• Home
  • Articles
  • [Jan-2022 Newly Released] Pass HPE6-A77 Exam - Real Questions & Answers [Q35-Q54]

[Jan-2022 Newly Released] Pass HPE6-A77 Exam - Real Questions & Answers [Q35-Q54]

Share

[Jan-2022 Newly Released] Pass HPE6-A77 Exam - Real Questions & Answers

Pass HPE6-A77 Review Guide, Reliable HPE6-A77 Test Engine


HP HPE6-A77 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Integration of Posture results in secure service Enforcement
  • Authentication Methods and OCSP to insure proper Certificate revocation
Topic 2
  • Customized Admin Privileges for the Policy Manager
  • Self-Registration both with and without sponsorship
Topic 3
  • TACACS authentication from Network Access Devices
  • Integration of Authorization Sources and External Context Servers into Enforcement
Topic 4
  • High Availability and Redundancy Design, including Virtual IP addressing and Standby Publisher
  • Secure Access Design and Implementation

 

NEW QUESTION 35
Refer to the exhibit:

A customer has configured onboard in a cluster with two nodes All devices were onboarded in the network through node1but those clients tail to authenticate through node2 with the error shown. What steps would you suggest to make provisioning and authentication work across the entire cluster? (Select three.)

  • A. Make sure that the EAP certificates on both nodes are issued by one common root Certificate Authority (CA).
  • B. Configure the Onboard Root CA to trust the Policy Manager EAP certificate root.
  • C. Make sure that the HTTPS certificate on both nodes is issued as a Code Signing certificate
  • D. Have all of the BYOD clients re-run the Onboard process
  • E. Configure the Network Settings in Onboard to trust the Policy Manager EAP certificate
  • F. Have all of the BYOD clients disconnect and reconnect to me network

Answer: A,B,E

 

NEW QUESTION 36
Refer to the exhibit:

What is true about the Insight Master Server? {Select two)

  • A. There is no need to configure an insight Master Server when using default reports and alerts.
  • B. It Is recommended to have an insight server for every zone to limit the traffic between sites.
  • C. The Publisher is selected by default as Insight Master Server but It can be changed.
  • D. An insight Master Server should be selectedin order to configure reports and alerts.
  • E. When enabling a server to be the insight Master any existing insight Master is overwritten.

Answer: C,D

 

NEW QUESTION 37
Refer to the exhibit:

You have configured Onboard but me customer could not onboard one of his devices and has sent you the above screenshots. How could you resolve the issue?

  • A. Increase the maximum number ofdevices allowed by the individual user account.
  • B. Instruct the user to delete the profile on one of their other BYOD devices.
  • C. Instruct the user to run the Quick connect application in Sponsor Mode.
  • D. Increase the maximum number ofdevices that all users can provision to 3.

Answer: D

 

NEW QUESTION 38
Refer to the exhibit:




After the helpdesk revoked the certificate of a device reported to be lost oy an employee, the lost device was seen as connected successfully to the secure network. Further testing has shown that device revocation is not working.
What steps should you follow to make device revocations work?

  • A. copy the default [EAP-TLS with OSCP Enabled] authentication method and set the verify certificate using OSCP: option as "required" then configure the correct OSCF URL link for the OnBoard CA.
    Remove EAP-TLS and map the new [EAP-TLS with OSCP Enabled] method to the 802 1X Radius Service.
  • B. Edit the default [EAP-TLS with OSCP Enabled] authentication method and set the Verify certificate using OSCP option as required then update the correct OSCP URL link of the OnBoard CA Remove EAP-TLS and map the new [EAP-TLS with OSCP Enabled] method to the OnBoard Provisioning Service.
  • C. Copy the default [EAP-TLS with OSCP Enabled] authentication method and set The Verify certificate using OSCP option as required then update the correct OSCP URL link of the OnBoard CA. Remove EAP-TLS and map the custom created method to the OnBoard Authorization Service.
  • D. Remove the EAP-TLS authentication method configuration changes are required and add "EAP-TLS with OCSP Enabled" authentication method in the OnBoard Provisioning service.
    No other configuration changes are required.

Answer: D

 

NEW QUESTION 39
You have integrated ClearPass Onboard with Active Directory Certificate Services (ADCS) web enrollment to sign the final device TLS certificates. The customer wouldalso like to use ADCS for centralized management of TLS certificates including expiration, revocation, and deletion through ADCS.
What steps will you follow to complete the requirement?

