What is the process of password checks when a login attempt is made to the device?

Posted by: Pdfprep Category: 350-401 Tags: , ,

A network administrator applies the following configuration to an IOS device.

aaa new-model

aaa authentication login default local group tacacs+

What is the process of password checks when a login attempt is made to the device?
A . A TACACS+server is checked first. If that check fail, a database is checked?
B . A TACACS+server is checked first. If that check fail, a RADIUS server is checked. If that check fail. a local database is checked.
C . A local database is checked first. If that fails, a TACACS+server is checked, if that check fails, a RADUIS server is checked.
D . A local database is checked first. If that check fails, a TACACS+server is checked.

Answer: D

Explanation:

The “aaa authentication login default local group tacacs+” command is broken down as follows:

+ The ‘aaa authentication’ part is simply saying we want to configure authentication settings.

+ The ‘login’ is stating that we want to prompt for a username/password when a connection is made to the device.

+ The ‘default’ means we want to apply for all login connections (such as tty, vty, console and aux). If we use this keyword, we don’t need to configure anything else under tty, vty and aux lines. If we don’t use this keyword then we have to specify which line(s) we want to apply the authentication feature.

+ The ‘local group tacacs+” means all users are authenticated using router’s local database (the first method). If the credentials are not found on the local database, then the TACACS+ server is used (the second method).

Leave a Reply

Your email address will not be published.