New 2021 Realistic Free HP HPE6-A77 Exam Dump Questions & Answer
HPE6-A77 Practice Test Engine: Try These 60 Exam Questions
NEW QUESTION 15
Refer to the exhibit:


You are doing a ClearPass PoC at a customer site with a single Aruba Mobility Controller. The customer asked for a demonstration of a simple Web Login functionality. You used a service template to create the guest services. During testing, the usergets redirected back to the weblogin page with an Authentication failed message. The guest configurations on the Aruba Mobility Controller are configured correctly.
Why would the guest fail to authenticate successfully?
- A. The Unique-Device-Count does not allow any Client devices.Update the Enforcement policy condition:
Unique-Device-Count. - B. The authentication source mapped in the service is incorrect, it should be mapped as (Guest Device Repository] [Local SQL DB].
- C. The username and/or password used for authentication is incorrect Re-enter the correct password on the weblogin page.
- D. The username used for authentication does not exist in the Guest User Database Create a new user and authenticate again.
Answer: B
NEW QUESTION 16
Refer to the exhibit:

A customer has configured a Guest Self registration page for their Cisco Wireless network with the settings shown. What should be changed in order to successfully authenticate guests users?
- A. Login Method should be Controller-initiated - using HTTPs form submit
- B. Change \he IP Address to the Cisco Controller DNS name
- C. Secure Login should use HTTP
- D. Change the Vendor Settings to Airespace Networks
Answer: B
NEW QUESTION 17
Refer to the exhibit:



Your company has a postgres SQL database with the MAC addresses of the company-owned tablets You have configured a role mapping condition to tag the SQL devices. When one of the tablets connects to the network, it does not get the correct role and receives a deny access profile.
How would you resolve the issue?
- A. Edit the SQL authentication source niter attributes and modify the SQL server filter query.
- B. Enable authorization tab in the service and add the SQL server as an authorization source.
- C. Remove SQL condition from role mapping policy and add it under the enforcement policy conditions.
- D. Add the SQL server as an authentication source and map .t under the authentication tab in the service.
Answer: A
NEW QUESTION 18
A customer has deployed an OnGuard Solution to all the corporate devices using a group policy rule to push the OnGuard Agents. The network administrator is complaining that some of the agents are communicating to the ClearPass server that is located in a DMZ, outside the firewall The network administrator wants all of the agents System Health Validation traffic to stay inside the Management subnets.
What can the ClearPass administrator do to move the traffic only to the ClearPass Management Ports?
- A. Filter TCP port 6658 on the firewall, forcing the OnGuard agent to use the ClearPass Management port.
- B. Select the correct OnGuard Agent installer, and use the one configured for Management Port for the clients.
- C. Edit the agent.conf file being deployed to the clients to use the ClearPass Management Port for SHV updates.
- D. Configure a Policy Manager Zone mapping so the OnGuard agent will use the Management Port IP.
Answer: D
NEW QUESTION 19
Refer to the exhibit:
A customer with multiple Aruba Controllers has just installed a new certificate for "*.customerdomain com" on all Aruba Controllers. While testing the existing guest Self-Registration page the customer noticed that the logins are failing. While troubleshooting they are finding no entries in the Event Viewer or Access Tracker for the tests. Suspecting that the Aruba Controllers may not be properly posting the credentials from the guest browser, they open the NAS Vendor Settings for the Guest Self-Registration Page. From the screen shown, how can you fix the errors?
- A. Change the "Secure Login:" field to "Use Vendor Default".
- B. Add PTR records on the DNS server for "securelogin.arubanetworks.com".
- C. Change the "IP Address: field to" securelogin.customerdomain.com.
- D. Change the "IP Address field to "captiveportal-login.customerdomain.com".
Answer: A
NEW QUESTION 20
Refer to the exhibit:
A customer is deploying Guest Self-Registration with Sponsor Approval but does not like the format of the sponsor email. Where can you change the sponsor email?
- A. in the Receipt Page - Actions
- B. in the Sponsor Confirmation section
- C. in the Configuration - Receipts - Templates
- D. in me Configuration - Receipts - Email Receipts
Answer: B
NEW QUESTION 21
Refer to the exhibit:




