HPE Aruba Certified Mobility Professional (ACMP) — Question 56

A company wants to implement RADIUS authentication of all managers who log in to AOS-Switches via SSH. The RADIUS server also sends VSAs that indicate which commands users can enter, and switches must honor these.
What must the administrator do to meet the company's requirements?

Answer options

• A. Set the command access level to manager mode; also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable.
• B. Set RADIUS for aaa authentication ssh login, also enable authentication privilege-login mode, which allows the switch to accept all RADIUS VSAs.
• C. Set command authorization to RADIUS, also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable. , which allows the switch to accept all RADIUS VSAs.

Correct answer: B

Explanation

The correct answer is B because it specifically enables authentication privilege-login mode, allowing the switch to accept all RADIUS VSAs. Option A fails to address command authorization, and option C, while it mentions RADIUS for login, does not include the necessary authentication privilege-login mode that is crucial for recognizing the VSAs.