Question No. 1

Which statements art true about controller-initiated and server-initiated login method? (Select two)

AController-initiated login method should be used if the guest user's network login will be handled by the controller-based AP to perform the HTTP post when the user attempts a login.

BController-initiated login method should be used of the guest user's network login will be handled by the guest browser to perform the HTTP port when the user attempts a login

Cserver-in it will login method should be used if the guest user s network login will be handled by the wired switch by standing the authentication request to (PPM when the user attempts a login

Dserver-initiated login method should be used if the guest user's network login will be handled by ClearPass by sending the authentication request to itself when the user attempts a login

Eserver-initiated login method should be used if the guest users network login will be handled by the ClearPass by standing a CoA after authentication request is posted to itself when the user attempts a login

Show Answer

Correct Answer: B, C, D

Question No. 2

A customer is troubleshooting a user that has complained about randomly having issues connecting the network with EAP PEAP using the Corporate Laptop. The initial checks are showing a number of authentication failures but no sign of issues with the ClearPass server or AD.

What can the Customer do to monitor this user Authentication trend closely over the next few days?

Aconfigure a Report using Radius Failed Authentication template and schedule it to run every 5 mins

Bconfigure an Alert using Failed Authentication template with Threshold 1. Interval 5 mins

Cadd the user name in the Insight/Alert/Watchlitst and get the authentication failures notifications within 30 seconds

Dadd to ClearPass Insight Dashboard the Authentication Status widget for this specific user

Show Answer

Correct Answer: C

Question No. 3

Refer to the exhibit.

You have integrated the Cisco switch with ClearPass to do MAC-Auth for Cisco IP Phones. The phones connect to the network successfully but when you try to change the status of the device from the access tracker, you see only the ArubaOS Radius terminate session options and not the Cisco vendor terminate session options. What will you check to fix this issue?

AVerify if the ClearPass supports RADIUS Dynamic Authorization for the Cisco IP Phones doing MAC.AUTH.

BVerify if the Cisco IP Phone is actively connected to the switch to get the Cisco CoA options from ClearPass.

CVerify if the Enable RADIUS Dynamic Authorization option is checked for the Cisco switch added under the network devices.

DVerify that Cisco is chosen as the vendor name while adding the Cisco Switch under network devices.

Show Answer

Correct Answer: D

Question No. 4

Under OnBoard Management and Control, which option will deny the user from re-enrolling one of his devices with Onboard?

View by Certificate >> Click on the device >> Delete certificate

ADelete this client certificate View by Dev >> Click on the device

BManage Access >> Deny access to this device View by Certificate

CClick on the device >> Revoke certificate >> Revoke this client certificate

DView by Username >> Click on the user >> Delete Actions >> Delete all devices

Show Answer

Correct Answer: C

Question No. 5

Refer to the exhibit.

A customer has configured Onboard in a cluster. After the Primary server's failure, the BYOD devices fail to connect to the network. Which step below is the best starting point when troubleshooting'

AVerify the CPPM hostname in OSCP URL under TLS authentication method is updated to localhost instead of primary server's hostname.

BReboot the active ClearPass server and reconnect the client to the SSID by selecting the correct certificate when prompted.

CCheck if a DNS entry is available for the ClearPass hostname in the certificate, resolvable from the DNS server assigned to the client.

DCheck EAP certificate on the secondary node is issued by the same common root Certificate Authority (CA).

Show Answer

Correct Answer: A

Free HP HPE6-A81 Exam Actual Questions

The questions for HPE6-A81 were last updated On Nov 5, 2024