You have configured an Onboard portal for single SSID provision. During testing you notice that the QuickConnect Application did not display the "Connect" button, only the finish button. To get connected the test user had to manually connect to the secure-HS-5007 SSID but was prompted for a username and password.
Using the screenshots as a reference, how would you fix this issue?
- A. Check the network settings for the correct SSID name spelling.
- B. Install a public signedHTTPs web server certificate on the ClearPass server.
- C. Change the network settings to use EAP-TLS for the authentication protocol.
- D. Configure the SSID to support both EAP-PEAP and EAP-TLS authentication method.
Answer: A
NEW QUESTION 22
Refer to the exhibit:
The customer complains that the user shown cannot log into the ClearPass Server as an administrator using the
[Policy Manager Admin Network Login Service]. What could be the reason for this?
- A. The local user authentication might be disabled
- B. The account created does not fit this purpose.
- C. The mapping on the role should be changed to [RADIUS Super Admin]
- D. The user might be used for a TACACS authentication
Answer: B
NEW QUESTION 23
You are integrating a Postgres SQL server with the ClearPass Policy Manager What steps will you follow to complete the integration process? (Select three)
- A. Specify a new filter with filter queries to fetch authentication and authorization attributes.
- B. Create a new Endpoint context server andadd the SQL server IP, credentilas and the database name.
- C. Click on the default filter name with pre-defined filter queries and check box to enable as role.
- D. Alias Name under filter configuration must match one of the columns being requested from the database table.
- E. Attribute Name under filter configuration must match one of the columns being requested from the database table.
- F. Create a new authentication source and add the SQL server IP, credentials and the database name.
Answer: A,B,F
NEW QUESTION 24
Refer to the Exhibit:

A customer wants to integrate posture validationinto an Aruba Wireless 802.1X authentication service During testing, the client connects to the Aruba Employee Secure SSID and is redirected to the Captive Portal page where the user can download the OnGuard Agent After the Agent is installed, the client receives the Healthy token the client remains connected to the Captive Portal page ClearPass is assigning the endpoint the following roles: T2-Staff-User. (Machine Authenticated! and T2-SOL-Device.
What could cause this behavior?
- A. The Enforcement Policy conditions for rule 1 are not configured correctly.
- B. RFC-3576 Is not configured correctly on the Aruba Controller and does not update the role.
- C. The Enforcement Profile should bounce the connection instead of a Terminate session
- D. Used Cached Results: has not been enabled In the Aruba 802.1X Wireless Service
Answer: D
NEW QUESTION 25
Refer to the exhibit:
A customer has just configured a Posture Policy and the T2-Healthcheck Service. Next they installed the OnGuard Agent on Secure_Employee SSID. When they check Access Tracker they see many WEBAUTH requests are being triggered.
What could be the reason?
- A. OnGuard Web-Based Health Check interval has been wrongly configured to three minutes.
- B. The OnGuard Agent trigger the events based on changing the Health Status
- C. TCP port 6658 is not allowed between the client and the ClearPass server
- D. The OnGuard Agent is connecting to the Data Port interface on ClearPass
Answer: A
NEW QUESTION 26
Refer to the exhibit:
A customer has configured Onboard and Windows devices workas expected but cannot get the Apple iOS devices to Onboard successfully. Where would you look to troubleshoot the Issued (Select two)
- A. Check if the customer has installed the sameinternal PKl signed RADIUS server certificate as the HTTPS server certificate.
- B. Check if the customer has Instated a custom HTTPS certificate for IDS and another internal PKl HTTPS certificate for other devices.
- C. Check if the ClearPass HTTPS server certificate installed in the server is issued by a trusted commercial certificate authority.
- D. Check if the customer installed the internal PKl Root certificate presented by the ClearPass during the provisioning process.
- E. Check if a DNS entryis available for the ClearPass hostname in the certificate, resolvable from the DNS server assigned to the client.
Answer: C,E
NEW QUESTION 27
You have Integrated ClearPass Onboard with Active Directory Certificate Services (ADCS) web enrollment to sign the Anal device TLS certificates The Onboard provisioning process completes successfully but when the user finally clicks connect, the user falls to connect to the network with an unknown_ca certificate error.
What steps will you follow to complete the requirement?
- A. Make sure that the ClearPass servers are using the default self-signed certificates for both SSL and RADIUS server identity
- B. Export the self-signed certificate from the ClearPass servers and manually add them as trusted certificates in clients
- C. Add the ADCS root certificate to both the CPPM Certificate trust list and to the Onboard Certificate Store trust list
- D. Make sure both the ClearPass servers have different certificates used for both SSL and RADIUS server identity.
Answer: A
NEW QUESTION 28
What is used to validate the EAP Certificate? (Select three.)
- A. Common Name
- B. Server Identity
- C. SAN entries
- D. Key usage
- E. Trust chain
- F. Date
Answer: A,D,E
NEW QUESTION 29
Refer to the exhibit:




You configured the 802 1 x service enforcement conditions with the Endpoint profiling data. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly.
What is the cause of the issue?
- A. An additional authorization source should be configured for profiling to work.
- B. The enforcement policy rules evaluation algorithm Is not configured correctly.
- C. The enforcement policy conditions configured with profiling data are not correct.
- D. The option, use cached roles and posture from previous sessions should be enabled.
Answer: C
NEW QUESTION 30
......
Guaranteed Success in Aruba Certified ClearPass Expert (ACCX) HPE6-A77 Exam Dumps: https://www.fast2test.com/HPE6-A77-premium-file.html