Q: 17
DRAG DROP [Secure Network Access, Visibility, and Enforcement] Refer to the exhibit. 
An engineer must configure a Cisco switch to perform PPP authentication via a TACACS server located at IP address 10.1.1.10. Authentication must fall back to the local database using the username LocalUser and password C1Sc0451069341l if the TACACS server is unreachable. Drag and drop the commands from the left onto the corresponding configuration steps on the right. 
Drag & Drop
Discussion
aaa new-model, tacacs-server host 10.1.1.10, tacacs-server key, aaa authentication ppp test group tacacs+ local
aaa new-model → tacacs-server host 10.1.1.10 → tacacs-server key → aaa authentication ppp test group tacacs+ local. Saw this order in the official guide and labs, looks like the standard setup flow for PPP + TACACS fallback.
Going With B is right. Had something like this in a mock and NetFlow is the main one for exporting app usage stats with AVC. SNMP is more device monitoring, not detailed AppVis. Pretty sure about this, but happy to hear if anyone sees it differently.
aaa new-model → tacacs-server host 10.1.1.10 → tacacs-server key → aaa authentication ppp test group tacacs+ local. I don't think swapping the key and host would work since the device needs to know the server address first. Pretty sure that's spot-on for this PPP + TACACS fallback config, unless someone sees a different trap?
Slight gotcha with ordering: if you put the tacacs-server key before specifying the host, the switch won't know which server to apply the key to. So it really does need to be: aaa new-model, tacacs-server host 10.1.1.10, tacacs-server key, then aaa authentication ppp test group tacacs+ local. Seen similar logic tested elsewhere.
Its C, since SNMP is typically used for stats and reporting on network devices. NetFlow seems more about traffic flows than app-level stats, right? If I'm missing something let me know.
Be respectful. No spam.