  • A. Edit the [EAP-TLS with OSCP Enabled) authentication method and set the correct ADCS server OCSP URL. remove EAP-TLS and map the [EAP-TLS with OSCP Enabled) method to the Onboard Provisioning Service.
  • B. Copy the default [EAP-TLS with OSCP Enabled] authentication method and update the correct ADCS server OCSP URL. remove EAP-TLS and map the custom created method to the OnBoard Authorization Service.
  • C. Remove the EAP-TLS authentication method and add "EAP-TLS with OCSP Enabled' authentication method in the OnBoard Provisioning service. No other configuration changes are required.
  • D. Copy the [EAP-TLS with OSCP Enabled) authentication method and set the correct ADCS server OCSP URL, remove EAP-TLS and map the custom created method to the Onboard Provisioning Service.

Answer: C

 

NEW QUESTION 40
You are integrating a Postgres SQL server with the ClearPass Policy Manager What steps will you follow to complete the integration process? (Select three)

  • A. Specify a new filter with filter queries to fetch authentication and authorization attributes.
  • B. Create a new Endpoint context server andadd the SQL server IP, credentilas and the database name.
  • C. Click on the default filter name with pre-defined filter queries and check box to enable as role.
  • D. Alias Name under filter configuration must match one of the columns being requested from the database table.
  • E. Attribute Name under filter configuration must match one of the columns being requested from the database table.
  • F. Create a new authentication source and add the SQL server IP, credentials and the database name.

Answer: A,B,F

 

NEW QUESTION 41
A customer is planning to implement machine and user authentication on infrastructure with one Aruba Controller and a single ClearPass Server What should the customer consider while designing this solution?
(Select three.)

  • A. The Windows User must log off, restart or disconnect their machine to initiate a machine authentication before the cache expires.
  • B. The customer does not need to worry about Multi-Master Cache Survivability because the Controller will also cache the machine state.
  • C. Machine Authentication only uses EAP TLS, as such a PKI infrastructure should be in place for machine authentication.
  • D. Onboard must be used to install the Certificates on the personal devices to do the user and machine authentication.
  • E. The machine authentication status is written in the Multi-master cache on the ClearPass Server for 24 hrs.
  • F. The Customer should enable Multi-Master Cache Survivability as the Aruba Controller will not cache the machine state.

Answer: C,D,E

 

NEW QUESTION 42
While configuring a guest solution, the customer is requesting that guest user receive accessfor four hours from their first login.Which Guest Account Expiration would you select?

  • A. expire_after
  • B. do_expire
  • C. expire_time
  • D. expire_ postlogin

Answer: A

 

NEW QUESTION 43
Refer to the exhibit:





You configured the 802 1 x service enforcement conditions with the Endpoint profiling data. When the client connects to the network. ClearPass successfully profiles the client but the client always receives an incorrect enforcement profile The configurations in the Aruba controller are completed correctly.
What is the cause of the issue?

  • A. An additional authorization source should be configured for profiling to work.
  • B. The enforcement policy rules evaluation algorithm Is not configured correctly.
  • C. The enforcement policy conditions configured with profiling data are not correct.
  • D. The option, use cached roles and posture from previous sessions should be enabled.

Answer: C

 

NEW QUESTION 44
You have configured a Guest SSID with Captive-portal Web Authentication and MAC authentication The MAC caching expiry time set to 12 hours and the Guest Account expiration time is set to 8 hours. What will happen if the guest were to disconnect from the SSID and re-connect 9 hours later?

  • A. The client will tail the MAC authentication and be denied access to the Guest SSID.
  • B. The client will successfully pass the MAC authentication but still be redirected to captive portal page.
  • C. The client will successfully pass the mac authentication until the mac caching time expires.
  • D. The client will fail the MAC authentication and will be redirected to the Captive-portal login page.

Answer: B

 

NEW QUESTION 45
Refer to the exhibit:




What could be causing the error message received on the OnGuard client?

  • A. The Service Selection Rules for the service are not configured correctly
  • B. The Web-BasedHealth Check service needs to be configured to use the Posture Policy
  • C. There is a firewall policy not allowing the OnGuard Agent to connect to ClearPass
  • D. The client'sOnGuardAgent has not been configured with the correct Policy Manager Zone

Answer: D

 

NEW QUESTION 46
Refer to the exhibit:





You have configured Onboard andcannot get it working The customer has sentyouthe above screenshots How would you resolve the issue?

