SY0-501 · Question #448
SY0-501 Question #448: Real Exam Question with Answer & Explanation
The correct answer is A: TACACS+. For centralized network device authentication management, TACACS+ and RADIUS are the industry-standard AAA protocols designed specifically for this purpose. Both provide centralized authentication servers that network devices can query instead of relying on local accounts.
Question
An organization is expanding its network team. Currently, it has local accounts on all network devices, but with growth, it wants to move to centrally managed authentication. Which of the following are the BEST solutions for the organization? (Sect TWO)
Options
- ATACACS+
- BCHAP
- CLDAP
- DRADIUS
- EMSCHAPv2
Explanation
For centralized network device authentication management, TACACS+ and RADIUS are the industry-standard AAA protocols designed specifically for this purpose. Both provide centralized authentication servers that network devices can query instead of relying on local accounts.
Common mistakes.
- B. CHAP (Challenge Handshake Authentication Protocol) is a point-to-point authentication protocol used to verify identity during link establishment, not a centralized AAA framework for managing network device authentication across an organization.
- C. LDAP (Lightweight Directory Access Protocol) is a directory service query protocol used to look up and manage objects in a directory like Active Directory, but it is not itself a network device AAA solution and lacks the native accounting and authorization features needed for centralized network device management.
- E. MSCHAPv2 (Microsoft Challenge Handshake Authentication Protocol version 2) is a mutual authentication protocol primarily used for VPN and wireless client authentication, not a centralized AAA solution for managing administrative access to network infrastructure devices.
Concept tested. Centralized AAA protocols for network device authentication
Community Discussion
No community discussion yet for this question.