ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 400-007 All Questions

View all questions & answers for the 400-007 exam
Go to Exam

Exam 400-007 topic 1 question 152 discussion

Actual exam question from Cisco's 400-007
Question #: 152
Topic #: 1
[All 400-007 Questions]

Company XYZ uses an office model where the employees can use any open desk and plug their laptops in. They want to authenticate the end users using their domain username and password before allowing them access to the network. The design must also accommodate the ability of controlling traffic within the same group or subnet if a macro (or micro) segmentation-based model is adopted in the future. Which protocol can be recommended for this design to authenticate end users?

  • A. LDAP
  • B. EAP
  • C. TACACS+
  • D. RADIUS
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by vn at Dec. 14, 2022, 1:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kalulosu
4 months, 4 weeks ago
Selected Answer: D
I think ans is D. RADIUS is a protocol that provides user authentication, authorization, and accounting for network access.
upvoted 1 times
...
Seawanderer
6 months, 3 weeks ago
Selected Answer: D
EAP is a transport protocol, it doesn't authenticate users
upvoted 1 times
...
anonymousch
7 months ago
Selected Answer: D
They ask for a protocol. EAP is a framework, the protocols are EAP-xxx.
upvoted 1 times
...
skjs
10 months, 1 week ago
Selected Answer: B
NAC section of the cert guide mentions EAP as the authentication protocol, detailing all EAP variants. To keep it simple I vote B
upvoted 1 times
...
Jentti
1 year, 6 months ago
Selected Answer: D
Radius support providing dynamic VLAN after authentication and this VLAN can be configured as a private-vlan, enabling micro-segmentation.
upvoted 3 times
...
AsaHung
1 year, 7 months ago
i select answer :B, RADIUS is use between AAA Server and NAD , the question is authentication end users , it will EAP not RADIUS
upvoted 1 times
...
bdp123
1 year, 7 months ago
Selected Answer: D
After further thought, EAP is a Framework and the protocols are EAP-TLS, EAP-FAST, EAP-MSCHAP, etc - Probably RADIUS is a better choice. https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html
upvoted 1 times
...
bdp123
1 year, 7 months ago
Selected Answer: B
This sounds like they are describing 802.1x in which case EAP over Lan (EAPoL) is used to authenticate end users https://www.securew2.com/solutions/802-1x
upvoted 3 times
...
Akkisingh
1 year, 7 months ago
Selected Answer: D
Changed my mind, in Cisco point of view, it might be RADIUS, EAP being framework, Radius is doing the the actual auth, so more correct ans
upvoted 2 times
...
Akkisingh
1 year, 7 months ago
Selected Answer: B
B, Extensible Authentication Protocol (EAP), though it's more of a framework. It can use RADIUS or many other protocol, such as DIAMETER (successer of RADIUS)
upvoted 1 times
...
dongho
1 year, 8 months ago
Selected Answer: D
the same group or subnet if a macro (or micro) segmentation-based model is adopted in the future . it's D.
upvoted 2 times
...
gcpengineer
1 year, 9 months ago
Selected Answer: B
B is the ans. As extensible auth protocol (EAP) is used for user access to network
upvoted 2 times
...
pizdecvsemu
1 year, 9 months ago
Selected Answer: D
I vote for D - RADIUS. EPA is just a wrapper and used for authentication (success of failure). RADIUS can send authorization data and for the segmentation it's a must.
upvoted 1 times
gcpengineer
1 year, 9 months ago
It can't be RADIUS, as TACACS+ is also similar
upvoted 2 times
biddid2
1 year, 9 months ago
RADUIS is for authenication only, TACACS+ is also for authorization but used ages of years, not for future.
upvoted 1 times
...
...
...
vn
2 years ago
D (group based or subnet based). I believe it is alluding to Cisco ISE. https://www.networkstraining.com/what-is-cisco-ise/
upvoted 4 times
schwabenschulle
1 year, 9 months ago
I think EAP is the correct answer although I'm not 100% sure. That's a complex question. Finally EAP and Radius plays a role in this kind of authentication (SD-Access, 802.1x). EAP get encapsulated in AAA. Therefore I vote for EAP.
upvoted 1 times
...
biddid2
1 year, 9 months ago
Yes, you are right, ISE is using RADIUS, but also support EAP which has more function and encryption. So I support answer B.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel