HPE6-A81 Practice Exam Questions with Answers Aruba Certified ClearPass Expert Written Exam Certification

A customer is planning to implement machine and user authentication on infrastructure with one Aruba Controller and a single ClearPass Server. What should the customer consider while designing this solution? (Select three.)

Your customer has read about a feature in OnGuard for OnGuard Persistent Agent and Agentless OnGuard that can display a new Posture Results web page to notify that and users with posture results for unhealthy clients after the health check is done. Where do you configure this option?

You have designed a ClearPass solution for an Information Technology Business Park with 50,377 concurrent sessions including the visitors. The deployment includes eight ClearPass servers handling RADIUS authentication. Guest Self-Registration. Onboard and OnGuard. CPPM1 is acting as Publisher. CPPM2 to CPPM8 are added as subscriber nodes CPPM4 is the designated Standby Publisher. Servers CPPM2 and CPPM3 will be handling the Guest and Onboard HTTPS traffic. On a few devices, Corporate users will perform username and password based authentication with Active Directory accounts and on few devices, they will be using private CA signed TLS certificates to do the authentication The customer has three Active Directories (AD1, AD2 and A03) part of Multi-Domain Forest. To provide authentication redundancy, the customer has configured multiple Virtual IP settings between ClearPass servers in a cluster.

On all the Network Access Devices (NAD), the primary authentication server is configured as the VIP IP address and the secondary authentication server rs configured as CPPM1 MGMT IP address Based on the information provided, which ClearPass nodes will you join to the AD domain

A Customer has these requirements:

• 2.000 loT endpoints that use MAC authentication

• 6.000 endpoints using a mix of username/password and certificate (Corporate/BYOD) based authentication

• 1.000 guest endpoints at peak usage that use guest self-registration

• 1500 BYOD devices estimated as 3 devices per User (500 users)

• 2.500 endpoints that have OnGuard installed and connect on a daily basis

What licenses should be installed to meet customer requirements?

Refer to the exhibit.

You have configured an Onboard portal for single SSID provision. During testing you notice that the QuickConnect Application did not display the "Connect" button, only the finish button. To get connected the test user had to manually connect to the secure-HS-5007 SSID but was prompted for a username and password. Using the screenshots as a reference, how would you fix this issue?

Refer to the exhibit.

A customer is doing a new ClearPass installation and is setting up clustering between two ClearPass servers running a 6.8.6 version. The ClearPass server failed to add the subscriber node. The customer was able to login to the console of the ClearPass server with the same CLI password used during the cluster setup. The customer has sent you the screenshots seeking your support Why did an attempt to add a subscriber node failed showing that error?

Your customer has recently implemented a seIf-registration portal in ClearPass Guest to be used on a Guest SSID broadcast from an Aruba controller Your customer has started complaining that the users are not able to reliably access the Internet after clicking the login button on the receipt page They tell you that the users will click the login button multiple times and after about a minute they gam access.

What could be causing this issue?

Refer to the exhibit.

You have set up a home lab for ACCX exam preparation with Aruba Clear Pass integrated with Aruba Controller and Instant Access Point Guest Mac Caching functionality is configured only for Aruba Controller's guest SSID and a common Web Login page is configured for both NAD devices You tested and verified the mac caching functionality for a client by connecting it to the Aruba Controller's guest SSID.

What will happen when you disconnect the client from Aruba Controller's guest SSID and connect it to Instant APs guest SSID?

Refer to the exhibit.

The users connecting to a wireless SSIO "secure-HS-5007" were being processed by an incorrect 802.1 X service created for VIP access and the user gets deny access. The customer has sent you the screenshot to get your support to resolve the issue What changes will you suggest to fix it?

Refer to the exhibit.

What enforcement prof lit will be assigned to the Windows 10 MDH enabled devices if it completes user authentication and is already profiled by ClearPess?

A customer has deployed an OnGuard Solution to all the corporate devices using a group policy result to push the OnGuard Agtnts. The network administrator is complaining that soma of the agents are communicating to the ClearPass server that is located in a DMZ. outside the firewall The network administrator wants all of the agents System Health Validation traffic to stay inside the Management subnets.

What can the ClearPass administrator do to move the traffic only to the ClearPass Management Ports?

Under OnBoard Management and Control, which option will deny the user from re-enrolling one of his devices with Onboard?

View by Certificate >> Click on the device >> Delete certificate

Refer to the exhibit.

You have integrated the Cisco switch with ClearPass to do MAC-Auth for Cisco IP Phones. The phones connect to the network successfully but when you try to change the status of the device from the access tracker, you see only the ArubaOS Radius terminate session options and not the Cisco vendor terminate session options. What will you check to fix this issue?