ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 808 discussion

Actual exam question from Cisco's 350-401
Question #: 808
Topic #: 1
[All 350-401 Questions]



Refer to the exhibit. An engineer configured TACACS+ to authenticate remote users, but the configuration is not working as expected. Which configuration must be applied to enable access?

  • A. R1 (config)# ip tacacs source-interface Gig 0/0
  • B. R1 (config)# tacacs server prod -
    R1(config-server-tacacs)# port 1020
  • C. R1 (config)# aaa authorization exec default group tacacs+ local
  • D. R1 (config)# tacacs server prod -
    R1(config-server-tacacs)# key cisco123
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by kaupz at Oct. 31, 2023, 12:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AbdullahMohammad251
6 months, 4 weeks ago
Selected Answer: D
The log message "TPLUS: Invalid AUTHEN packet (check keys)" from the exhibit indicates a problem with the shared secret between the client and server. TACACS+ utilizes symmetric-key cryptography. The authenticated client in our example used a different encryption key from the server's. Option 'C' ensures that both the client, and the server encrypt their messages using the same key (shared secret, or a.k.a. a pre-configured key.)
upvoted 1 times
...
[Removed]
11 months ago
Selected Answer: D
D is correct
upvoted 2 times
...
teems5uk
1 year, 3 months ago
Selected Answer: D
D. bash Copy code R1(config)# tacacs server prod R1(config-server-tacacs)# key cisco123 This configuration sets up the TACACS+ server named "prod" with the key "cisco123". Ensure that the key configured on the router matches the key configured on the TACACS+ server. Also, make sure that the TACACS+ server is reachable and correctly configured to handle authentication requests from the router.
upvoted 3 times
...
Horsefeathers
1 year, 4 months ago
Selected Answer: D
This is a sample debug output from the Router, when the TACACS server is configured with a wrong pre shared key: ... *Apr 6 13:35:07.886: TPLUS: received bad AUTHEN packet: length = 6, expected 43974 *Apr 6 13:35:07.886: TPLUS: Invalid AUTHEN packet (check keys). https://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-tacacs-/200467-Troubleshoot-TACACS-Authentication-Issue.html
upvoted 4 times
...
raajj354
1 year, 4 months ago
Please explain. I cannot understand.
upvoted 1 times
Shri_Fcb10
7 months, 2 weeks ago
look at the last line in the log, it says check key. so issue is with the credentials
upvoted 1 times
...
IgorLVG
1 year, 1 month ago
the key is "(check key)" so the problem is the credential!
upvoted 1 times
...
...
kaupz
1 year, 5 months ago
Selected Answer: D
Correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago