DRAG DROP

Use the arrows to sort the steps to request a Policy Service on the left into the order they are performed on the right.

Select and Place:

When a third party Mobile Device Management server is integrated with ClearPass, where is the endpoint information from the MDM server stored in ClearPass?

A. Endpoints repository

B. Onboard Device repository

C. MDM repository

D. Guest User repository

E. Local User repository

A customer would like to deploy ClearPass with these requirements:

every day, 100 employees need to authenticate with their corporate laptops using EAP-TLS every Friday, a meeting with business partners takes place and an additional 50 devices need to authenticate using Web Login Guest Authentication

What should the customer do regarding licenses? (Select two.)

A. When counting policy manager licenses, include the additional 50 business partner devices.

B. When counting policy manager licenses, exclude the additional 50 business partner devices.

C. Purchase Onboard licenses.

D. Purchase guest licenses.

E. Purchase Onguard licenses.

Under which circumstances is it necessary to use an SNMP based Enforcement profile to send a VLAN?

A. when a VLAN must be assigned to a wired user on an Aruba Mobility Controller

B. when a VLAN must be assigned to a wireless user on an Aruba Mobility Controller

C. when a VLAN must be assigned to a wired user on a third party wired switch that does not support RADIUS return attributes

D. when a VLAN must be assigned to a wired user on an Aruba Mobility Access Switch

E. when a VLAN must be assigned to a wired user on a third party wired switch that does not support RADIUS accounting

Which checks are made with Onguard posture evaluation in ClearPass? (Select three.)

A. Registry keys

B. EAP TLS certificate validity

C. Client role check

D. Peer-to-peer application checks

E. Operating System version

Refer to the exhibit.

What can be concluded from the Access Tracker output shown?

A. The client used incorrect credentials to authenticate to the network.

B. ClearPass does not have a service enabled for MAC authentication.

C. The client MAC address is not present in the Endpoints table in the CrearPass database.

D. The RADIUS client on the Windows server failed to categorize the service correctly.

E. The client wireless profile is incorrectly setup.

An organization implements dual SSID Onboarding. The administrator used the Onboard service template to create services for dual SSID Onboarding. Which statement accurately describes the outcome?

A. The Onboard Provisioning service is triggered when the user connects to the provisioning SSID to Onboard their device.

B. The Onboard Authorization service is triggered when the user connects to the secure SSID.

C. The Onboard Authorization service is triggered during the Onboarding process.

D. The device connects to the secure SSID for provisioning.

E. The Onboard Authorization service is never triggered.

Use this form to make changes to the RADIUS Web Login Guest Network.

A Web Login page is configured in Clear Pass Guest as shown. What is the purpose of the Pre-Auth Check?

A. To authenticate users after the NAD sends an authentication request to ClerPass

B. To authenticate users before the client sends the credentials to the NAD

C. To authenticate users when they are roaming from one NAD to another

D. To authenticate users before they launch the Web Login Page

E. To replace the need for the NAD to send an authentication request to ClearPass

What is the purpose of ClearPass Onboard?

A. to provide MAC authentication for devices that don't support 802.1x

B. to run health checks on end user devices

C. to provision personal devices to securely connect to the network

D. to configure self-registration pages for guest users

E. to provide guest access for visitors to connect to the network

Refer to the exhibit.

What does the Cache Timeout Value refer to?

A. The amount of time the Policy Manager caches the user credentials stored in the Active Directory.

B. The amount of time the Policy Manager waits for a response from the Active Directory before checking the backup authentication source.

C. The amount of time the Policy Manager caches the user attributes fetched from Active Directory.

D. The amount of time the Policy Manager waits for response from the Active Directory before sending a timeout message to the Network Access Device.

E. The amount of time the Policy Manager caches the user\s client certificate.