Implementing and Operating Cisco Data Center Core Technologies (DCCOR) — Question 314

The Cisco TACACS+ on a Cisco Nexus Series Switch must authenticate any user attempting to access the device and fail over to the local account if the TACACS+ sever becomes unavailable.
Which command accomplishes these goals?

Answer options

• A. aaa authentication login default fallback error local
• B. aaa authentication login console group local
• C. aaa authentication login default local
• D. aaa authentication login default group ISE local

Correct answer: D

Explanation

The correct answer is D because it specifies the use of the TACACS+ server (group ISE) while providing a fallback to the local account if the server is unavailable. Option A incorrectly uses 'fallback error', which is not a valid syntax for authentication. Option B does not specify TACACS+ and only refers to console access, and option C does not include the group for TACACS+, only relying on local authentication.