Questions for the HPE6-A68 were updated on : Oct 04 ,2024
Refer to the exhibit.
An AD users department attribute value is configured as QA. The user authenticates from a laptop
running MAC OS X.
Which role is assigned to the user in ClearPass?
C
Explanation:
None of the Listed Role Name conditions are met.
Refer to the exhibit.
Based on the Attribute configuration shown, which statement accurately describes the status of
attribute values?
D
Which components can use Active Directory authorization attributes for the decision-making
process? (Select two.)
C,D
Explanation:
C: Role Mappings Page - Rules Editor Page Parameters
D: Enforcement Policy Attributes tab Parameters
References:
http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/CPPM_UserGuide/identity/RoleMappingPolicies.html
http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/CPPM_User
Guide/PolicySim/PS_Enforcement_Policy.htm
Refer to the exhibit.
Based on the Authentication sources configuration shown, which statement accurately describes the
outcome if the user is not found?
D
Explanation:
Policy Manager looks for the device or user by executing the first filter associated with the
authentication source.
After the device or user is found, Policy Manager then authenticates this entity against this
authentication
source. The flow is outlined below:
* On successful authentication, Policy Manager moves on to the next stage of policy evaluation,
which
collects role mapping attributes from the authorization sources.
* Where no authentication source is specified (for example, for unmanageable devices), Policy
Manager
passes the request to the next configured policy component for this service.
* If Policy Manager does not find the connecting entity in any of the configured authentication
sources, it
rejects the request.
References: ClearPass Policy Manager 6.5 User Guide (October 2015), page 134
https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/5
2/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf
Which authorization servers are supported by ClearPass? (Select two.)
B,D
Explanation:
Authentication Sources can be one or more instances of the following examples:
* Active Directory
* LDAP Directory
* SQL DB
* Token Server
* Policy Manager local DB
References: ClearPass Policy Manager 6.5 User Guide (October 2015), page 114
https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/5
2/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf
Which CLI command is used to upgrade the image of a ClearPass server?
B
Explanation:
When logged in as appadmin, you can manually install the Upgrade and Patch binaries imported via
the CLI using the
following commands:
* system update (for patches)
* system upgrade (for upgrades)
References: ClearPass Policy Manager 6.5 User Guide (October 2015), page 564
https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/5
2/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf
Which steps are required to use ClearPass as a TACACS+ Authentication server for a network device?
(Select two.)
A,C
Explanation:
You need to make sure you modify your policy (Configuration Enforcement Policies Edit -
[Admin Network Login Policy]) and add your AD group settings in to the corresponding privilege
level.
What are Operator Profiles used for?
C
Explanation:
An operator profile determines what actions an operator is permitted to take when using ClearPass
Guest.
References:
http://www.arubanetworks.com/techdocs/ClearPass/CPGuest_UG_HTML_6.5/Content/OperatorLog
ins/OperatorProfiles.htm
Refer to the exhibit.
In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?
In the Aruba RADIUS dictionary shown, what is the purpose of the RADIUS attributes?
C
Refer to the exhibit.
Based on the Guest Role Mapping Policy shown, what is the purpose of the Role Mapping Policy?
C
A customer wants all guests who access a companys guest network to have their accounts approved
by the receptionist, before they are given access to the network.
How should the network administrator set this up in ClearPass? (Select two.)
A,D
Explanation:
A: Sponsored self-registration is a means to allow guests to self-register, but not give them full access
until a sponsor (could even be a central help desk) has approved the request. When the registration
form is completed by the guest/user, an on screen message is displayed for the guest stating the
account requires approval.
Guests are disabled upon registration and need to wait on the receipt page for the confirmation until
the login button gets enabled.
D. Device Mac Authentication is designed for authenticating guest devices based on their MAC
address.
References: ClearPass Policy Manager 6.5 User Guide (October 2015), page 94
https://community.arubanetworks.com/aruba/attachments/aruba/SoftwareUserReferenceGuides/5
2/1/ClearPass%20Policy%20Manager%206.5%20User%20Guide.pdf
Refer to the exhibit.
When configuring a Web Login Page in ClearPass Guest, the information shown is displayed.
What is the page name field used for?
A
Explanation:
The Page Name is an identifier page name that will appear in the URL -- for example,
"/guest/page_name.php".
References:
http://www.arubanetworks.com/techdocs/ClearPass/CPGuest_UG_HTML_6.5/Content/Configuratio
n/CreateEditWebLogin.htm
Refer to the exhibit.
When configuring a Web Login Page in ClearPass Guest, the information shown is displayed.
What is the Address field value securelogin.arubanetworks.com used for?
C
Refer to the exhibit.
A guest connects to the Guest SSID and authenticates successfully using the guest.php web login
page.
Based on the MAC Caching service information shown, which statement about the guests MAC
address is accurate?
D
A university wants to deploy ClearPass with the Guest module. The university has two types that
need to use web login authentication. The first type of users are students whose accounts are in an
Active Directory server. The second type of users are friends of students who need to self-register to
access the network.
How should the service be set up in the Policy Manager for this network?
A