300-430 Question #77: Real Exam Question with Answer & Explanation

The correct answer is D: It defines the level of access of the user or the device.. The command configures AAA authorization on the switch, which determines the level of access granted to an authenticated user or device.

Security for Wireless Client Connectivity

Question

Refer to the exhibit. You enter the command on a Cisco Catalyst 3850 Series Switch that runs Cisco ISO XE. What does the command do?

Options

AIt defines the user identity or the device identity to be validated by the RADIUS server.
BIt captures information on the length of the authorized session, as well as the bandwidth usage
CIt defines the RADIUS server used to track which sessions are still active.
DIt defines the level of access of the user or the device.

Explanation

The command configures AAA authorization on the switch, which determines the level of access granted to an authenticated user or device.

Common mistakes.

A. Validating user or device identity against a RADIUS server is the function of AAA authentication commands, not authorization.
B. Capturing session length and bandwidth usage is performed by AAA accounting commands, which log resource consumption.
C. Tracking which sessions are still active is an accounting or session management function, not a role of authorization configuration.

Concept tested. AAA authorization configuration on IOS XE Catalyst switches

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16/sec-usr-aaa-xe-16-book/sec-cfg-authorizatn.html

Topics

#Catalyst 3850#IOS XE#authorization policy#access level

Community Discussion

No community discussion yet for this question.

Full 300-430 Practice