Home » HP » HPE6-A15 » Which action will ClearPass take based on the Enforcement Profile?
Refer to the exhibit.
An Enforcement Profile has been created in the Policy Manager as shown.
Which action will ClearPass take based on the Enforcement Profile?
A. it will count down 600 seconds and send a RADIUS CoA message to the NAD to end the user’s session after this time is up
B. it will send the Session-Timeout attribute in the RADIUS Access-Request packet to the NAD and the NAD will end the user’s session after 600 seconds
C. it will count down 600 seconds and send a RADIUS CoA message to the user to end the user’s session after this time is up
D. it will send the Session-Timeout attribute in the RADIUS Access-Request packet to the user and the user’s session will be terminated after 600 seconds
Correct Answer: D
Explanation/Reference:
Explanation:
Session Timeout (in seconds) – Configure the agent session timeout interval to re-evaluate the system health again. OnGuard triggers auto-remediation using this value to enable or disable AV-RTP status check on endpoint. Agent reauthentication is determined based on session-time out value. You can specify the session timeout interval from 60 – 600 seconds. Setting the lower value for session timeout interval results numerous authentication requests in Access Tracker page. The default value is 0.
References: http://www.arubanetworks.com/techdocs/ClearPass/Aruba_CPPMOnlineHelp/Content/CPPM_UserGuide/Enforce/EPAgent_Enforcement.htm
Download Printable PDF. VALID exam to help you PASS.
|
|
A is correct … and here is why I think so
Here is my thought process:
The Client starts with Access-Request.
The Server sends either Access-Accept, Access-Reject, or Access-Challenge.
So the attribute Session-Timeout if used, will be used with the three mentioned above as Access-Accept (So B & D is wrong)
Now for RADIUS CoA, it communicates with the NAD not the client (so C is wrong)
then A is remaining to be correc
شكرا