QUESTION: 21

A hotel chain deployed ClearPass Guest. When hotel guests connect to the Guest SSID, launch a web browser and enter the address www.google.com, they are unable to immediately see the web login page.
What are the likely causes of this? (Select two.)

The ClearPass server has a trusted server certificate issued by Verisign.
The ClearPass server has an untrusted server certificate issued by the internal Microsoft Certificate server.
The ClearPass server does not recognize the client's certificate.
The DNS server is not replying with an IP address for www.google.com.

Answer(s): B,D

Explanation:

You would need a publicly signed certificate.

Reference:

http://community.arubanetworks.com/t5/Security/Clearpass-Guest-certificate-error-for- guest-visitors/td-p/221992

Reveal Solution Next Question

QUESTION: 22

Refer to the exhibit.

An Enforcement Profile has been created in the Policy Manager as shown.

Which action will ClearPass take based on this Enforcement Profile?

ClearPass will count down 600 seconds and send a RADIUS CoA message to the user to end the user's session after this time is up.
ClearPass will send the Session-Timeout attribute in the RADIUS Access-Accept packet to the NAD and the NAD will end the user's session after 600 seconds.
ClearPass will count down 600 seconds and send a RADIUS CoA message to the NAD to end the user's session after this time is up.
ClearPass will send the Session-Timeout attribute in the RADIUS Access-Request packet to the NAD and the NAD will end the user's session after 600 seconds.
ClearPass will send the Session-Timeout attribute in the RADIUS Access-Accept packet to the User and the user's session will be terminated after 600 seconds.

Answer(s): E

Explanation:

Session Timeout (in seconds) - Configure the agent session timeout interval to re-evaluate the system health again. OnGuard triggers auto-remediation using this value to enable or disable AV-RTP status check on endpoint. Agent re-authentication is determined based on session-time out value. You can specify the session timeout interval from 60 600 seconds. Setting the lower value for session timeout interval results numerous authentication requests in Access Tracker page. The default value is 0.

Reference:

http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/CPPM_User Guide/Enforce/EPAgent_Enforcement.htm

Reveal Solution Next Question

QUESTION: 23

Refer to the exhibit.

Based on the information shown, what is the purpose of using [Time Source] for authorization?

to check how long it has been since the last login authentication
to check whether the guest account expired
to check whether the MAC address is in the MAC Caching repository
to check whether the MAC address status is known in the endpoints table
to check whether the MAC address status is unknown in the endpoints table

Answer(s): D

Reveal Solution Next Question

QUESTION: 24

A customer with an Aruba Controller wants it to work with ClearPass Guest. How should the customer configure ClearPass as an authentication server in the controller so that guests are able to authenticate successfully?

Add ClearPass as a RADIUS CoA server.
Add ClearPass as a RADIUS authentication server.
Add ClearPass as a TACACS+ authentication server.
Add ClearPass as an HTTPS authentication server.

Answer(s): B

Explanation:

5. Configuring the Aruba Controller
5.1 Add Clearpass as RADIUS Server
Navigate to Configuration > SECURITY > Authentication > Servers Click on RADIUS Server and enter the Name of your Clearpass Server: myClearpass Click Add
Click on myClearpass in the Server List Etc.

Reference:

https://community.arubanetworks.com/t5/Security/Step-by-Step-Controller-CPPM-6-5- Captive-Portal-authentication/td-p/229740

Reveal Solution Next Question

Free HPE6-A68 Exam Braindumps (page: 7)

QUESTION: 21

Explanation:

Reference:

QUESTION: 22

Explanation:

Reference:

QUESTION: 23

QUESTION: 24

Explanation:

Reference:

HPE6-A68 Discussions & Posts