Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Refer to the exhibit.

Your customer has configured the 802.1 X service enforcement conditions with the Endpoint profiling data. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly What is the cause of the issue?

A.

An additional authorization source should be configured for profiling to work.

B.

The enforcement policy rules evaluation algorithm is not configured correctly.

C.

The option, use cached roles and posture from previous sessions should be enabled.

D.

The enforcement policy conditions configured with profiling data are not correct

Your customer has recently implemented a seIf-registration portal in ClearPass Guest to be used on a Guest SSID broadcast from an Aruba controller Your customer has started complaining that the users are not able to reliably access the Internet after clicking the login button on the receipt page They tell you that the users will click the login button multiple times and after about a minute they gam access.

What could be causing this issue?

A.

The enforcement profile on ClearPass is set up with an IETF:session delay.

B.

The self-registration page is configured with a 1 minute login delay.

C.

The guest users are assigned a firewall user role that has a rate limit.

D.

The guest users are assigned multiple DNS servers delaying DNS response.

A customer has a Clear Pass cluster deployment with four servers, two servers at the data center and two servers at a large remote site connected over an SO-WAN solution. The customer would like to implement OnGuard. Guest Self-Registration, and 802.1 X authentication across their entire environment. During testing the customer is complaining that users connecting to an Instant Cluster Employee S5ID at the remote site, with the OnGuard Persistent Agent installed are randomly getting their health check missed.

What could be a possible cause of this behavior?

A.

The traffic on the TCP port 6658 is congested due to the fact that this port is also used by the IPSec keep-alive packets of the SO-WAN solution.

B.

The OnGuard Clients are automatically mapped to the Policy Manager Zone based on their IP range but an ACL on the switch could be blocking access.

C.

The Aruba-user-role received by the IAP is filtering the TCP port 6658 to the Clear Pass servers and after 10 seconds the SSL fallback gets activated and randomly generates the issue

D.

The ClearPass Policy Manager zones have been defined but the local IP subnets have not but properly mapped to the zones and the OnGuard Agent might connect to any of the servers in the cluster.

A customer has deployed an OnGuard Solution to all the corporate devices using a group policy result to push the OnGuard Agtnts. The network administrator is complaining that soma of the agents are communicating to the ClearPass server that is located in a DMZ. outside the firewall The network administrator wants all of the agents System Health Validation traffic to stay inside the Management subnets.

What can the ClearPass administrator do to move the traffic only to the ClearPass Management Ports?

A.

Select the correct OnGuard Agent installer, and use the one configured for Management Port for the clients.

B.

Filter TCP port 6658 on the firewall, forcing the OnGuard agent to use the ClearPass Management port.

C.

Configure a Policy Manager Zone mapping so the OnGuard agent will use the Management Port IP.

D.

Edit the agent.conf file being deployed to the clients to use the ClearPass Management Port for SHV updates

A customer is troubleshooting the OnGuard Client Activity and is looking into the Live Monitoring -> OnGuard Activity section. What is the Status field representing for this client ?

A.

the Client health status is HEALTHY

B.

the Client has been successfully profiled

C.

the Client is online and sends keep-alive messages

D.

the Client is successful authenticated

Refer to the exhibit.

The customer configured a guest operator access by creating a custom operator profile and the built-in universal ClearPass profile mapping translation rule. When he tests the setup, he gets authentication failed. Using the streenshots sent by the customer as a reference, what would suggest to the customer to fix the issue?

A.

To map the operator profile name HS_Receptionist in the translation rule value field

B.

To re-enter the correct username and password for the Active Directory user Mike07.

C.

To correct the case sensitive attribute name in the enforcement profile to admin_privileges

D.

To verify if the username Mike07 has the Active Directory Title attribute set as Reception.

What is used to validate the EAP Certificate? (Select two.)

A.

Key usage

B.

Date

C.

Server Identity

D.

SAN entries

E.

Common Name