Home » Cisco » 300-115 » What switch security configuration requires AAA to be configured on the switch?
What switch security configuration requires AAA to be configured on the switch?
A. VACL
B. 802.1x
C. Private VLAN
D. port security
Correct Answer: B
Explanation/Reference:
Answer:
802.1x requires AAA to be configured on the switch. 802.1x uses AAA authentication to control access to the port.
The overall steps required to configure a switch for 802.1x are:
Enable AAA on the switch.
Define the external RADIUS server(s) and the key to be used for encryption.
Define the authentication method.
Enable 802.1x on the switch.
Configure each switch port that will use 802.1x.
Optionally allow multiple hosts on the switch port.
<font size="2" face=
Objective:
Infrastructure Security Sub-Objective:
Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
References:
Cisco > Catalyst 6500 Series Cisco IOS Software Configuration Guide, 12.1E > Configuring 802.1X Port-Based Authentication
https://www.cisco.com/c/en/us/td/docs/routers/connectedgrid/cgr1000/1_0/software/configuration/guide/security/security_Book/sec_aaa_cgr1000.html#85708
Process for Configuring AAA
To configure AAA authentication and accounting, follow these steps:
Step 1 When you want to use remote RADIUS or TACACS+ servers for authentication, and to configure the hosts on your Cisco CG-OS router, refer to Chapter 2, “Configuring RADIUS” and Chapter 3, “Configuring TACACS+”).
Step 2 Enable the Default User Role for Authentication. (See Enabling the Default User Role for Authentication.)
Step 3 Enable the Login Authentication Failure Messages. (See Enabling Login Authentication Failure Messages.)
Step 4 Configure default login authentication methods for user logins. (See Configuring Default Login Authentication Methods.)
Step 5 Configure default AAA accounting default methods. (See Configuring AAA Accounting Default Methods.)