Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 998

A network engineer is enabling HTTPS access to the core switch, which requires a certificate to be installed on the switch signed by the corporate certificate authority. Which configuration commands are required to issue a certificate signing request from the core switch?

Answer options

• A. Core-Switch(config)#crypto pki enroll Core-Switch Core-Switch(config)#ip http secure-trustpoint Core-Switch
• B. Core-Switch(config)#ip http secure-trustpoint Core-Switch Core-Switch(config)#crypto pki enroll Core-Switch
• C. Core-Switch(config)#crypto pki trustpoint Core-Switch Core-Switch(ca-trustpoint)#enrollment terminal Core-Switch(config)#crypto pki enroll Core-Switch
• D. Core-Switch(config)#crypto pki trustpoint Core-Switch Core-Switch(ca-trustpoint)#enrollment terminal Core-Switch(config)#ip http secure-trustpoint Core-Switch

Correct answer: C

Explanation

The correct answer is C because it properly configures the trustpoint and sets the enrollment method before issuing the certificate signing request. Options A and B do not correctly establish the trustpoint before attempting to enroll, while option D incorrectly places the secure trustpoint command after the enrollment command, which is not the correct order.