Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 114

Which protocol is used to map usernames to user groups when User-ID is configured?

Answer options

• A. TACACS+
• B. SAML
• C. LDAP
• D. RADIUS

Correct answer: C

Explanation

LDAP is the correct answer because it is specifically designed to manage and retrieve user information, including group memberships. TACACS+, SAML, and RADIUS serve different purposes, such as authentication and single sign-on, but do not directly handle the mapping of usernames to user groups in the context of User-ID.