JN0-105 Exam - Question 17

Seems the correct answer should be (B) Explanation: In the scenario where the system authentication order is set to 'tacplus radius password,' the correct statement is (B). If the TACACS+ and RADIUS servers are unreachable or fail to respond, the system will fall back to using password authentication. This ensures that users can still authenticate using locally stored passwords if external authentication servers are unavailable.

If the authentication order includes RADIUS or TACACS+ servers, but the servers do not respond to a request, Junos OS always defaults to trying local password authentication as a last resort.

B accurately describes the scenario where password authentication is used as a last resort when both TACACS+ and RADIUS servers fail to respond.

A and B are both correct. C and D are wrong. If the first option responds with a reject the other options are not tried. If the first one doesn’t respond then the router tries the next option.

https://www.networkcuriosity.com/junos-authentication-order/#:~:text=Junos%20can%20authenticate%20users%20using,locally%20configured%20accounts%20and%20passwords.

D is the correct answer because you have three types of authentication listed in the config and because of that it will try all three regardless of any failures or rejects. If password wasn't listed and a rejection was recived by either tacplus or radius then password will not be referenced.

Actually C is the correct answer.