What is the function of the primary and backup servers when configuring an authentication source in ClearPass?
A. The primary server and backup servers can be configured for round-robin.
B. The primary server can be from one Active Directory domain; the backup server can be from another.
C. The primary server is always authenticated first, then the backup is used if authentication fails.
D. The primary server is always authenticated first, then the backup is used if that times out.
When a role mapping policy should be used in an 802.1x service with Active Directory as the authentication source?
A. When you want to send roles from the AD user to enforcement policies directly from AD attributes.
B. When you want to send Aruba firewall roles back to the Aruba Network Access Drive.
C. When you want to translate and combine AD attributes into ClearPass roles.
D. When you want to enable attributes as roles directly without combining multiple attributes
How can Enforcement Policy rules be evaluated? (Choose two.)
A. It is checked top down, as configured in the rules tab.
B. All rules are checked, and all matches are used.
C. If no rules match, the request is rejected.
D. It is checked bottom up, as configured in the rules tab.
E. All rules are checked, and the best match is used.
When a NAD sends an authentication request to ClearPass for a Guest Web Login with Username and Password, which methods can it use? (Choose three.)
A. CHAP璕ADIUS Request
B. EAP PEAP ?RADIUS Request
C. MSCHAP ?RADIUS Request
D. HTTP ?WebAuth Request
E. PAP ?RADIUS Request
When a client performs EAP-TLS authentication, what is required? (Choose two.)
A. Root Certificate Authority
B. User Credentials
C. RADIUS Server Certificate
D. RADIUS Shared Secret
E. TLS Client Certificate
Refer to the exhibit.
A user connects to an Aruba Access Point wireless SSID named "Secure-Corporate" and performs an 802.1X authentication with ClearPass as the authentication server. Based on this service configuration, which service will be triggered?
A. Service Three
B. Service Two
C. No service will be triggered.
D. Service One
Refer to the exhibit.
What will be the enforcement for the user "neil"?
A. Allow Internet Only Access
B. Allow Full Access
C. Corp Secure Contractor
D. Secure Corp BYOD Access
What is Radius CoA used for?
A. to validate a host MAC against a white and a black list
B. to force the client to re-authenticate upon roaming to a new controller
C. to authenticate users or devices before granting them access to a network
D. to transmit messages to the NAD/NAS to modify a user's session status
E. to apply firewall policies based on authentication credentials
Which statement most accurately describes how users with Active Directory credentials authenticate with ClearPass when Active Directory is used as an authentication source for an 802.1x service in ClearPass?
A. A Kerberos request is sent from the Network Access Device to ClearPass which initiates a RADUIS request to the AD server.
B. A RADIUS request is sent from the Network Access Device to the AD server which communicates with ClearPass.
C. An LDAP request is sent from the Network AccessDevice to the AD server which communicates with ClearPass.
D. An LDAP request is sent from the Network Access Device to ClearPass which initiates a RADIUS request to the AD server.
E. A RADIUS request is sent from the Network Access Device to the ClearPasswhich communicates with the AD server.
What is the purpose of using a role mapping policy in an 802.1x service with Active Directory as the authentication source?
A. to translate and combine AD attributes into ClearPass roles
B. to send roles from ClearPass to theAD user to update a user's group membership
C. to enable attributes as roles directly without needing role mapping rules
D. to send Aruba firewall roles back to the Aruba Network Access Device
E. to send details of a user's connection to the AD user to store in its database
How do apple iOS 4 and iOS 5 devices download the Onboard provisioning profile and credentials from ClearPass?
A. Bonjour
B. Quick Connect
C. SNMP
D. FTP
E. Over the air API
Which device verifies the Server certificate during the Over the air provisioning process?
A. Aruba Controller
B. Active Directory
C. ClearPass Onboard
D. Client
E. ClearPass Policy Manager
Refer to the exhibit.
Based on the information shown, what is the status of the network?
A. ClearPass can do TCP OS finger printingbut Dictionary is not updated.
B. ClearPass cannot do TCP OS finger printing.
C. Device is Unknown to ClearPass.
D. Device is not authenticated.
E. ClearPass supports TCP finger printing but it is not enabled.
What Information is needed to add ClearPass to an Active Directory Domain? (Select two.)
A. domain user credentials
B. CPPM enterprise credentials
C. Administrator FQDN
D. domain controller FQDN
E. Administrator user credentials
What is the benefit of persistent agents over dissolvable agents?
A. Auto-remediation
B. Autonomous logon
C. Firewall tracking
D. Firewall checks
E. Advanced Posture checks