Free Preparation Discussions
MENU
HP Exam HPE6-A84 Topic 7 Question 31 Discussion
Topic #: 7
A customer needs you to configure Aruba ClearPass Policy Manager (CPPM) to authenticate domain users on domain computers. Domain users, domain computers, and domain controllers receive certificates from a Windows C
EAP (Extensible Authentication Protocol) is a framework that allows different authentication methods to be used for network access. EAP is used for RADIUS/EAP authentication, which is a common method for authenticating domain users on domain computers using certificates. EAP requires that the RADIUS server, such as ClearPass Policy Manager (CPPM), validates the certificates presented by the clients and verifies their identity against an identity source, such as Windows AD. Therefore, the root certificate for the Windows CA that issues the certificates to the clients should have the EAP usage in the ClearPass CA Trust list.
Radsec (RADIUS over TLS) is a protocol that allows secure and encrypted communication between RADIUS servers and clients using TLS. Radsec is used for encrypting all communications between CPPM and the domain controllers, which act as RADIUS clients. Radsec requires that both the RADIUS server and the RADIUS client validate each other's certificates and establish a TLS session. Therefore, the root certificate for the Windows CA that issues the certificates to the domain controllers should have the Radsec usage in the ClearPass CA Trust list.
Brock
21 days agoJeffrey
25 days agoOneida
1 days agoMi
29 days agoDanica
14 days agoRuby
20 days agoEdna
21 days agoGarry
1 months agoRashida
19 days agoStaci
19 days agoCassandra
25 days agoTabetha
28 days agoKristian
1 months agoVernell
2 months agoErasmo
2 months agoTracie
2 months agoRolland
1 months agoQueenie
2 months ago