A company provides applications and database hosting services to multiple customers using isolated infrastructure-as-a-service services within the same data center environment. The environment is based on Cisco MDS 9000 Series Switches. The requirement is to manage the environment by using Fibre Channel Security Protocol and to enable user authentication when the centralized AAA server is unreachable. All communication between the MDS switches and the remote servers must be encrypted. Which command set must be used to meet these requirements? A. aaa group server radius RadiusServer1 aaa authentication login default RadiusServer1 B. aaa group server tacacs+ TacacsServer1 aaa authentication dhchap default group TacacsServer1 C. aaa group server radius RadiusServer1 aaa authentication dhchap default group RadiusServer1 D. aaa group server tacacs+ TacacsServer1 aaa authentication login console TacacsServer1 Â Suggested Answer: C FC-SP uses the DHCHAP protocol for authenticating authentication between MDS9000 and other devices could potentially use both tacacs and radius. However, since it tells us all communication between them should be encrypted, only TACACS provides full AAA encryption. Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/security/cisco_mds9000_security_config_guide_8x/ configuring_fcsp_dhchap.html#con_1247118 This question is in 350-601 DCCOR exam For getting CCNP Data Center Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Cisco. Trademarks, certification & product names are used for reference only and belong to Cisco.
Please login or Register to submit your answer
