HPE6-A68 Online Practice Questions and Answers

Refer to the exhibit.

A guest connects to the Guest SSID and authenticates successfully using the guest.php web login page.

Based on the MAC Caching service information shown, which statement about the guests' MAC address is accurate?

A. It will be visible in the Guest User Repository with Unknown Status

B. It will be deleted from the Endpoint table.

C. It will be visible in the Guest User Repository with Known Status.

D. It will be visible in the Endpoints table with Known Status.

E. It will be visible in the Endpoints table with Unknown Status.

Refer to the exhibit.

Based on the Enforcement Policy configuration shown, when a user with Role Remote Worker connects to the network and the posture token assigned is quarantine, which Enforcement Profile will be applied?

A. RestrictedACL

B. Remote Employee ACL

C. [Deny Access Profile]

D. EMPLOYEE_VLAN

E. HR VLAN

Which database in the Policy Manager contains the device attributes derived by profiling?

A. Endpoints Repository

B. Client Repository

C. Local Users Repository

D. Onboard Devices Repository

E. Guest User Repository

An employee authenticates using a corporate laptop and runs the persistent Onguard agent to send a health check back the Policy Manager. Based on the health of the device, a VLAN is assigned to the corporate laptop. Which licenses are consumed in this scenario?

A. 1 Policy Manager license, 1 Onboard License

B. 2 Policy Manager licenses, 1 Onguard License

C. 1 Policy Manager license, 1 Profile License

D. 2 Policy Manager licenses, 2 Onguard licenses

E. 1 Policy Manager license, 1 Onguard License

Refer to the exhibit.

An administrator configured a service and tested authentication, but was unable to complete authentication successfully. The administrator performs a Search using insight and the information displays as shown. What is a possible reason for the ErrorCode `Failed to classify request to service' shown?

A. The user failed authentication due to an incorrect password.

B. ClearPass could not match the authentication request to a service, but the user passed authentication.

C. ClearPass service authentication sources were not configured correctly.

D. The NAD did not send the authentication request.

E. ClearPass service rules were not configured correctly.

When is the RADIUS server certificate used? (Select two.)

A. During dual SSID onboarding, when the client connects to the Guest network

B. During EAP-PEAP authentication in single SSID onboarding

C. During post-Onboard EAP-TLS authentication, when the client verifies the server certificate

D. During Onboard Web Login Pre-Auth, when the client loads the Onboarding web page

E. During post-Onboard EAP-TLS authentication, when the server verifies the client certificate

Refer to the exhibit.

Which statements accurately describe the status of the Onboarded devices in the configuration for the network settings shown? (Select two.)

A. They will connect to Employee_Secure SSID after provisioning.

B. They will connect to Employee_Secure SSID for provisioning their devices.

C. They will use WPA2-PSK with AES when connecting to the SSID.

D. They will connect to secure_emp SSID after provisioning.

E. They will perform 802.1X authentication when connecting to the SSID.

In which ways can ClearPass derive client roles during policy service processing? (Select two.)

A. From the attributes configured in Active Directory

B. From the server derivation rule in the Aruba Controller server group for the client

C. From the Aruba Network Access Device

D. From the attributes configured in a Network Access Device

E. Through a role mapping policy

Use this form to make changes to the RADIUS Web Login Guest Network.

A Web Login page is configured in Clear Pass Guest as shown. What is the purpose of the Pre-Auth Check?

A. To authenticate users after the NAD sends an authentication request to ClerPass

B. To authenticate users before the client sends the credentials to the NAD

C. To authenticate users when they are roaming from one NAD to another

D. To authenticate users before they launch the Web Login Page

E. To replace the need for the NAD to send an authentication request to ClearPass

Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)

A. Generic LDAP Browser can be used to search the Base DN.

B. An administrator can customize the selection of attributes fetched from an LDAP server.

C. The bind DN can be in the administrator@domain format.

D. A maximum of one generic LDAP server can be configured in ClearPass.

E. A LDAP Browser can be used to search the Base DN.