300-715 · Question #256
300-715 Question #256: Real Exam Question with Answer & Explanation
The correct answer is A: EAP-FAST is not enabled.. {"question_number": 6, "correct_answer": "A", "explanation": "Cisco TrustSec uses EAP-FAST (Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling) as the authentication mechanism for device-to-device CTS (Cisco TrustSec) authentication. The CTS device
Question
While configuring Cisco TrustSec on Cisco IOS devices, the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However, after this is complete, the devices are not able to properly authenticate. What issue would cause this to happen even if the device ID and passwords are correct?
Options
- AEAP-FAST is not enabled.
- BThe SGT mappings have not been defined.
- CThe device aliases are not matching.
- DThe devices are missing the configuration cts credentials trustsec verify 1.
Explanation
{"question_number": 6, "correct_answer": "A", "explanation": "Cisco TrustSec uses EAP-FAST (Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling) as the authentication mechanism for device-to-device CTS (Cisco TrustSec) authentication. The CTS device ID and password are credentials used within EAP-FAST during the SAP (Security Association Protocol) negotiation phase. If EAP-FAST is not enabled on the devices or ISE, the authentication process cannot complete even if the credentials are correct. This is the most common reason for TrustSec authentication failure when the device ID and password are verified to be correct.", "generated_by": "claude-sonnet", "llm_judge_score": 3}
Topics
Community Discussion
No community discussion yet for this question.