ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-620 All Questions

View all questions & answers for the 300-620 exam
Go to Exam

Exam 300-620 topic 1 question 133 discussion

Actual exam question from Cisco's 300-620
Question #: 133
Topic #: 1
[All 300-620 Questions]

A network administrator configures AAA inside the Cisco ACI fabric. The authentication goes through the local users if the TACACS+ server is not reachable. If the Cisco APIC is out of the cluster, the access must be granted through the fallback domain. Which configuration set meets these requirements?

  • A. Ping Check: True -
    Default Authentication Realm: Local
    Fallback Check: True
  • B. Ping Check: True -
    Default Authentication Realm: TACACS+
    Fallback Check: False
  • C. Ping Check: False -
    Default Authentication Realm: Local
    Fallback Check: False
  • D. Ping Check: False -
    Default Authentication Realm: TACACS+
    Fallback Check: True
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Narbledeath at April 17, 2023, 8:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sailorsoul
10 months ago
Selected Answer: B
Fallback check must be false.
upvoted 2 times
sailorsoul
9 months, 3 weeks ago
https://www.labminutes.com/dc0019_aci_aaa_radius_tacacs_3 12:20
upvoted 1 times
...
...
thinqtanklearningDOTcom
1 year, 5 months ago
Selected Answer: B
https://howtoaci.com/2018/05/21/tacacs-configuration-in-aci/ It is all documented here. And Cisco documentation also specifically states: Note: Make sure to leave/set the Fallback Check property to false. Setting the Fallback Check property to true may cause local logins to fail.
upvoted 2 times
...
Rododendron2
1 year, 6 months ago
Selected Answer: B
My tip is B Unclear what is supposed be the ping check Anyway Default Authentication Realm hall be TACACS+ and you shall not put fallback check on if required working fallback local authentication Note: Make sure to leave/set the Fallback Check property to false. Setting the Fallback Check property to true may cause local logins to fail. https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_ACI-TACACS-config.html
upvoted 3 times
...
Rododendron2
1 year, 6 months ago
How is done AAA server check if enabled check, but icmp check disabled ? What is the "secret check" that will allow the APIC out of cluster switch to fallback authentication ?
upvoted 1 times
thinqtanklearningDOTcom
1 year, 5 months ago
Note: Make sure to leave/set the Fallback Check property to false. Setting the Fallback Check property to true may cause local logins to fail.
upvoted 1 times
...
...
Narbledeath
1 year, 7 months ago
Selected Answer: D
Correct https://community.cisco.com/t5/application-centric-infrastructure/should-you-always-be-able-to-login-using-fallback-domain/m-p/4502626
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago