HPE Aruba Certified ClearPass Expert (ACCX) — Question 34

When discussing ArubaOS-CX support for TACACS+ authentication with a customer, which statement is valid? (Choose two.)

Answer options

• A. Up to eight authentication servers can be configured in the aaa group configuration for TACACS+.
• B. The server and switch authentication traffic is encrypted with TLS 1.3.
• C. The servers defined in the group are used for authentication in a round-robin manner.
• D. The server and switch use a shared key.
• E. The servers defined in the group are used for the authentication in the order they are entered.

Correct answer: A, D

Explanation

Option A is correct because ArubaOS-CX allows the configuration of up to eight TACACS+ authentication servers in the aaa group. Option D is also correct as it indicates that the server and switch utilize a shared key for secure communication. Options B, C, and E are incorrect because TLS 1.3 is not specified for TACACS+, round-robin is not the method used, and the order of server usage is not strictly sequential.