HPE6-A82 Online Practice Questions and Answers

When ClearPass is communicating with external context servers, which connection protocol is typically used?

A. FTP over SSH

B. REST APIs over HTTPS

C. SOAP and XML

D. YAML

ClearPass receives fingerprinting profile data for a client device that is based on MAC OUI, NMAP, DHCP, and OnGuard. Which fingerprint or fingerprints are used?

A. NMAP because it is actively obtained

B. The last fingerprint gathered

C. OnGuard because it is application based

D. All fingerprints are applied

What is the purpose of service rules in ClearPass?

A. selects the Enforcement Profiles used in a service

B. selects the Service to process a request

C. selects the Authentication Source for the client

D. selects the Posture Policy used with OnGuard

Refer to the exhibit.

When creating a new ClearPass Service, the [Time Source] has been added as an authorization source. What time source is ClearPass referencing?

A. the ClearPass server where Insight Master has been enabled

B. the local clock of the ClearPass server doing the authentication

C. the local time setting found on the authenticating client machine

D. the NTP (Network Time Protocol) source indicated in the Cluster settings

Refer to the exhibit.

A user connects to an Aruba Access Point wireless SSID named "Secure-Corporate" and performs an 802.1X authentication with ClearPass as the authentication server.

Based on this service configuration, which service will be triggered?

A. No service will be triggered

B. Service Three

C. Service Two

D. Service One

Which option supports DHCP profiling for devices in a network?

A. configuring ClearPass as a DHCP relay for the client

B. DHCP profiling is enabled on ClearPass by default; configuration of the network access devices is not necessary

C. enabling the DHCP server to profile endpoints and forward meta-data to ClearPass

D. enabling DHCP relay on our network access devices so DHCP requests are forwarded to ClearPass

What is RADIUS Change of Authorization (CoA)?

A. It is a mechanism that enables ClearPass to assigned a User-Based Tunnel (UBT) between a switch and controller for Dynamic Segmentation.

B. It allows clients to issue a privilege escalation request to ClearPass using RADIUS to switch to TACACS+.

C. It allows ClearPass to transmit messages to the Network Attached Device/Network Attached Server (NAD/NAS) to modify a user's session status.

D. It forces the client to re-authenticate upon roaming to an access point controlled by a foreign mobility controller.

Refer to the Endpoint in the screenshot.

What are possible ways that it was profiled? (Choose two.)

A. Exchange Plugging agent

B. NAD ARP listening handler

C. 3rd part MDM

D. DNS fingerprinting

E. Cisco Device Sensor

Aruba self-registration with sponsorship is a solution best applied to which type of network?

A. a large corporate environment with hundreds of contractors requiring wireless access to printers and internet but no other guest access is allowed

B. a chain of auto part stores where employees are assigned mobile devices using a Mobile Device Manager (MDM) and public wireless is available for customers

C. a hotel where hundreds of guests are checked in and out of the building daily that may want access to wireless internet

D. a chain of coffee shops using in a public downtown area with a high amount of guest turnover needing access to public wireless

What services are recommended to be allowed by the pre-authenticated role assigned to the Client during the Captive Portal process? (Choose three.)

A. DHCP options 43 and 150

B. RADIUS to ClearPass

C. HTTPS to ClearPass

D. HTTPS to the Internet

E. DHCP address assignment

F. DNS resolution