350-401 · Question #391
Drag and Drop Question An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used. Answer:
The correct answer is tacacs servers of group ACE; local configured username in non-case-sensitive format; local configured username in case-sensitive format; AAA servers of AAA_RADIUS group. The correct priority order reflects a typical AAA authentication configuration where TACACS+ is tried first (group ACE), followed by local authentication in non-case-sensitive format, then case-sensitive local authentication, and finally RADIUS (group AAA_RADIUS) as the last reso
Question
Drag and Drop Question An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used. Answer:
Exhibits
Answer Area
Drag items
Correct arrangement
- tacacs servers of group ACE
- local configured username in non-case-sensitive format
- local configured username in case-sensitive format
- AAA servers of AAA_RADIUS group
Explanation
The correct priority order reflects a typical AAA authentication configuration where TACACS+ is tried first (group ACE), followed by local authentication in non-case-sensitive format, then case-sensitive local authentication, and finally RADIUS (group AAA_RADIUS) as the last resort method. This ordering follows the 'aaa authentication login' command sequence where methods are attempted left-to-right, and each subsequent method is only tried if the previous one is unavailable (not if authentication fails). The configuration intentionally does NOT include 'if-no-method deny' (none/deny) as a final fallback, meaning the list ends with AAA_RADIUS.
Topics
Community Discussion
No community discussion yet for this question.



