nerdexam
Exams300-730Questions#177
Cisco

300-730 · Question #177

300-730 Question #177: Real Exam Question with Answer & Explanation

The correct answer is B: eap. EAP and pre-share are the two AAA-based user authentication methods available when configuring an IKEv2 profile on Cisco IOS.

Secure Communications

Question

What are the two AAA methods for user authentication when configuring the IKEv2 profile? (Choose two.)

Options

  • Auser
  • Beap
  • Crsa-sig
  • Dcert
  • Epre-share

Explanation

EAP and pre-share are the two AAA-based user authentication methods available when configuring an IKEv2 profile on Cisco IOS.

Common mistakes.

  • A. user is not a valid keyword in the IKEv2 profile authentication command syntax and is not a recognized AAA authentication method in Cisco IOS.
  • C. rsa-sig uses RSA digital signatures for certificate-based peer or device authentication and is not classified as an AAA user authentication method in the IKEv2 profile context.
  • D. cert is not a standard keyword in Cisco IOS IKEv2 profile authentication configuration - certificate-based authentication is specified using rsa-sig or ecdsa-sig, not cert.

Concept tested. IKEv2 profile AAA user authentication methods

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ikevpn/configuration/xe-16/sec-conn-ikevpn-xe-16-book/sec-conn-ikev2-flex.html

Topics

#IKEv2#AAA#EAP#pre-shared key authentication

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-730 Practice