Which of the following can be used to centrally manage credentials for various types of administrative privileges on configured network devices?
Click on the arrows to vote for the correct answer
A. B. C. D. E.B.
The correct answer is B. TACACS+.
TACACS+ (Terminal Access Controller Access Control System Plus) is a centralized authentication, authorization, and accounting (AAA) protocol that provides secure communication between network devices and a central server. It is commonly used to manage credentials for various types of administrative privileges on network devices such as routers, switches, and firewalls.
TACACS+ separates authentication, authorization, and accounting into three different stages, providing a more granular level of control over network access. This allows administrators to manage privileges and permissions for individual users or groups based on their roles and responsibilities within the organization.
SSO (Single Sign-On) is a different technology that allows users to access multiple applications and services with a single set of credentials, without having to authenticate multiple times. It is useful for end-users and not for network device administration.
Zero Trust is a security model that assumes all users and devices, whether inside or outside the network, are untrusted and must be verified before being granted access. It does not directly relate to credential management.
Separation of duties is a security principle that involves dividing responsibilities among multiple individuals to prevent a single person from having too much control or access. It is a useful principle but not directly related to credential management.
Multifactor authentication (MFA) is a security mechanism that requires users to provide more than one form of authentication to verify their identity, such as a password and a fingerprint. It is an effective way to enhance security but not directly related to credential management for network devices.
In summary, TACACS+ is the correct answer because it is a protocol specifically designed for centralized credential management for network devices, providing granular control over authentication, authorization, and accounting.