HP hpe6-a68 practice test
Aruba Certified Clearpass Professional 6.7 Exam
Question 1
What does the Posture Token QUARANTINE imply?
- A. The client is compliant. However, there is an update available to remediate the client to HEALTHY state.
- B. The posture of the client is unknown.
- C. The client is infected and is a threat to other systems in the network.
- D. The client is out of compliance, but has HEALTHY state.
- E. The client is out of compliance.
Answer:
E
Question 2
During a web login authentication, what is expected to happen as part of the Automated NAS login?
- A. NAD sends TACACS+ request to ClearPass.
- B. ClearPass sends TACACS+ request to NAD.
- C. Client device sends RADIUS request to NAD.
- D. NAD sends RADIUS request to ClearPass.
- E. ClearPass sends RADIUS request to NAD.
Answer:
D
Question 3
Which statement is true about the configuration of a generic LDAP server as an External
Authentication server in ClearPass? (Choose three.)
- A. Generic LDAP Browser can be used to search the Base DN.
- B. An administrator can customize the selection of attributes fetched from an LDAP server.
- C. The bind DN can be in the [email protected] format.
- D. A maximum of one generic LDAP server can be configured in ClearPass.
- E. A LDAP Browser can be used to search the Base DN.
Answer:
A,B,E
Question 4
Refer to the exhibit.
Based on the Posture Policy configuration shown, above, which statement is true?
- A. This Posture Policy can only be applied to an 802.1x wired service not 802.1x wireless.
- B. This Posture Policy checks the health status of devices running Windows, Linux and Mac OS X.
- C. This Posture Policy can use either the persistent or dissolvable Onguard agent to obtain the statement of health.
- D. This Posture Policy checks for presence of a firewall application in Windows devices.
- E. This Posture Policy checks with a Windows NPS server for posture tokens.
Answer:
C
Question 5
Exhibit:
Based on the Local User repository in ClearPass shown, which Aruba firewall role will be assigned to
mike when this user authenticates Aruba Controller?
- A. We can’t know this from the screenshot above.
- B. mike
- C. Employee
- D. john
Answer:
A
Question 6
Refer to the exhibit.
What does the Cache Timeout Value refer to?
- A. The amount of time the Policy Manager caches the user credentials stored in the Active Directory.
- B. The amount of time the Policy Manager waits for a response from the Active Directory before checking the backup authentication source.
- C. The amount of time the Policy Manager caches the user attributes fetched from Active Directory.
- D. The amount of time the Policy Manager waits for response from the Active Directory before sending a timeout message to the Network Access Device.
- E. The amount of time the Policy Manager caches the user\s client certificate.
Answer:
C
Question 7
Which statement is true? (Choose two.)
- A. Mobile device Management is the result of Onboarding.
- B. Third party Mobile Device Management solutions can be integrated with ClearPass.
- C. Mobile Device Management is the authentication that happens before Onboarding.
- D. Mobile Device Management is an application container that is used to provision work applications.
- E. Mobile Device Management is used to control device functions post-Onboarding.
Answer:
BE
Question 8
Which is a valid policy simul-ation types in ClearPass? (Choose three.)
- A. Enforcement Policy
- B. Posture token derivation
- C. Role Mapping
- D. Endpoint Profiler
- E. Chained simulation
Answer:
ACE
Question 9
Which statement is true about the databases in ClearPass?
- A. Entries in the guest user database do not expire.
- B. A Static host list can only contain a list of IP addresses.
- C. Entries in the guest user database can be deleted.
- D. Entries in the local user database cannot be modified.
- E. The endpoints database can only be populated by manually adding MAC addresses to the table.
Answer:
A
Question 10
A bank would like to deploy ClearPass Guest with web login authentication so that their customers
can selfregister on the network to get network access when they have meetings with bank
employees. However, theyre concerned about security.
What is true? (Choose three.)
- A. If HTTPS is used for the web login page, after authentication is completed guest Internet traffic will all be encrypted as well.
- B. During web login authentication, if HTTPS is used for the web login page, guest credentials will be encrypted.
- C. After authentication, an IPSEC VPN on the guest’s client be used to encrypt Internet traffic.
- D. HTTPS should never be used for Web Login Page authentication.
- E. If HTTPS is used for the web login page, after authentication is completed some guest Internet traffic may be unencrypted.
Answer:
BCE