Where would you look for the problem?

Refer to the exhibit. The ABC Corporation is changing remote-user authentication from preshared keys to certificate-based authentication. For most employee authentication, its group membership (the employees) governs corporate access. Certain management personnel need access to more confidential servers. Access is based on the group and name, such as finance and level_2. When it is time to pilot the new authentication policy, a finance manager is able to access the department-assigned servers but cannot access the restricted servers.


As the network engineer, where would you look for the problem?
A. Check the validity of the identity and root certificate on the PC of the finance manager.
B. Change the Management Certificate to Connection Profile Maps > Rule Priority to a number that is greater than 10.
C. Check if the Management Certificate to Connection Profile Maps > Rules is configured correctly.
D. Check if the Certificate to Connection Profile Maps > Policy is set correctly.

cisco-exams

2 thoughts on “Where would you look for the problem?

  1. Correct answer is B. Management priority is 8, lower number gets assign first. If you change Management map to higher than 10, than the DefaultCertificateMap will be first.

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.