nerdexam
Cisco

352-001 · Question #533

ACME Agricultural requires that access to all network devices is granted based on identify validation, and an authentication server was installed for this purpose. Currently the network team uses a li

The correct answer is D. LDAP. LDAP is the standard protocol used by authentication servers to query and validate identities against a corporate directory service such as Active Directory.

Designing Security

Question

ACME Agricultural requires that access to all network devices is granted based on identify validation, and an authentication server was installed for this purpose. Currently the network team uses a list of passwords based on regions to access the internal corporate network devices. Which protocol do you recommend to ensure identify validation from the authentication server to the corporate directory?

Options

  • AHTTPS
  • BTACACS+
  • CSSH
  • DLDAP

How the community answered

(16 responses)
  • A
    6% (1)
  • B
    6% (1)
  • D
    88% (14)

Why each option

LDAP is the standard protocol used by authentication servers to query and validate identities against a corporate directory service such as Active Directory.

AHTTPS

HTTPS is a web transport protocol for securing HTTP sessions and has no role in querying a corporate directory for identity validation.

BTACACS+

TACACS+ is a Cisco AAA protocol used between network devices and an authentication server, not between the authentication server and the corporate directory backend.

CSSH

SSH is a protocol for secure remote command-line access to devices and is not used for directory lookups or identity queries.

DLDAPCorrect

LDAP (Lightweight Directory Access Protocol) is specifically designed for querying and authenticating against directory services such as Microsoft Active Directory. When an authentication server needs to validate user credentials against a corporate directory, it uses LDAP or LDAPS to perform directory lookups. This is the standard integration protocol between authentication infrastructure and directory services for identity validation.

Concept tested: LDAP integration between authentication server and directory

Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16/sec-usr-aaa-xe-16-book/sec-ldap.html

Topics

#LDAP#authentication#identity validation#directory services

Community Discussion

No community discussion yet for this question.

Full 352-001 Practice