  • A. Copy the [EAP-TLS with OSCP Enabled] authentication method and set the correct OCSP URL
  • B. Install a public signed server authentication certificate on the ClearPass server for EAP
  • C. Re-provision the client by running the QuickConnect application as Administrator
  • D. Reconnect the client and select the correct certificate when prompted

Answer: C

 

NEW QUESTION 47
A customer is looking to implement a Web-Based Health Check solution with the following requirements:
* for the HR user's client devices, check if a USB stick is mounted.
* for the R&D user's client devices, check if the hard disk is fully encrypted.
The Web-Based Health Check service has been configured but the customer it is not sure how to design the Profile Policy How can be accomplished this customer request?

  • A. create one Posture Policy to check the HR users client devices and use the NAP Agent to check R&D users client devices
  • B. create two Posture Policies and use the Restrict by Roles option to filter for HR and R&D user roles and apply the correct SHV checks
  • C. create one Posture Policy and define Rules Conditions that will apply different Tokens for each SHV check condition
  • D. create two Posture Policies and customize the OnGuard Agent (Persistent or Dissolvable) to select the correct SHV checks

Answer: D

 

NEW QUESTION 48
What is used to validate the EAP Certificate? (Select three.)

  • A. Common Name
  • B. Server Identity
  • C. SAN entries
  • D. Key usage
  • E. Trust chain
  • F. Date

Answer: A,D,E

 

NEW QUESTION 49
Refer to the exhibit:

When creating a new report, there is an option to send report Notifications by Email. Where is the email server configured?

  • A. In the insight report on the next screen of the report definition.
  • B. In the ClearPass Policy Manager Endpoint Context servers under Administration.
  • C. In the Insight Reports Interface under Administration on the sidebar menu.
  • D. In the ClearPass Policy Manager Messaging setup under Administration.

Answer: C

 

NEW QUESTION 50
A Customer has these requirements:
* 2.000 loT endpoints that use MAC authentication
* 6,000 endpoints using a mix of username/password and certificate (Corporate/BYOD) based authentication
* 1,000 guest endpoints at peak usage that use guest self-registration
* 1500 BYOD devices estimated as 3 devices per User (500 users)
* 2,500 endpoints that have OnGuard installed and connect on a daily basis What licenses should be installed to meet customer requirements?

  • A. 11,500 Access, 1,500 Onboard, 2.500 Onguard
  • B. 9,000 Access, 500 Onboard. 2.500 Onguard
  • C. 13.000 Access, 1.500 Onboard, 2,500 Onguard
  • D. 11,500 Access, 500 Onboard, 2,500 Onguard

Answer: A

 

NEW QUESTION 51
A customer has acquired another company that has its own Active Directory infrastructure The 802 1X authentication works with the customers original Active Directory servers but the customer would like to authenticate users from the acquired company as well. What steps are required, in regards to the Authentication Sources, in order to support this request? (Select two.)

  • A. Create a new Authentication Source, type Generic LDAP.
  • B. There is no need to Join ClearPass to the new AD domain.
  • C. Add the new AD server(s) as backup into the existing Authentication Source.
  • D. Create a new Authentication Source, type Active Directory.
  • E. Join the ClearPass server(s) to the new AD domain.

Answer: B,E

 

NEW QUESTION 52
Refer to the exhibit:



Your customer configured a ClearPass server to process the Guest and Secure SSIDs broadcastingfrom both Aruba and Cisco WLAN controllers When an Employee connects to Aruba or Cisco secure SSID, the authentication hits the guest service causing the client to fail the connection to the network.
What change can be implemented to make both the secure and guest services created for Aruba and Cisco devices to work correctly?

  • A. Move the HS_Building Aruba 802.1x service to the second position in the service order.
  • B. Move the HS-Guest User Authentication with MAC Caching service to the first position.
  • C. Modify the service rule matching algorithm to ALLin HS-GuestUser Authentication service.
  • D. Disable HS-Guest User Authentication service and move HS-Guest MAC Authentication to seventh position.

Answer: B

 

NEW QUESTION 53
Where is the following information stored in ClearPass?
- Roles and Posture for Connected Clients - System Health for OnGuard - Machine authentication State - CoA session info - Mapping of connected clients to NAS/NAD

  • A. ClearPass system cache
  • B. Multi-Master cache
  • C. Endpoint database
  • D. insight database

Answer: A

 

NEW QUESTION 54
......

100% Free HPE6-A77 Daily Practice Exam With 60 Questions: https://passleader.examtorrent.com/HPE6-A77-prep4sure-dumps.html

Related Articles

more
HP HPE6-A77 Certification Practice Exam

Valid exam torrent sheet will be a shortcut for every buyer to obtain certifications. We ExamTorrent provide new dumps torrent file with 99.59% passing rate. If you have any question about our products we the best quality and the service attitude will serve for you!

Latest Dump pass for sure

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy