10.2_Access Control

Question 1

The simplest method of remote access authentication is to configure a login and password combination on ____

Answer 1

console, vty lines, and aux ports

Question 2

TRUE OR FALSE
The method of configuring the password and login is the easiest to implement, but it is also the weakest and least secure.

Answer 2

TRUE
This method provides no accountability and the password is sent in plaintext. Anyone with the password can gain entry to the device.

Question 3

Code to implement password on console, vty lines, and aux

Answer 3

line vty 0 4
password cisco
login

line console 0 5
password cisco
login

Question 4

____ is a more secure form of remote acceass

Answer 4

SSH

Question 5

SSH implementation codes

Answer 5

ip domain-name example.com
crypto generate rsa general-keys modulus 2048
username Admin secret Str0ng3rPa55word
ssh version 2
line vty 0 4
transport input ssh
login local

Question 6

AAA

Answer 6

Authentication, Authorization, and Accounting

Question 7

__ is a way to control who is permitted to access a network (authenticate), what they can do while they are there (authorize), and to audit what actions they performed while accessing the network (accounting).

Answer 7

AAA

Question 8

___ are two common methods of implementing AAA authentication.

Answer 8

Local and server-based

Question 9

AUTHENTICATION
___ stores usernames and passwords locally in a network device such as the Cisco router. It is ideal for small networks

Answer 9

Local AAA

Question 10

AUTHENTICATION
With the ___method, the router accesses a central AAA server.

Answer 10

server-based AAA Authentication

Question 11

Server-Based AAA Authentication

The router uses either the ___(RADIUS) or ___ (TACACS+) protocols to communicate with the AAA server

Answer 11

Remote Authentication Dial-In User Service
Terminal Access Controller Access Control System

Question 12

____ is automatic and does not require users to perform additional steps after authentication.

Answer 12

AAA Authorization

Question 13

__ governs what users can and cannot do on the network after they are authenticated.

Answer 13

Authorization

Question 14

___uses a set of attributes that describes the user’s access to the network

Answer 14

Authorization

Question 15

__ collects and reports usage data.

Answer 15

AAA accounting

Question 16

The___ standard is a port-based access control and authentication protocol. This protocol restricts unauthorized workstations from connecting to a LAN through publicly accessible switch ports.

Answer 16

IEEE 802.1X

Question 17

802.1X

This is a device running 802.1X-compliant client software, which is available for wired or wireless devices.

Answer 17

Client (Supplicant)

Question 18

802.1X
The ____ acts as an intermediary between the client and the authentication server. It requests identifying information from the client, verifies that information with the authentication server, and relays a response to the client. Another device that could act as authenticator is a wireless access point.

Answer 18

Switch (Authenticator)

Question 19

802.1X
The ___validates the identity of the client and notifies the switch or wireless access point that the client is or is not authorized to access the LAN and switch services.

Answer 19

Authentication Server