ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 217 discussion

Actual exam question from Cisco's 300-715
Question #: 217
Topic #: 1
[All 300-715 Questions]

An engineer is unable to use SSH to connect to a switch after adding the required CLI commands to the device to enable TACACS+. The device administration license has been added to Cisco ISE, and the required policies have been created. Which action is needed to enable access to the switch?

  • A. The ip ssh source-interface command needs to be set on the switch
  • B. 802.1X authentication needs to be configured on the switch.
  • C. The RSA keypair used for SSH must be regenerated after enabling TACACS+.
  • D. The switch needs to be added as a network device in Cisco ISE and set to use TACACS+.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by JimboOh at March 12, 2023, 4:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JimboOh
Highly Voted 1 year, 2 months ago
I think D is right https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200208-Configure-ISE-2-0-IOS-TACACS-Authentic.html#anc14
upvoted 5 times
CCNP21
11 months ago
I agree. Thanks for the link.
upvoted 2 times
...
...
Ancash08
Most Recent 11 months, 2 weeks ago
I think it is B. The question indicates that the required policies have been created, that is, the switch has already been added to ISE. In addition, the TACACS+ commands have been configured, but it does not indicate anything about the SSH configuration.
upvoted 1 times
XBfoundX
6 months, 1 week ago
Nope, you will not use tacacs for 802.1x authentication, only radius is used. In this case only scenario here that we got it that the switch is configured, policy are done but the Network Device is not added to the list of devices so ISE cannot communicate via tacacs for validating the sessions for that specific NAD.
upvoted 4 times
...
IETF1
6 months, 2 weeks ago
You can create policies without adding NAD in ISE. So it is a separate step.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel