Which of the following actions should a security engineer take to implement Active Directory authentication on Layer 2 switches and ensure local fallback?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for your CompTIA Security+ (SY0-601) Certification Exam. Study with multiple-choice questions, each with detailed hints and explanations. Boost your confidence and get ready for your certification!

Multiple Choice

Which of the following actions should a security engineer take to implement Active Directory authentication on Layer 2 switches and ensure local fallback?

Explanation:
To implement Active Directory authentication on Layer 2 switches while ensuring local fallback, configuring AAA (Authentication, Authorization, and Accounting) on the switch with local login as secondary is the most appropriate action. This setup allows the switch to first authenticate users against the Active Directory via an authentication protocol like RADIUS. If this primary authentication method fails—perhaps due to network issues or if the Active Directory server is inaccessible—the switch can revert to local authentication, ensuring that users can still log in. Implementing RADIUS is a strong option for centralized authentication and would support Active Directory authentication, but it wouldn't specifically address the need for local fallback without additional configuration. TACACS+ is another protocol that provides similar capabilities to RADIUS, however, it is not typically used in conjunction with Active Directory as commonly as RADIUS is. Enabling the local firewall on the Active Directory server is not relevant to supporting direct authentication or fallback procedures for Layer 2 switches. In summary, the best approach here is configuring AAA with local login as secondary, which effectively creates a robust authentication strategy that accommodates both primary and fallback methods.

To implement Active Directory authentication on Layer 2 switches while ensuring local fallback, configuring AAA (Authentication, Authorization, and Accounting) on the switch with local login as secondary is the most appropriate action. This setup allows the switch to first authenticate users against the Active Directory via an authentication protocol like RADIUS. If this primary authentication method fails—perhaps due to network issues or if the Active Directory server is inaccessible—the switch can revert to local authentication, ensuring that users can still log in.

Implementing RADIUS is a strong option for centralized authentication and would support Active Directory authentication, but it wouldn't specifically address the need for local fallback without additional configuration. TACACS+ is another protocol that provides similar capabilities to RADIUS, however, it is not typically used in conjunction with Active Directory as commonly as RADIUS is. Enabling the local firewall on the Active Directory server is not relevant to supporting direct authentication or fallback procedures for Layer 2 switches.

In summary, the best approach here is configuring AAA with local login as secondary, which effectively creates a robust authentication strategy that accommodates both primary and fallback methods.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy