[Nov 16, 2021] Pass Your HPE6-A77 Dumps Free Latest HP Practice Tests [Q11-Q28]

[Nov 16, 2021] Pass Your HPE6-A77 Dumps Free Latest HP Practice Tests

Get Top-Rated HP HPE6-A77 Exam Dumps Now

NEW QUESTION 11
You are integrating a Postgres SQL server with the ClearPass Policy Manager What steps will you follow to complete the integration process? (Select three)

• A. Specify a new filter with filter queries to fetch authentication and authorization attributes.
• B. Create a new Endpoint context server andadd the SQL server IP, credentilas and the database name.
• C. Click on the default filter name with pre-defined filter queries and check box to enable as role.
• D. Alias Name under filter configuration must match one of the columns being requested from the database table.
• E. Attribute Name under filter configuration must match one of the columns being requested from the database table.
• F. Create a new authentication source and add the SQL server IP, credentials and the database name.

Answer: A,B,F

 

NEW QUESTION 12
Refer to the exhibit:

A customer is deploying Guest Self-Registration with Sponsor Approval but does not like the format of the sponsor email. Where can you change the sponsor email?

• A. in the Receipt Page - Actions
• B. in the Sponsor Confirmation section
• C. in the Configuration - Receipts - Templates
• D. in me Configuration - Receipts - Email Receipts

Answer: B

 

NEW QUESTION 13
Refer to the exhibit:





A year ago, your customer deployed an Aruba ClearPass Policy Manager Server for a Guest SSIC hosted in an IAP Cluster.The customer just created a new Web Login Page forthe Guest SSID. Even though the previous Web Login page worked test with the new Web Login Page are falling and the customer has forwarded you the above screenshots What recommendation would you give the customer to tix the issue?

• A. The Address filed under the WebLogin Vendor settings is not configured correctly, it should be set to instantarubanetworks.com
• B. The customer should reset the password tor the username accx@exam com using Guest Manage Accounts
• C. The service type configured is not correct. The Guest authentication should De an Application authentication type of service.
• D. The WebLogin Pre-Auth Check is set to Aruba Application Authentication which requires a separate application service on the policy manager

Answer: C

 

NEW QUESTION 14
A customer has deployed an OnGuard Solution to all the corporate devices using a group policy rule to push the OnGuard Agents. The network administrator is complaining that some of the agents are communicating to the ClearPass server that is located in a DMZ, outside the firewall The network administrator wants all of the agents System Health Validation traffic to stay inside the Management subnets.
What can the ClearPass administrator do to move the traffic only to the ClearPass Management Ports?

• A. Filter TCP port 6658 on the firewall, forcing the OnGuard agent to use the ClearPass Management port.
• B. Select the correct OnGuard Agent installer, and use the one configured for Management Port for the clients.
• C. Edit the agent.conf file being deployed to the clients to use the ClearPass Management Port for SHV updates.
• D. Configure a Policy Manager Zone mapping so the OnGuard agent will use the Management Port IP.

Answer: D

 

NEW QUESTION 15
Refer to the exhibit:

The customer complains that the user shown cannot log into the ClearPass Server as an administrator using the
[Policy Manager Admin Network Login Service]. What could be the reason for this?

• A. The local user authentication might be disabled
• B. The account created does not fit this purpose.
• C. The mapping on the role should be changed to [RADIUS Super Admin]
• D. The user might be used for a TACACS authentication

Answer: B

 

NEW QUESTION 16
How does the RadSec improve the RADIUS message exchange? (Select two.)

• A. It uses UDP to exchange the radius packets.
• B. It builds a TTLS tunnel between the NAD and ClearPass.
• C. It encrypts the entire RADIUS message.
• D. Only the NAD needs to trust the ClearPass Certificate.
• E. It can be used on an unsecured network or the Internet.

Answer: A,C

 

NEW QUESTION 17
There is an Aruba Controller configured to send Guest AAA requests to ClearPass. If the customer would like the most effective way to ensure the lowest license usage counts, how should the controller be configured?

