HP HPE6-A67 시험

Question No : 1

when a role mapping policy should be used in an 802.1x service with Active Directory as the authentication source?

• A.When you want to send roles from the AD user to enforcement policies directly from AD attributes.
• B.When you want to send Aruba firewall roles back to the Aruba Network Access Drive.
• C.When you want to translate and combine AD attributes into ClearPass roles.
• D.When you want to enable attributes as roles directly without combining multiple attributes

답을 확인하기

정답:

Question No : 2

Which Authorization Source supports device profile enforcement?

• A.Local User Repository
• B.OnGuard Repository
• C.Endpoints Repository
• D.Guest User Repository

답을 확인하기

정답:

Question No : 3

Which most accurately describes the “Select All Matches” rule evaluation algorithm in Enforcement Policies?

• A.All rules are checked for any matching rules and their respective Enforcement profiles are applied.
• B.All rules is checked, and if there is no match, no Enforcement profile is applied.
• C.Each rule is checked, and once a match if found, the Enforcement profile assigned to that rule is applied, along with the default Enforcement profile.
• D.Each rule is checked, and once a match is found, the Enforcement profile assigned to that rule is applied and the rule matching stops.

답을 확인하기

정답:
Explanation:
Reference: https://www.catelsys.eu/images/Catelsys/images/2017/04/0-Notices­ClearPass_Policy_Manager_User_Guide-1.pdf

Question No : 4

Refer to the exhibit.



Which user authentication request will match the service rules of the Policy Service shown?

• A.a wireless user connecting to an Aruba IAP on the SSID “CORP”
• B.a wireless user connection would fail because of miss-configured service rules.
• C.a wireless user connecting to any SSID on an Aruba Controller
• D.a wireless user connected to any SSID named “CORP”

답을 확인하기

정답:

Question No : 5

Which items would ClearPass be useful for? (Choose three.)

• A.Unified wired and wireless access control
• B.Access control on transient networks
• C.Administrative access control
• D.User device management
• E.Firewall configuration management

답을 확인하기

정답:
Explanation:
Reference: https://h20195.www2.hpe.com/v2/GetPDF.aspx/4AA6-2768ENW.pdf

Question No : 6

Which actions are necessary to set up a ClearPass guest captive portal web login page to execute with no errors? (Choose three.)

• A.Configure the vendor settings in the Network Access Device to match the web login page.
• B.Install a public issued HTTPS certificate in ClearPass Policy Manager.
• C.Install a public issued HTTPS certificate in the Network Access Device.
• D.Configure the vendor settings in the Web Login Page to match the Network Access Device.
• E.Install an enterprise issued HTTPS certificate in the Network Access Device.
• F.Configure the external web-auth URL on the Network Access Device for HTT

답을 확인하기

정답:

Question No : 7

What is the function of the primary and backup servers when configuring an authentication source in ClearPass?

• A.The primary server and backup servers can be configured for round-robin.
• B.The primary server can be from one Active Directory domain; the backup server can be from another.
• C.The primary server is always authenticated first, then the backup is used if authentication fails.
• D.The primary server is always authenticated first, then the backup is used if that times out.

답을 확인하기

정답:
Explanation:
Reference: https://community.arubanetworks.com/t5/Security/CPPM-amp-AD-Questions-Re-Auth/td­p/74888

Question No : 8

Select three elements that are part of the authorization process. (Choose three.)

• A.Send a RADIUS accept to the Access device.
• B.Verify client credentials against your account.
• C.Determine posture status.
• D.Validate the user account attributes.
• E.Filter by endpoint device type.

답을 확인하기

정답:
Explanation:
Reference: http://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c05320375-1.pdf

Question No : 9

Which statements describe subnet scans for static IP device discovery? (Choose two.)

• A.To run an On-Demand Subnet Scan, you must first configure a subnet scan in the profile settings.
• B.The On-Demand option provides the ability to trigger a one-time scan in specified network subnets.
• C.The On-Demand option provides the ability to scan and profile devices only with static I
• D.Only SNMP can be used for subnet scans for subnets configured for DHC
• E.Subnet scans can be scheduled to execute a scan every 24 hrs for configured subnets.

답을 확인하기

정답:

Question No : 10

Your boss suggests that you configure a guest self-registration page in ClearPass for the Conference Events SSID.
Which advantages will this give? (Choose two.)

• A.It will allow guest users to create a login account for the web login page.
• B.It will stop employees from putting their corporate devices on the event network.
• C.It will allow employees to get their own devices securely connected to the network.
• D.It will allow the Conference center to collect extra information about the guest.
• E.It can be pre-located with guest information from the conference registration.

답을 확인하기

정답: