What to configure on routes if TACACS+ authentication fails? (Choose two.)

A. Configure local username and password

B. Include "˜local' keyword in AAA config

C. aaa accounting exec default start-stop tacacs+

D. ip ssl certificate-data-file tftp 192.168.9.210 certfile








 

Suggested Answer: AB

device(config)#enable telnet authentication
device(config)#aaa authentication login default tacacs local
The commands above cause TACACS/TACACS+ to be the primary authentication method for securing Telnet/SSH access to the CLI. If TACACS/TACACS+ authentication fails due to an error with the server, authentication is performed using local user accounts instead.
Reference:
http://www.brocade.com/content/html/en/configuration-guide/FI_08030_SECURITY/GUID-162894DA-A189-4A10-AE28-BD31214D62BA.html

This question is in 300-101 Cisco Implementing Cisco IP Routing (ROUTE) Exam
For getting Cisco Certified Network Professional (CCNP) Routing and Switching Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.