AAA Flashcards
What are the 6 AAA Accounting types?
Network Accounting
Connection Accounting
EXEC Accounting
System Accounting
Command Accounting
Resource Accounting
Which portion of AAA looks at what a user has access to?
authorization
Which command creates a login authentication method named “login” that will primarily use RADIUS and fail over to the local user database?
aaa authentication radius local
eg:
aaa authentication login login radius loca
Which AAA Authorization type includes PPP, SLIP, and ARAP connections?
network
Which authentication service is needed to configure 802.1x?
RADIUS with EAP Extension
username cisco password cisco
!
aaa new-model
!
radius-server host 10.1.1.50 auth-port 1812 key C1sc0123
aaa authentication login default group radius local line
aaa authentication login NO_AUTH none
!
line vty 0 15
login authentication default
password linepass
line console 0
login authentication NO_AUTH
!
Which login credentials are required when connecting to the console port in this output?
none required
sername cisco password cisco
!
aaa new-model
!
radius-server host 10.1.1.50 auth-port 1812 key C1sc0123
aaa authentication login default group radius local line
aaa authentication loging NO_AUTH none
!
line vty 0 15
login authentication default
password linepass
line console 0
login authentication NO_AUTH
When a network administrator is attempting an SSH connection to the device, in which order does the device check the login credentials?
RADIUS server, local username, line password
What does AAA stand for?
Authentication, Authorization, Accounting
What is *Authentication*?
Authentication verifies the credentials of the client.
What is *Authorization*?
Authorization determines the privileges of authenticated clients.
What is *Accounting*?
Accounting is a gathering of statistics and is typically a separate process aside from Authentication/Authorization.
What is *TACACS+*?
TACACS+ is a Cisco Proprietary protocol that enables AAA. Uses TCP port 49 for communication.
What is *RADIUS*?
RADIUS is an IETF Standard protocol that enables AAA. Uses UDP port 1812 and 1813.
What is local privilege authorization fallback?
Generally, when setting up AAA authentication, you can also set up backup protocols in case the primary fails. In this scenario, you will want to enable local as your backup.
What configuration command enables AAA?
Sw1(config)# aaa new-model
Sw1(config)# aaa authentication login default group <radius></radius>