HPE Aruba Certified Mobility Professional (ACMP) — Question 77

A company wants to implement RADIUS authentication of all managers who log in to AOS-Switches via SSH. The RADIUS server also sends VSAs that indicate which commands users can enter, and switches must honor these.
What must the administrator do to meet the company's requirements?

Answer options

• A. Set the command access level to manager mode; also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable.
• B. Set RADIUS for aaa authentication ssh login, also enable authentication privilege-login mode, which allows the switch to accept all RADIUS VSAs.
• C. Set command authorization to RADIUS, also set RADIUS for aaa authentication ssh login and aaa authentication ssh enable.
• D. Set RADIUS for aaa authentication ssh login and aaa authentication ssh enable, which allows the switch to accept all RADIUS VSAs.

Correct answer: B

Explanation

The correct answer is B because it specifically enables authentication privilege-login mode, which allows the switch to accept all RADIUS VSAs. Options A, C, and D do not adequately address the requirement for recognizing RADIUS VSAs, which is essential for ensuring proper command access based on the roles defined by the RADIUS server.