Implementing and Operating Cisco Data Center Core Technologies (DCCOR) — Question 145
An engineer is configuring AAA authentication on a Cisco MDS 9000 Series switch. The LDAP server is located under the IP 10.10.2.2. The data sent to the LDAP server should be encrypted. Which command should be used to meet these requirements?
Answer options
- A. ldap-server 10.10.2.2 port 443
- B. ldap-server 10.10.2.2 key SSL_KEY
- C. ldap-server host 10.10.2.2 key SSL_KEY
- D. ldap-server host 10.10.2.2 enable-ssl
Correct answer: D
Explanation
The correct command is D, 'ldap-server host 10.10.2.2 enable-ssl', because it explicitly enables SSL for secure communication with the LDAP server. Option A suggests using port 443, which is not specifically for LDAP encryption. Options B and C incorrectly focus on a key without enabling SSL, which is essential for securing the LDAP connection.