1. Home
  2. HP
  3. HPE6-A77

Aruba Certified ClearPass Expert Written

Exam Details

  • Exam Code
    :HPE6-A77
  • Exam Name
    :Aruba Certified ClearPass Expert Written
  • Certification
    :HP Certifications
  • Vendor
    :HP
  • Total Questions
    :60 Q&As
  • Last Updated
    :Mar 26, 2025

HP HP Certifications HPE6-A77 Questions & Answers

  • Question 31:

    Refer to the exhibit:

    When creating a new report, there is an option to send report Notifications by Email. Where is the email server configured?

    A. In the ClearPass Policy Manager Endpoint Context servers under Administration.

    B. In the Insight Reports Interface under Administration on the sidebar menu.

    C. In the insight report on the next screen of the report definition.

    D. In the ClearPass Policy Manager Messaging setup under Administration.

  • Question 32:

    You have integrated ClearPass Onboard with Active Directory Certificate Services (ADCS) web enrollment

    to sign the final device TLS certificates. The customer would also like to use ADCS for centralized

    management of TLS certificates including expiration, revocation, and deletion through ADCS.

    What steps will you follow to complete the requirement?

    A. Remove the EAP-TLS authentication method and add "EAP-TLS with OCSP Enabled' authentication method in the OnBoard Provisioning service. No other configuration changes are required.

    B. Copy the [EAP-TLS with OSCP Enabled) authentication method and set the correct ADCS server OCSP URL, remove EAP-TLS and map the custom created method to the Onboard Provisioning Service.

    C. Copy the default [EAP-TLS with OSCP Enabled] authentication method and update the correct ADCS server OCSP URL. remove EAP-TLS and map the custom created method to the OnBoard Authorization Service.

    D. Edit the [EAP-TLS with OSCP Enabled) authentication method and set the correct ADCS server OCSP URL. remove EAP-TLS and map the [EAP-TLS with OSCP Enabled) method to the Onboard Provisioning Service.

  • Question 33:

    Refer to the exhibit:

    The customer created a new enforcement policy condition to allow VIP Users access without additional security compliance checks hut cannot gel it working. The customer has sent you the above screenshots. How would you resolve the issue?

    A. Ask the VIP user to complete the one time web health check to get the VIP profile.

    B. Set the Enforcement Policy rules evaluation algorithm to evaluate all.

    C. Include VIP User role along with the Healthy posture enforcement condition.

    D. Modify the Enforcement Policy and re-order the VIP user condition to the lop.

  • Question 34:

    Refer to the exhibit:

    What is true about the Insight Master Server? {Select two)

    A. It Is recommended to have an insight server for every zone to limit the traffic between sites.

    B. The Publisher is selected by default as Insight Master Server but It can be changed.

    C. There is no need to configure an insight Master Server when using default reports and alerts.

    D. An insight Master Server should be selected in order to configure reports and alerts.

    E. When enabling a server to be the insight Master any existing insight Master is overwritten.

  • Question 35:

    Refer to the exhibit: Your customer configured a ClearPass server to process the Guest and Secure SSIDs broadcasting from both Aruba and Cisco WLAN controllers When an Employee connects to Aruba or Cisco secure SSID, the authentication hits the guest service causing the client to fail the connection to the network. What change can be implemented to make both the secure and guest services created for Aruba and Cisco devices to work correctly?

    A. Move the HS-Guest User Authentication with MAC Caching service to the first position.

    B. Modify the service rule matching algorithm to ALL in HS-Guest User Authentication service.

    C. Disable HS-Guest User Authentication service and move HS-Guest MAC Authentication to seventh position.

    D. Move the HS_Building Aruba 802.1x service to the second position in the service order.

  • Question 36:

    Under Onboard management and control, which option will deny the user from re-provisioning the device a second time?

    A. Revoke and Delete certificate

    B. Delete user

    C. Revoke certificate

    D. Delete certificate

  • Question 37:

    What is used to validate the EAP Certificate? (Select three.)

    A. Common Name

    B. Date

    C. Key usage

    D. Server Identity

    E. SAN entries

    F. Trust chain

  • Question 38:

    You have configured a Guest SSID with Captive-portal Web Authentication and MAC authentication The MAC caching expiry time set to 12 hours and the Guest Account expiration time is set to 8 hours. What will happen if the guest were to disconnect from the SSID and re-connect 9 hours later?

    A. The client will tail the MAC authentication and be denied access to the Guest SSID.

    B. The client will successfully pass the mac authentication until the mac caching time expires.

    C. The client will successfully pass the MAC authentication but still be redirected to captive portal page.

    D. The client will fail the MAC authentication and will be redirected to the Captive-portal login page.

  • Question 39:

    A corporate ClearPass Cluster with two servers located at a single site, has both Management and Data port IP addresses configured. The Management port IPs are in the DataCenter networks subnet, while the Data port IPs are in the DMZ. What is the difference between using one Virtual IP for the AAA traffic versus sending AAA requests to the physical IPs for each server? (Select two.)

    A. The failover can be accomplished only by using Virtual IP.

    B. The Individual IPs can provide failover and load balancing.

    C. One Virtual IP can be used together with the individual server IPs for load balancing.

    D. By using the Virtual IP, the failover convergence is faster than using individual server IPs.

    E. Using the one Virtual IP can provide failover and load balancing.

  • Question 40:

    Refer to the exhibit:

    A customer is trying to configure a TACACS Authentication Service for administrative access to the Aruba

    Controller, During testing the authentication is not successful.

    Given the screen shot what could be the reason for the Login status REJECT?

    A. The password used by the administrative user, user is wrong.

    B. The Enforcement profile is not designed to be used on Aruba Controller.

    C. The Read-only Administrator role does not exist on the Controller.

    D. The Enforcement profile used is not a TACACS profile.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HPE6-A77 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.