HP hpe6-a75 practice test
Aruba Certified Edge Professional Exam Exam
Question 1
A university wants to deploy ClearPass with the Guest module. They have two types of users that
need to use web login authentication. The first type of users are students whose accounts are in an
Active Directory server. The second type of users are friends of students who need to self-register to
access the network.
How should the service be setup in the Policy Manager for this Network?
- A. Guest User Repository and Active Directory server both as authentication sources
- B. Active Directory server as the authentication source, and Guest User Repository as the authorization source
- C. Guest User Repository as the authentication source, and Guest User Repository and Active Directory server as authorization sources
- D. Either the Guest User Repository or Active Directory server should be the single authentication source
- E. Guest User Repository as the authentication source and the Active Directory server as the authorization source
Answer:
A
Question 2
Refer to the exhibit.
An AD user's department attribute is configured as *HR". The user connects on Monday using their
Windows Laptop to a switch that belongs to the Device Group HQ. Which role is assigned to the user
in ClearPass?
- A. Executive
- B. iOS Device
- C. Vendor
- D. Remote Employee
- E. HR Local
Answer:
D,E
Question 3
When is it necessary to use an SNMP based Enforcement profile to send a VIAN?
- A. When we have to assign a vlan to a wired user on a third party wired switch that doesn't support RADIUS return attributes.
- B. When we have to assign a VLAN to a wired user on an Aruba Mobility Access Switch.
- C. When we have to assign a VIAN to a wired user on an Aruba Mobility Controller.
- D. When we have to assign a VLAN to a wired user on a third party wired switch that doesn't support RADIUS authentication.
- E. When we have to assign a VLAN to a wireless user on an Aruba Mobility Controller.
Answer:
B
Question 4
Refer to the exhibit.
Which statements accurately describe the status of the Onboarded devices in the configuration tor
the network settings shown? (Select two.)
- A. They will connect to Employee_Secure SSID after provisioning.
- B. They will connect to Employee_Secure SSID for provisioning their devices.
- C. They will use WPA2-PSK with AES when connecting to the SSID.
- D. They will connect to secure_emp SSID after provisioning.
- E. They will perform 802.1X authentication when connecting to the SSID.
Answer:
D,E
Question 5
What are Operator Profiles used for?
- A. to enforce role based access control for Aruba Controllers
- B. to enforce role based access control for ClearPass Policy Manager admin users
- C. to enforce role based access control for ClearPass Guest Admin users
- D. to assign ClearPass roles to guest users
- E. to map AD attributes to admin privilege levels in ClearPass Guest
Answer:
C
Question 6
Refer to the exhibit.
Based on the configuration of the Enforcement Profiles In the Onboard Authorization service shown,
which Onboarding action will occur?
- A. The device will be disconnected from the network after Onboarding so that an EAP-TLS authentication is not performed.
- B. The device will be disconnected from and reconnected to the network after Onboarding is completed.
- C. The device’s onboard authorization request will be denied.
- D. The device will be disconnected after post-Onboarding EAP-TLS authentication, so a second EAP- TLS authentication is performed.
- E. After logging in on the Onboard web login page, the device will be disconnected form and reconnected to the network before Onboard begins.
Answer:
B
Question 7
Which is a valid policy simulation types in ClearPass? (Select three.)
- A. Enforcement Policy
- B. Posture token derivation
- C. Role Mapping
- D. Endpoint Profiler
- E. Chained simulation
Answer:
ACE
Question 8
Refer to the exhibit.
- A. mike
- B. We can't know this from the screenshot above.
- C. Employee
- D. john
Answer:
B
Question 9
Why is a terminate session enforcement profile used during posture checks with 802.1 x
authentication?
- A. To send a RADIUS CoA message from the ClearPass server to the client
- B. To disconnect the user for 30 seconds when they are in an unhealthy posture state
- C. To blacklist the user when they are in an unhealthy posture state
- D. To force the user to re-authenticate and run through the service flow again
- E. To remediate the client applications and firewall do that updates can be installed
Answer:
A
Question 10
Which statement is true about the databases in ClearPass?
- A. Entries in the guest user database do not expire.
- B. A Static host list can only contain a list of IP addresses.
- C. Entries in the guest user database can be deleted.
- D. Entries in the local user database cannot be modified.
- E. The endpoints database can only be populated by manually adding MAC addresses to the table.
Answer:
A