CompTIA Network+ (N10-007) — Question 571

A network administrator wants to implement a switch management AAA method that will allow for per-user, command-level, granular permissions. Which of the following methods would BEST support the goals of the administrator?

Answer options

• A. RADIUS
• B. LDAP
• C. Certificate
• D. TACACS+

Correct answer: D

Explanation

TACACS+ is the best option because it allows for detailed control over user permissions at the command level, which aligns with the administrator's requirements. RADIUS, while useful for authentication, does not provide the same level of command granularity. LDAP is primarily for directory services and lacks the specific AAA functionalities needed here, and Certificates are not a management method but a means of authentication.