HPE6-A68 Online Practice Questions and Answers

A customer wants all guests who access a company's guest network to have their accounts approved by the receptionist, before they are given access to the network. How should the network administrator set this up in ClearPass? (Select two.)

A. Enable sponsor approval confirmation in Receipt actions.

B. Configure SMTP messaging in the Policy Manager.

C. Configure a MAC caching service in the Policy Manager.

D. Configure a MAC auth service in the Policy Manager.

E. Enable sponsor approval in the captive portal authentication profile on the NAD.

Refer to the exhibit.

Based on the information shown, which field in the Captive Portal Authentication profile should be changed so that guest users are redirected to a page on ClearPass when they connect to the Guest SSID?

A. both Login and Welcome Page

B. Default Role

C. Welcome Page

D. Default Guest Role

E. Login Page

A customer with an Aruba Controller wants it to work with ClearPass Guest. How should the customer configure ClearPass as an authentication server in the controller so that guests are able to authenticate successfully?

A. Add ClearPass as a RADIUS CoA server.

B. Add ClearPass as a RADIUS authentication server.

C. Add ClearPass as a TACACS+ authentication server.

D. Add ClearPass as an HTTPS authentication server.

An SNMP probe is sent from ClearPass to a network access device, but ClearPass is unable to obtain profiling information. What are likely causes? (Select three.)

A. Only SNMP read has been configured but SNMP write is needed for profiling information.

B. An external firewall is blocking SNMP traffic.

C. SNMP is not enabled on the NAD.

D. SNMP community string in the ClearPass and NAD configuration is mismatched.

E. SNMP probing is not supported between ClearPass and NADs.

Which database in the Policy Manager contains the device attributes derived by profiling?

A. Endpoints Repository

B. Client Repository

C. Local Users Repository

D. Onboard Devices Repository

E. Guest User Repository

Why is a terminate session enforcement profile used during posture checks with 802.1x authentication?

A. To send a RADIUS CoA message from the ClearPass server to the client

B. To disconnect the user for 30 seconds when they are in an unhealthy posture state

C. To blacklist the user when they are in an unhealthy posture state

D. To force the user to re-authenticate and run through the service flow again

E. To remediate the client applications and firewall do that updates can be installed

Refer to the exhibit.

Based on the Enforcement Policy configuration shown, when a user with Role Engineer connects to the network and the posture token assigned is Unknown, which Enforcement Profile will be applied?

A. EMPLOYEE_VLAN

B. RestrictedACL

C. Deny Access Profile

D. HR VLAN

E. Remote Employee ACL

Refer to the exhibit.

Based on the Policy configuration shown, which VLAN will be assigned when a user with ClearPass role Engineer authenticates to the network successfully on Saturday using connection protocol WEBAUTH?

A. Full Access VLAN

B. Employee VLAN

C. Internet VLAN

D. Deny Access

Refer to the exhibit.

An Enforcement Profile has been created in the Policy Manager as shown. Which action will ClearPass take based on the Enforcement Profile? A. It will send the Session-Timeout attribute in the RADIUS Access-Request packet to the NAD and the NAD will end the user's session after 600 seconds.

B. It will send the Session-Timeout attribute in the RADIUS Access-Accept packet to the User and the user's session will be terminated after 600 seconds.

C. It will count down 600 seconds and send a RADUIS CoA message to the NAD to end the user's session after this time is up.

D. It will count down 600 seconds and send a RADUIUS CoA message to the user to end the user's session after this time is up.

E. It will send the session -Timeout attribute in the RADIUS Access-Accept packet to the NAD and the NAD will end the user's session after 600 seconds.

What does the Posture Token QUARANTINE imply?

A. The client is compliant. However, there is an update available to remediate the client to HEALTHY state.

B. The posture of the client is unknown.

C. The client is infected and is a threat to other systems in the network.

D. The client is out of compliance, but has HEALTHY state.

E. The client is out of compliance.