A security administrator is tasked with implementing centralized management of all network devices. Network administrators will be required to logon to network devices using their LDAP credentials. All command executed by network administrators on network devices must fall within a preset list of authorized commands and must be logged to a central facility.
Which of the following configuration commands should be implemented to enforce this requirement?
A. LDAP server 10.55.199.3
B. CN=company, CN=com, OU=netadmin, DC=192.32.10.233
C. SYSLOG SERVER 172.16.23.50
D. TACAS server 192.168.1.100
D But only if the actual wording on the test specifies “TACACS+” not “TACAS” – else B.
TACACS+ provides accounting support, centralized authentication, and allows a network administrator to define what commands a user may run (authorization). All the AAA packets are encrypted, not just passwords. TACACS+ authentication settings provide three choices: LDAP or TCACS+ or SAML credentials. (You have the option to login using LDAP credentials).
https://avinetworks.com/docs/18.2/tacacs-authentication/