MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: You art deploying Cleat Pass Policy Manager with Guest functionality for a customer with multiple Aruba Networks Mobility Controllers. The customer wants to avoid SSL errors during guest access but due to company security policy cannot use a wildcard certificate on ClearPass or the Controllers.What is the most efficient way to configure the customer's guest solution? (Select two.)
Question2: Refer to the exhibit.A customer it troubleshooting a client not getting the SHV posture updated and the OnGuard agent shows the Health Status Not Known. What could the user do to update the health status?
Question3: A customer has two different geographical sites deployed with two ClearPass servers in each site. Site A has the Publisher (CPPM1) and a subscriber (CPPM2) and Site B has two subscribers (CPPM3 S CPPM4) All wired and wireless authentication requests from the respective sites are handled by respective CPPMs deployed in the sites When both the CPPM servers in Site B are lost, the authentications from Site B is handled by Site A subscriber (CPPM2). To control the Multi-Master Cache flush and reduce the amount of inter-site traffic, the customer also created a new Policy Manager Zone (Zone1) The Site B CPPM3 & CPPM4 are part of Zone! and Site A CPPM2 is also mapped to Zone1 as it will act as the backup RADIUS server for Site B The corporate laptops are installed with Persistent agent to run the OnGuard check and the OnGuard settings are also mapped to the Zones The Site A corporate user subnets are mapped to default zone and the Site 6 corporate user subnets are mapped to Zone1. The customer has the following issue in the setup: The corporate clients from Site A authenticating against the CPPM2 as their Primary RADIUS server assigns Quarantine enforcement profile even though the user s health status is Healthy.What is the cause of this issue?
Question4: Refer to the exhibit.You have set up a home lab for ACCX exam preparation with Aruba Clear Pass integrated with Aruba Controller and Instant Access Point Guest Mac Caching functionality is configured only for Aruba Controller's guest SSID and a common Web Login page is configured for both NAD devices You tested and verified the mac caching functionality for a client by connecting it to the Aruba Controller's guest SSID.What will happen when you disconnect the client from Aruba Controller's guest SSID and connect it to Instant APs guest SSID?
Question5: What configuration steps should you follow to add terms and conditions page on Guest seIf-registration for CPPM? (Select two).
Question6: You have configured a factory default Aruba controller with Clear Pass for guest access and the NAS vendor settings - Address field in the guest weblogin page is configured with Aruba controller's default self-signed certificate common name "securelogin.arubanetworks.com" that the client will use to submit the authentication request.What happens when the client sends a DNS request to securelogin aruba networks com?
Question7: What is the Secure SSIO (otherwise referred to as Single SSID) OnBoard deployment service workflow?
Question8: Under OnBoard Management and Control, which option will deny the user from re-enrolling one of his devices with Onboard?View by Certificate >> Click on the device >> Delete certificate
Question9: Which using Allow All MAC AUTH, which authentication source should be mapped to the service?
Question10: Refer to the exhibit.A customer with multiple Aruba Controllers has just installed a new certificate for "'.customerdomain.com- on all Aruba Controllers While testing the existing guest Self-Registration page the customer noticed that the logins are failing While troubleshooting they are finding no entries in the Event Viewer or Access Tracker for the tests Suspecting that the Aruba Controllers may not be properly posting the credentials from the guest browser, they open the NAS Vendor Settings for the Guest Self-Registration Page.
Question11: A Customer has these requirements:* 2.000 loT endpoints that use MAC authentication* 6.000 endpoints using a mix of username/password and certificate (Corporate/BYOD) based authentication* 1.000 guest endpoints at peak usage that use guest self-registration* 1500 BYOD devices estimated as 3 devices per User (500 users)* 2.500 endpoints that have OnGuard installed and connect on a daily basis What licenses should be installed to meet customer requirements?
Question12: Refer to the exhibit.A customer hat configured the Aruba Controller for administrative authentication using ClearPass as A TACAC5 serve' During tasting, the read-only user is getting the root access role What could be a possible reason for this behavior? (Select two.)
Question13: Your customer has read about a feature in OnGuard for OnGuard Persistent Agent and Agentless OnGuard that can display a new Posture Results web page to notify that and users with posture results for unhealthy clients after the health check is done. Where do you configure this option?
Question14: Refer to the exhibit.A customer is trying to configure a TACACS Authentication Service for administrative what could be the reason for the Login Status REJECT?
Question15: The customer would like to add a default common self-registration sponsor email under the initial value on all the ten self-registration pages created for different locations except for the guest registration page created for Sunnyvale location to use a different sponsor email in initial value. Under self-registration form fields, you have "Edit" and "Edit Base Field" Which edit options will you choose to make minimal configuration changes to implement the customer's requirement? (Select two)
Question16: Refer to the exhibit.You have configured an Onboard portal for single SSID provision. During testing you notice that the QuickConnect Application did not display the "Connect" button, only the finish button. To get connected the test user had to manually connect to the secure-HS-5007 SSID but was prompted for a username and password. Using the screenshots as a reference, how would you fix this issue?
Question17: A customer has created a Guest Self-Registration page that they would like to use it as 'template' for all the new pages that are going to be created from now on. Their goal is to ensure that the header and footer on every page are the same, and any edits made to them are automatically reflected on every Self-Registration Page.What should be configured in order to accomplish this request?
Question18: The customer has a 19.940 loT devices connected to the network and would like to use Allow All Mac Auth to authenticate the users and enforce the action based on the condition defined with the fingerprint details of the device. Which Authorization source would you use to decide the access of the devices?
Question19: A customer is troubleshooting the OnGuard Client Activity and is looking into the Live Monitoring -> OnGuard Activity section. What is the Status field representing for this client ?
Question20: Refer to the exhibit.You configured the Wired MAC - Auth service enforcement conditions with the Endpoint profiling data When mac-auth based clients connect to the network, ClearPass assigns Deny access profile. The customer has sent you the above screenshots How would you resolve the issue?