A user complains about being locked out of a device after too many unsuccessful AAA login attempts. What could be used by the network administrator to provide a secure authentication access method without locking a user out of a device?

A user complains about being locked out of a device after too many unsuccessful AAA login attempts. What could be used by the network administrator to provide a secure authentication access method without locking a user out of a device?

• Use the login delay command for authentication attempts.
• Use the login local command for authenticating user access.
• Use the aaa local authentication attempts max-fail global configuration mode command with a higher number of acceptable failures.
• Use the none keyword when configuring the authentication method list.

Explanation: The login delay command introduces a delay between failed login attempts without locking the account​. This provides a user with unlimited attempts at accessing a device without causing the user account to become locked and thus requiring administrator intervention.

Exam with this question: CCNA Security Chapter 3 Exam Answers
Exam with this question: Network Security Final Exam Answers