352-001 · Question #533
ACME Agricultural requires that access to all network devices is granted based on identify validation, and an authentication server was installed for this purpose. Currently the network team uses a li
The correct answer is D. LDAP. LDAP is the standard protocol used by authentication servers to query and validate identities against a corporate directory service such as Active Directory.
Question
ACME Agricultural requires that access to all network devices is granted based on identify validation, and an authentication server was installed for this purpose. Currently the network team uses a list of passwords based on regions to access the internal corporate network devices. Which protocol do you recommend to ensure identify validation from the authentication server to the corporate directory?
Options
- AHTTPS
- BTACACS+
- CSSH
- DLDAP
How the community answered
(16 responses)- A6% (1)
- B6% (1)
- D88% (14)
Why each option
LDAP is the standard protocol used by authentication servers to query and validate identities against a corporate directory service such as Active Directory.
HTTPS is a web transport protocol for securing HTTP sessions and has no role in querying a corporate directory for identity validation.
TACACS+ is a Cisco AAA protocol used between network devices and an authentication server, not between the authentication server and the corporate directory backend.
SSH is a protocol for secure remote command-line access to devices and is not used for directory lookups or identity queries.
LDAP (Lightweight Directory Access Protocol) is specifically designed for querying and authenticating against directory services such as Microsoft Active Directory. When an authentication server needs to validate user credentials against a corporate directory, it uses LDAP or LDAPS to perform directory lookups. This is the standard integration protocol between authentication infrastructure and directory services for identity validation.
Concept tested: LDAP integration between authentication server and directory
Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16/sec-usr-aaa-xe-16-book/sec-ldap.html
Topics
Community Discussion
No community discussion yet for this question.