• A. Configure EAP Termination on the Aruba Controller and the client will send a stop message.
• B. Aruba Controller will send stop messages only if EAP termination and Interim accounting are enabled.
• C. Aruba Controller will send stop messages only if both accounting and interim accounting are enabled.
• D. Aruba Controller will send stop messages if RADIUS Accounting Server Group is defined in the authentication profile.

Answer: A

 

NEW QUESTION 18
A customer is planning to implement machine and user authentication on infrastructure with one Aruba Controller and a single ClearPass Server What should the customer consider while designing this solution?
(Select three.)

• A. The Windows User must log off, restart or disconnect their machine to initiate a machine authentication before the cache expires.
• B. The customer does not need to worry about Multi-Master Cache Survivability because the Controller will also cache the machine state.
• C. Machine Authentication only uses EAP TLS, as such a PKI infrastructure should be in place for machine authentication.
• D. Onboard must be used to install the Certificates on the personal devices to do the user and machine authentication.
• E. The machine authentication status is written in the Multi-master cache on the ClearPass Server for 24 hrs.
• F. The Customer should enable Multi-Master Cache Survivability as the Aruba Controller will not cache the machine state.

Answer: C,D,E

 

NEW QUESTION 19
Refer to the exhibit:

A customer has configured Onboard in a cluster. After the Primary server's failure, the BYOD devices fail to connect to the network. What would you do to troubleshoot?

• A. Reboot the active ClearPass server and reconnect the client to the SSID by selecting the correct certificate when prompted
• B. Check EAP certificate on the secondary node is issued by the same common root Certificate Authority (CA)
• C. Check if a DNS entry is available for the ClearPass hostname in the certificate, resolvable from the DNS server assigned to the client
• D. Verify
  the OSCP URL under TLS authentication method is mapped to http://localhost/guestmdps_ocsp.php/2

Answer: A

 

NEW QUESTION 20
A customer has acquired another company that has its own Active Directory infrastructure The 802 1X authentication works with the customers original Active Directory servers but the customer would like to authenticate users from the acquired company as well. What steps are required, in regards to the Authentication Sources, in order to support this request? (Select two.)

• A. Create a new Authentication Source, type Generic LDAP.
• B. There is no need to Join ClearPass to the new AD domain.
• C. Add the new AD server(s) as backup into the existing Authentication Source.
• D. Create a new Authentication Source, type Active Directory.
• E. Join the ClearPass server(s) to the new AD domain.

Answer: B,E

 

NEW QUESTION 21
Refer to the exhibit:





You configured the 802 1 x service enforcement conditions with the Endpoint profiling data. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly.
What is the cause of the issue?

• A. An additional authorization source should be configured for profiling to work.
• B. The enforcement policy rules evaluation algorithm Is not configured correctly.
• C. The enforcement policy conditions configured with profiling data are not correct.
• D. The option, use cached roles and posture from previous sessions should be enabled.

Answer: C

 

NEW QUESTION 22
Refer to the exhibit:

You have configured Onboard but me customer could not onboard one of his devices and has sent you the above screenshots. How could you resolve the issue?

• A. Increase the maximum number ofdevices allowed by the individual user account.
• B. Instruct the user to delete the profile on one of their other BYOD devices.
• C. Instruct the user to run the Quick connect application in Sponsor Mode.
• D. Increase the maximum number ofdevices that all users can provision to 3.

Answer: D

 

NEW QUESTION 23
Refer to the exhibit:

A customer has just configured a Posture Policy and the T2-Healthcheck Service. Next they installed the OnGuard Agent on Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered.
What could be the reason?

