Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which collectors can be used for device profiling? (Select two.)

A.

Username and Password

B.

ActiveSync Plugin

C.

Client’s role on the controller

D.

Onguard agent

E.

Active Directory Attributes

Refer to the exhibit.

What information can be drawn from the audit row detail shown? (Select two.)

A.

radius01 was deleted from the list of authentication sources.

B.

The policy service was moved to position number 4.

C.

radius01 was moved to position number 4.

D.

The policy service was moved to position number 3.

E.

raduis01 was added as an authentication source.

ClearPass and a wired switch are configured for 802.1x authentication with RADIUS CoA (RFC 3576) on UDP port 3799. This port has been blocked by a firewall between the wired switch and ClearPass.

What will be the outcome of this state?

A.

RADIUS Authentications will fail because the wired switch will not be able to reach the ClearPass server.

B.

During RADIUS Authentication, certificate exchange between the wired switch and ClearPass will fail.

C.

RADIUS Authentications will timeout because the wired switch will not be able to reach the ClearPass server.

D.

RADIUS Authentication will succeed, but Post-Authentication Disconnect-Requests from ClearPass to the wired switch will not be delivered.

E.

RADIUS Authentication will succeed, but RADIUS Access-Accept messages from ClearPass to the wired switch for Change of Role will not be delivered.

Refer to the exhibit.

Based on the Guest Role Mapping Policy shown, what is the purpose of the Role Mapping Policy?

A.

to display a role name on the Self-registration receipt page

B.

to send a firewall role back to the controller based on the Guest User’s Role ID

C.

to assign Controller roles to guests

D.

to assign three roles of [Contractor], [Guest] and [Employee] to every guest user

E.

to create additional account roles for guest administrators to assign to guest accounts

Which authentication protocols can be used for authenticating Windows clients that are Onboarded? (Select two.)

A.

EAP-GTC

B.

PAP

C.

EAP-TLS

D.

CHAP

E.

PEAP with MSCHAPv2

Which steps are required to use ClearPass as a TACACS+ Authentication server for a network device? (Select two.)

A.

Configure a TACACS Enforcement Profile on ClearPass for the desired privilege level.

B.

Configure a RADIUS Enforcement Profile on ClearPass for the desired privilege level.

C.

Configure ClearPass as an Authentication server on the network device.

D.

Configure ClearPass roles on the network device.

E.

Enable RADIUS accounting on the NAD.

Which statement is true about the configuration of a generic LDAP server as an External Authentication server in ClearPass? (Choose three.)

A.

Generic LDAP Browser can be used to search the Base DN.

B.

An administrator can customize the selection of attributes fetched from an LDAP server.

C.

The bind DN can be in the administrator@domain format.

D.

A maximum of one generic LDAP server can be configured in ClearPass.

E.

A LDAP Browser can be used to search the Base DN.

A hotel chain deployed ClearPass Guest. When hotel guests connect to the Guest SSID, launch a web browser and enter the address www.google.com, they are unable to immediately see the web login page.

What are the likely causes of this? (Select two.)

A.

The ClearPass server has a trusted server certificate issued by Verisign.

B.

The ClearPass server has an untrusted server certificate issued by the internal Microsoft Certificate server.

C.

The ClearPass server does not recognize the client’s certificate.

D.

The DNS server is not replying with an IP address for www.google.com.

Refer to the exhibit.

Based on the information shown, what is the purpose of using [Time Source] for authorization?

A.

to check how long it has been since the last login authentication

B.

to check whether the guest account expired

C.

to check whether the MAC address is in the MAC Caching repository

D.

to check whether the MAC address status is known in the endpoints table

E.

to check whether the MAC address status is unknown in the endpoints table

Refer to the exhibit.

Based on the Access Tracker output for the user shown, which statement describes the status?

A.

The Aruba Terminate Session enforcement profile as applied because the posture check failed.

B.

A Healthy Posture Token was sent to the Policy Manager.

C.

A RADIUS-Access-Accept message is sent back to the Network Access Device.

D.

The authentication method used is EAP-PEAP.

E.

A NAP agent was used to obtain the posture token for the user.