Free Preparation Discussions
MENU
HP Exam HPE6-A84 Topic 7 Question 31 Discussion
Topic #: 7
A customer needs you to configure Aruba ClearPass Policy Manager (CPPM) to authenticate domain users on domain computers. Domain users, domain computers, and domain controllers receive certificates from a Windows C
EAP (Extensible Authentication Protocol) is a framework that allows different authentication methods to be used for network access. EAP is used for RADIUS/EAP authentication, which is a common method for authenticating domain users on domain computers using certificates. EAP requires that the RADIUS server, such as ClearPass Policy Manager (CPPM), validates the certificates presented by the clients and verifies their identity against an identity source, such as Windows AD. Therefore, the root certificate for the Windows CA that issues the certificates to the clients should have the EAP usage in the ClearPass CA Trust list.
Radsec (RADIUS over TLS) is a protocol that allows secure and encrypted communication between RADIUS servers and clients using TLS. Radsec is used for encrypting all communications between CPPM and the domain controllers, which act as RADIUS clients. Radsec requires that both the RADIUS server and the RADIUS client validate each other's certificates and establish a TLS session. Therefore, the root certificate for the Windows CA that issues the certificates to the domain controllers should have the Radsec usage in the ClearPass CA Trust list.
Brock
10 months agoJeffrey
10 months agoTiara
9 months agoJosphine
9 months agoOneida
9 months agoMi
10 months agoDanica
9 months agoRuby
10 months agoEdna
10 months agoGarry
10 months agoRashida
10 months agoStaci
10 months agoCassandra
10 months agoTabetha
10 months agoKristian
10 months agoVernell
10 months agoErasmo
11 months agoTracie
11 months agoRolland
10 months agoQueenie
10 months ago