HPE6-A88 시험 - HP실제시험문제와 답 - 249문항

Question No : 1

Which function of AAA ensures that user activities are logged and monitored for auditing purposes?

A.Authentication
B.Authorization
C.Accounting
D.Identity Profiling

정답:
Explanation:
Accounting records user authentication events, access history, and resource usage, allowing organizations to monitor user activity, detect anomalies, and comply with security policies.

Question No : 2

Which feature in ClearPass ensures that authentication requests from specific devices or users are forwarded to external authentication servers?

A.RADIUS Proxy
B.MAC Filtering
C.Captive Portal
D.VLAN Steering

정답:
Explanation:
RADIUS Proxy enables ClearPass to forward authentication requests to external RADIUS servers, allowing authentication load balancing and integration with third-party authentication systems.

Question No : 3

Which two authentication sources are commonly integrated with ClearPass for user validation? (Select two.)

A.Active Directory
B.LDAP
C.SNMP
D.ICMP

정답:
Explanation:
ClearPass integrates with Active Directory and LDAP to authenticate users against directory services, enabling centralized authentication, policy enforcement, and role mapping for enterprise environments.

Question No : 4

Which AAA function allows network administrators to control which VLANs users are assigned to after
authentication?

A.Authentication
B.Authorization
C.Accounting
D.Adaptive Enforcement

정답:
Explanation:
Authorization determines what resources users can access, including VLAN assignment, role-based policies, and access control lists (ACLs) based on authentication results.

Question No : 5

Which authentication method allows ClearPass to use external identity providers such as Google and Azure AD?

A.SAML
B.RADIUS
C.TACACS+
D.LDAP

정답:
Explanation:
Security Assertion Markup Language (SAML) enables Single Sign-On (SSO) with cloud-based identity providers, allowing users to authenticate via external services such as Google and Azure AD.

Question No : 6

Which authentication method does ClearPass use to authenticate IoT devices that lack 802.1X support?

A.MAC Authentication Bypass (MAB)
B.PEAP-MSCHAPv2
C.EAP-TLS
D.OAuth

정답:
Explanation:
MAC Authentication Bypass (MAB) allows devices without 802.1X capabilities to authenticate based on their MAC addresses. While convenient for IoT, it provides limited security and should be combined with other controls.

Question No : 7

Which authentication protocol provides mutual authentication using client and server certificates?

A.PEAP
B.EAP-TLS
C.EAP-TTLS
D.MSCHAPv2

정답:
Explanation:
EAP-TLS provides mutual authentication, requiring both client and server certificates to validate each other’s identity, offering the highest level of security in enterprise environments.

Question No : 8

Which component of AAA is responsible for logging network access details such as session duration and data usage?

A.Authentication
B.Authorization
C.Accounting
D.Identity Mapping

정답:
Explanation:
Accounting logs user session details, including login/logout times, duration, and data consumption, providing visibility for auditing, compliance, and security analysis.

Question No : 9

Which two authentication protocols use encrypted tunnels to protect user credentials during authentication? (Select two.)

A.PEAP
B.EAP-TTLS
C.PAP
D.CHAP

정답:
Explanation:
PEAP and EAP-TTLS establish encrypted tunnels before transmitting user credentials, enhancing security by preventing credential interception. PAP and CHAP are outdated and transmit credentials in less secure ways.

Question No : 10

Which ClearPass feature allows administrators to apply different levels of network access based on authentication attributes?

A.Role-Based Access Control
B.Static VLAN Assignment
C.Guest Self-Registration
D.Pre-Shared Key Authentication

정답:
Explanation:
Role-Based Access Control (RBAC) assigns access levels dynamically based on authentication attributes such as user identity, device type, and security posture. This ensures users receive appropriate permissions while maintaining security.

Question No : 11

Which ClearPass component allows the enforcement of granular access policies based on authentication results?

A.Insight
B.Policy Manager
C.Guest Manager
D.Device Insight

정답:
Explanation:
Policy Manager enables administrators to define and enforce authentication-based policies, dynamically adjusting network access based on user identity and security posture.

Question No : 12

Which authentication method is preferred for secure, passwordless network authentication?

A.EAP-TLS
B.PEAP
C.MAC Authentication Bypass
D.CHAP

정답:
Explanation:
EAP-TLS is a certificate-based authentication method that eliminates password vulnerabilities by requiring digital certificates for mutual authentication.

Question No : 13

Which component of the AAA model determines what actions an authenticated user can perform?

A.Authentication
B.Authorization
C.Accounting
D.Policy Enforcement

정답:
Explanation:
Authorization controls access to network resources by applying policies that dictate the actions a user or device can perform after authentication.

Question No : 14

Which ClearPass feature allows network access based on device type and security posture?

A.Policy Manager
B.Role Mapping
C.Adaptive Policy Enforcement
D.MAC Filtering

정답:
Explanation:
Adaptive Policy Enforcement dynamically modifies access privileges based on user, device, and real-time posture assessment, improving security.

Question No : 15

Which two authentication protocols support password-based authentication over a secure tunnel? (Select two.)

A.PEAP
B.EAP-TTLS
C.PAP
D.CHAP

정답:
Explanation:
PEAP and EAP-TTLS use a secure TLS tunnel to encrypt user credentials during authentication, enhancing security compared to unencrypted methods like PAP and CHAP.

HP HPE6-A88 시험