HP hpe6-a82 practice test

Question 1

A customer with 985 employees would like to authenticate employees using a captive portal guest
web login page Employees should use their AD credentials to login on this page
Which statement is true?

• A. The customer needs to add second guest service in the policy manager for the guest network.
• B. The customer needs to add the AD server as an authentication source in a guest service
• C. Employees must be taken to a separate web login page on the guest network
• D. The customer needs to add the AD servers RADIUS certificate to the guest network.

Question 2

An organization with 345 employees wants to have the guest create their own accounts for access to
the public WLAN. and when guests reconnect they do not want the guest to have to tog in again
Which ClearPass features can be used to meet these requirements?

• A. ClearPass Onboard Portal
• B. Guest access with MAC caching
• C. Guest serf-registration with sponsor approval
• D. Enforcement based on endpoint profiling

Question 3

An organization wants guests to be able to create their own guest accounts for access to the public
WLAN Guests do not want to have to repeatedly tog in multiple times through the day Which
clearPass feature can meet these requirements?

• A. Enforcement based on endpoint profiling
• B. Guest access with Media Access Control (MAC) caching
• C. ClearPass Onboard Portal.
• D. Guest self-registration with sponsor approval

Question 4

What are benefits of using Network Device Groups in ClearPass? (Select two.)

• A. Allows Service selection rules to match based upon which Network Device Group the Network Access Device (NAD) belongs to
• B. Network Access Devices (NADs) only require Aruba factory installed certificates to join a Network Device Group
• C. A Network Access Device is must be discovered by ClearPass prior to be added to a Network Device Group
• D. Another way to add a customizable "attribute" field to reference when processing authentication requests
• E. Can apply to both Network Access Devices (NADs) as wen as client machines as a way to filter authentication requests

Question 5

Which option supports DHCP profiling for devices in a network?

• A. configuring ClearPass as a DHCP relay for the client
• B. DHCP profiling is enabled on ClearPass by default; configuration of the network access devices is not necessary
• C. enabling the DHCP server to profile endpoints and forward meta-data to ClearPass
• D. enabling DHCP relay on our network access devices so DHCP requests are forwarded to ClearPass

Question 6

Refer to the exhibit.

What does Starch Base Dn do when joining an Active Directory domain? {Select two.)

• A. sets the starting point in the directory tree for the Base DN (Distinguished Name) search
• B. searches for the Base DN (Distinguished Name) based on what was typed in the field
• C. runs an Active Directory query that returns all results along with any matching the entered Base DN (Distinguished Name)
• D. validates the connection details entered in the Connection Details
• E. updates the Base DN (Distinguished Name) in Active Directory if no match is found

Question 7

DRAG DROP
Select all that apply
Match the security description to the term that best fits. Options are used only once.

Question 8

Refer to the exhibit.

A user connects to an Aruba Access Point wireless SSID named 'Secure-Corporate" and performs an
802 1X authentication with ClearPass as the authentication server
Based on this service configuration, which service will be triggered?

• A. Service One
• B. Service Two
• C. Service Three
• D. No service will be triggered

Question 9

Your boss suggests configuring a guest self-registration page in ClearPass for an upcoming conference
event. What are the benefits of using guest serf-registration'? (Select two)

• A. This will allow conference employees to pre-load additional device information as guests arrive and register.
• B. This strategy effectively stops employees from putting their own corporate devices on the guest network.
• C. This will enable additional information to be gathered about guests during the conference.
• D. This allows guest users to create and manage their own login account. D18912E1457D5D1DDCBD40AB3BF70D5D
• E. This will allow employee personal devices to be Onboarded to the corporate network

Question 10

When using Guest Authentication with MAC Caching service template, which statements are true?
(Select two.)

• B. The guest authentication is provided better security than without using MAC caching
• C. The endpoint status of the client will be treated as "known" the first time the client associates to the network
• D. Which wireless SSID and wireless controller must be indicated when configuring the template
• E. The client will be required to re-enter their credentials even if still within the MAC-Auth Expiry term

Question 11

What is true regarding Posturing and Profiling?

• A. Both Posturing and Profiling describe the same thing, what is the health of the client endpoinst?
• B. Profiling describes categorizing the user based on their department while Posturing validates the user as authenticated
• C. Posturing and Profiling are role assignments in ClearPass used internally to map to enforcement policies.
• D. Profiling is the act of identifying the endpoint type while Posturing is assigning a status as to the health of the endpoint

Question 12

Refer to the exhibit.

Which user authentication request will match the service rules of the Policy Service shown?

• A. a wireless user connection would fail because of miss-configured service rules
• B. a wireless user connected to any SSID named "CORP"
• C. a wireless user connecting to any SSID on an Aruba Controller
• D. a wireless user connecting to an Aruba IAP on the SSID "CORP"

Question 13

What is the significance of using the [Allow ALL MAC AUTH] as an Authentication Method for Guests?

• A. This removes the reliance on the known or unknown status for MAC authentication.
• B. All clients with unknown endpoints will be granted guest access regardless of authorization
• C. Client attempts will fail without an additional Authentication method applied.
• D. All clients with known endpoints will be granted guest access regardless of authorization.

Question 14

What happens when a client successfully authenticates but does not match any Enforcement Policy
rules?

• A. A RADIUS Accept is returned and the default Enforcement Profile is applied.
• B. A RADIUS reject is returned for the client.
• C. A RADIUS Accept is retuned, and the default rule is applied to the device.
• D. A RADIUS Accept is returned with no Enforcement Profile applied

Question 15

Which configuration options are necessary to add a Network Access Device into the ClearPass Policy
Manager? (Select two.)

• A. ClearPass Admin Password
• B. https certificate
• C. NAD IP Address
• D. Shared Secret
• E. CLI Console Password