• A. OnGuard Web-Based Health Check interval has been wrongly configured to three minutes.
• B. The OnGuard Agent trigger the events based on changing the Health Status
• C. TCP port 6658 is not allowed between the client and the ClearPass server
• D. The OnGuard Agent is connecting to the Data Port interface on ClearPass

Answer: A

 

NEW QUESTION 24
A customer is looking to implement a Web-Based Health Check solution with the following requirements:
* for the HR user's client devices, check if a USB stick is mounted.
* for the R&D user's client devices, check if the hard disk is fully encrypted.
The Web-Based Health Check service has been configured but the customer it is not sure how to design the Profile Policy How can be accomplished this customer request?

• A. create one Posture Policy to check the HR users client devices and use the NAP Agent to check R&D users client devices
• B. create two Posture Policies and use the Restrict by Roles option to filter for HR and R&D user roles and apply the correct SHV checks
• C. create one Posture Policy and define Rules Conditions that will apply different Tokens for each SHV check condition
• D. create two Posture Policies and customize the OnGuard Agent (Persistent or Dissolvable) to select the correct SHV checks

Answer: D

 

NEW QUESTION 25
Refer to the exhibit:


A customer has configured a service with the Onboard Devices Repository as an Authentication Source and an Active Directory Domain Server as an Authorization Source. What will happen if the client certificate is still valid and the user account associated with the certificate is disabled in Active Directory?

• A. ClearPass will redirect the client to Onboard again
• B. ClearPass will allow the device to access the network.
• C. ClearPass will block network access to the device
• D. ClearPass will not process the request
• E. Enforcement will apply the [Deny Access Profile]

Answer: C

 

NEW QUESTION 26
A customer has created a Guest Sett-Registration page that they would like to use it as'template'for all the new pages that are going to be created from now on. Their goal is to ensure that the header and footer on every page are the same, and any edits made to them are automatically reflected on every Self-Registration Page.
What should be configured in order to accomplish this request?

• A. Save this "template" page as a new Skin to be used on other Self-Registration pages
• B. Save the "template" page as Master Self-Registration page
• C. Copy the "template" page and edit it each time a new Self-Registration Page is needed
• D. Create child pages when creating new Self-Registration pages and select the "template" as Parent

Answer: A

 

NEW QUESTION 27
A Customer has these requirements:
* 2.000 loT endpoints that use MAC authentication
* 6,000 endpoints using a mix of username/password and certificate (Corporate/BYOD) based authentication
* 1,000 guest endpoints at peak usage that use guest self-registration
* 1500 BYOD devices estimated as 3 devices per User (500 users)
* 2,500 endpoints that have OnGuard installed and connect on a daily basis What licenses should be installed to meet customer requirements?

• A. 11,500 Access, 1,500 Onboard, 2.500 Onguard
• B. 9,000 Access, 500 Onboard. 2.500 Onguard
• C. 13.000 Access, 1.500 Onboard, 2,500 Onguard
• D. 11,500 Access, 500 Onboard, 2,500 Onguard

Answer: A

 

NEW QUESTION 28
......

HP HPE6-A77 Exam Syllabus Topics:

Topic	Details
Topic 1	Integration of Endpoint Profiling into Enforcement Cluster Layout positioning of Publisher and Subscribers, Use of Policy Manager Zones
Topic 2	Configuration and enforcement of webauth service for posture Authentication Sources Including Active Directory
Topic 3	High Availability and Redundancy Design, including Virtual IP addressing and Standby Publisher Secure Access Design and Implementation
Topic 4	Integration of Posture results in secure service Enforcement Authentication Methods and OCSP to insure proper Certificate revocation
Topic 5	Quarantine and remediation based on Posture Token and the status of the agent Implimentation of both Server and Controller Initiated Captive Portal Authentication
Topic 6	TACACS authentication from Network Access Devices Integration of Authorization Sources and External Context Servers into Enforcement
Topic 7	ClearPass Admin Login service processing and profile mapping Secure Access Services and Enforcement, Role Mapping
Topic 8	Implimenting Guest Access on both wired and wireless infrastructure Understand Service Selection Rules Guest Access Design and Implementation

 

Passing Key To Getting HPE6-A77 Certified Exam Engine PDF: https://actualtests.testbraindump.com/HPE6-A77-exam-prep.html