300-715 · Question #228
300-715 Question #228: Real Exam Question with Answer & Explanation
The correct answer is D: The switch needs to be added as a network device in Cisco ISE and set to use TACACS+.. To enable TACACS+ access to a switch after initial configuration, the switch must be explicitly registered as a network device in Cisco ISE and configured to use TACACS+.
Question
An engineer is unable to use SSH to connect to a switch after adding the required CLI commands to the device to enable TACACS+. The device administration license has been added to Cisco ISE, and the required policies have been created. Which action is needed to enable access to the switch?
Options
- AThe ip ssh source-interface command needs to be set on the switch
- B802.1X authentication needs to be configured on the switch.
- CThe RSA keypair used for SSH must be regenerated after enabling TACACS+.
- DThe switch needs to be added as a network device in Cisco ISE and set to use TACACS+.
Explanation
To enable TACACS+ access to a switch after initial configuration, the switch must be explicitly registered as a network device in Cisco ISE and configured to use TACACS+.
Common mistakes.
- A. The
ip ssh source-interfacecommand specifies the source interface for SSH connections but is not directly related to enabling TACACS+ authentication itself.
Concept tested. Cisco ISE network device registration for TACACS+
Topics
Community Discussion
No community discussion yet for this question.