Exam 300-430 topic 1 question 254 discussion

When an autonomous access point (AP) is configured to use 802.1X authentication against the switch port it is attached to, the credentials (username and password) for the AP are defined on the RADIUS server. The RADIUS server is responsible for authenticating the AP when it connects to the switch port. Explanation of the options: A. RADIUS server: This is correct. The RADIUS server stores the credentials for the AP and performs the authentication when the AP connects to the switch port. B. Cisco Prime Infrastructure: Cisco Prime Infrastructure is used for network management and monitoring but does not store credentials for 802.1X authentication. C. wireless LAN controller (WLC): Autonomous APs do not use a WLC for configuration or authentication. They operate independently and communicate directly with the RADIUS server for 802.1X authentication. D. TACACS server: TACACS is used for administrative access control (e.g., logging into network devices) and is not used for 802.1X authentication of APs.

The credentials for 802.1X authentication on an autonomous access point are typically defined in the access point's configuration. The engineer would need to log into the access point's management interface, either through a web-based interface or a command line interface, and then define the credentials within the 802.1X authentication settings. This usually involves configuring the EAP (Extensible Authentication Protocol) method to be used (e.g., EAP-TLS, EAP-PEAP), as well as specifying the necessary identity and password information for the authentication process. Additionally, the engineer must also configure the corresponding settings on the switch port to which the access point is connected, in order to enable 802.1X authentication and specify the appropriate authentication server (RADIUS server) for the access point to communicate with during the authentication process.