: CD

NEW QUESTION 11
What services are recommended to be allowed by the pre-authenticated role assigned to the Client during the Captive Portal process? (Choose three.)

• A. DHCP options 43 and 150
• B. RADIUS to ClearPass
• C. HTTPS to ClearPass
• D. HTTPS to the Internet
• E. DHCP address assignment
• F. DNS resolution

Answer: CEF

NEW QUESTION 12
Match the ClearPass system description to the best term Options are used only once.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 13
Aruba self-registration with sponsorship is a solution best applied to which type of network?

• A. a chain of auto part stores where employees are assigned mobile devices using a Mobile Device Manager (MDM) and public wireless is available for customers
• B. a large corporate environment with hundreds of contractors requiring wireless access to printers and internet but no other guest access is allowed
• C. a hotel where hundreds of guests are checked in and out of the building daily that may want access to wireless internet
• D. a chain of coffee shops using in a public downtown area with a high amount of guest turnover needing access to public wireless

Answer: B

NEW QUESTION 14
Which fingerprint collectors can help to distinguish between an iPhone and an iPad? (Select two.)

• A. IF-MAP
• B. MAC OUI
• C. HTTP
• D. TCP header capture
• E. SNMP

Answer: AB

NEW QUESTION 15
Refer to the exhibit.

What are two consequences of the Cache Timeout being set to 36000 seconds? (Select two.)

• A. ClearPass will cache all user and machine attributes from AD every 10 hours in anticipation of one of those users or machines attempting to authenticate.
• B. Less traffic is required between ClearPass and the AD server when re-authenticating within a 10 hourperiod.
• C. The Cache Timeout is designed to reduce the amount of traffic between ClearPass and the AD server by caching user credentials for a 10 hour period.
• D. A user changing departments may not see their Department attribute change in AD reflected while authenticating until the Cache Timeout period has ended.
• E. On a failed authentication attempt, ClearPass will consider any subsequent attempts within 10 hours as total failed attempts before blacklisting the client.

Answer: AC

NEW QUESTION 16
A customer is setting up Guest access with ClearPass. They are considering using 802.1X for both the
Employee network and the Guest network. What are two issues the customer may encounter when deploying 802.1X with the Guest network? (Select two)

• A. the lack of encryption during the authentication process
• B. ClearPass win not be able to enforce individual Access Control policies.
• C. the high level of complexity for users to join the guest network
• D. Guests will not be able to be uniquely identified.
• E. difficult to maintain in an environment with a large number of transient guest users

Answer: CE

NEW QUESTION 17
Which most accurately describes the "Select All Matches" rule evaluation algorithm in Enforcement Policies?

• A. Each rule is checked, and once a match is found, the Enforcement profile assigned to that rule is applied and the rule matching stops.
• B. All rules are checke
• C. And if there is no match no Enforcement profile is applied.
• D. Each rule is checked, and once a match is found, the Enforcement profile assigned to that rule ts applied, along with the default Enforcement profile.
• E. All rules are checked for any matching rules and their respective Enforcement profiles are applied.

Answer: D

NEW QUESTION 18
Which two are required to add a Network Access Device (NAD) into ClearPass? (Select two.)

• A. ClearPass Admin login credentials
• B. SSH password
• C. Shared Secret
• D. HTTPS certificate
• E. NAD IP address

Answer: CE

NEW QUESTION 19
When joining ClearPass to an Active Directory (AD) domain, what information is required? (Select two.)

• A. ClearPass Policy Manager (CPPM) enterprise credentials.
• B. Domain Administrator credentials with at least read access
• C. Domain User credentials with read-write access
• D. Cache Timeout value set to at least 10 hours
• E. Fully Qualified Domain Name (FQDN) of the AD Domain Controller.

Answer: BE

NEW QUESTION 20
When should a role mapping policy be used in an 802.1x service with Active Directory as the authentication source?

• A. When you want to match Active Directory attributes directly to an enforcement policy.
• B. When you want to enable attributes as roles directly without combining multiple attributes
• C. When you want to translate and combine Active Directory attributes into ClearPass roles.
• D. When you want to match Active Directory attributes to a Aruba firewall role on a Aruba Network Access Device.

Answer: A

NEW QUESTION 21
An organization has configured guest self-registration with internal sponsorship Which options can be configured to send guest users their credentials outside of the initial login web-page? (Select two )

• A. Configure a Short Message Service (SMS) Gateway under ClearPass Guest configuration.
• B. Configure the self-registration page for the guest to receive a Simple Mali Transport Protocol (SMTP) receipt
• C. Configure a Short Message Service (SMS) Gateway in ClearPass Policy Manager administration.
• D. Configure a Simple Mail Transport Protocol (SMTP) server in ClearPass Guest administration.
• E. Configure a Simple Man Transport Protocol (SMTP) server in ClearPass Policy Manager administration

Answer: BE

NEW QUESTION 22
What happens when a client successfully authenticates but does not match any Enforcement Policy rules?

• A. A RADIUS Accept is returned and the default Enforcement Profile is applied.
• B. A RADIUS reject is returned for the client.
• C. A RADIUS Accept is retuned, and the default rule is applied to the device.
• D. A RADIUS Accept is returned with no Enforcement Profile applied

Answer: A

NEW QUESTION 23
Sponsorship has been enabled on the guest network A guest user connects and completes the self-registration form indicating a valid sponsor. The guest then clicks submit What is the current state of the guest account?

• A. The guest account is created in a disabled state with the "Log In" button grayed out
• B. The guest account is not yet created and remains in a disabled state There is not "Log in" button yet displayed
• C. The guest account is created in disabled state, the "Log In" button will appear only after the sponsor approval process is completed
• D. The guest account is created in an enabled state with the Tog in" button functional

Answer: C

NEW QUESTION 24
What needs to be configured for ClearPass use an enforcement rule base on client Data Cap?

• A. Interim Accounting on the Network Access Device (NAD).
• B. Enable Active Sessions in ClearPass Guest
• C. Enable Logging of Accounting Start-Stop packets.
• D. Make sure the Endpoint Profiling is configured

Answer: A

NEW QUESTION 25
Refer to the exhibit.

What is true regarding leaving the indicated option "Use cached Roles and Posture attributes from previous sessions" unchecked?

• A. The service will make the enforcement decision based upon the updated Posture regardless of caching
• B. A posture change applied to an endpoint is going to be lost each time the client re-authenticates
• C. Posturing win no longer be evaluated in determining the enforcement policy for current or future sessions.
• D. Cached posture results are no longer stored by ClearPass but instead are saved to the endpoint of the client.

Answer: B

NEW QUESTION 26
......