nerdexam
Exams200-301Questions#744
CiscoCisco

200-301 · Question #744

200-301 Question #744: Real Exam Question with Answer & Explanation

The correct answer is A: It can run on a UNIX server.. This question asks for two correct statements describing TACACS+ protocol characteristics.

Submitted by yuki_2020· Mar 5, 2026[DOMAIN LIST NOT PROVIDED]

Question

Which two statements about TACACS+ are true? (Choose two.)

Options

  • AIt can run on a UNIX server.
  • BIt authenticates against the user database on the local device.
  • CIt is more secure than AAA authentication.
  • DIt is enabled on Cisco routers by default.
  • EIt uses a managed database.

Explanation

This question asks for two correct statements describing TACACS+ protocol characteristics.

Common mistakes.

  • B. TACACS+ is designed for centralized authentication against a remote server, not against the local device's user database.
  • C. While TACACS+ offers strong security (e.g., full packet encryption), AAA is an architectural framework, and TACACS+ is an implementation of AAA, making this comparison imprecise.
  • D. TACACS+ is not enabled on Cisco routers by default; it requires explicit configuration.

Concept tested. TACACS+ protocol characteristics

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a1-chap-1.html

Topics

#TACACS+#AAA protocols

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-301 PracticeBrowse All 200-301 Questions