AAA Flashcards
Which portion of AAA looks at what a user has access to? A. authorization B. authentication C. accounting D. auditing
A. authorization
Which command creates a login authentication method named “login” that will primarily use RADIUS and fail over to the local user database?
A. (config)# aaa authentication login default radius local
B. (config)# aaa authentication login login radius local
C. (config)# aaa authentication login default local radius
D. (config)# aaa authentication login radius local
B. (config)# aaa authentication login login radius local
Which command globally enables AAA on a device? A. aaa new-model B. aaa authentication C. aaa authorization D. aaa accounting
A. aaa new-model
Which AAA Authorization type includes PPP, SLIP, and ARAP connections? A. network B. IP mobile C. EXEC D. auth-proxy
A. network
Which authentication service is needed to configure 802.1x? A. RADIUS with EAP Extension B. TACACS+ C. RADIUS with CoA D. RADIUS using VSA
A. RADIUS with EAP Extension
A network engineer configures port security and 802.1x on the same interface. Which option describes what this configuration allows?
A. It allows port security to secure the MAC address that 802.1x authenticates.
B. It allows port security to secure the IP address that 802.1x authenticates.
C. It allows 802.1x to secure the MAC address that port security authenticates.
D. It allows 802.1x to secure the IP address that port security authenticates
A. It allows port security to secure the MAC address that 802.1x authenticates.
AAA question about the command used to login a user and set immediate access to privilege mode.
A. aaa authorization exec default group radius
B. aaa authorization default group radius
C. aaa authorization radius default group
A. aaa authorization exec default group radius
What are three types of RADIUS server responses? (Choose three) A. Accept B. Reject C. Challenge D. Get Password E. Cancel
A. Accept
B. Reject
C. Challenge
Which are features of TACACS+? (Choose three)
A. Supports backwards compatible with TACACS
B. Encrypts the header
C. Encrypts the whole payload
D. Uses TCP
E. Uses UDP
F. Separates Authentication & Authorization
C. Encrypts the whole payload
D. Uses TCP
F. Separates Authentication & Authorization
Which command is used to configure vendor-specific attributes with RADIUS?
A. radius-server vsa send
B. vendor-specific attribute
A. radius-server vsa send
Which two types of packets do TACACS+ work with? (Choose two) A. reply B. request C. response D. record
B. request
C. response
Which two encryption features are used for TACACS+ and RADIUS? (Choose two)
A. It uses the entire packet.
B. It uses username and password.
C. It uses only password.
A. It uses the entire packet.
C. It uses only password.
Which three features about TACACS+ are true? (Choose three)
A. It supports TCP port 49
B. It supports packet encryption
C. It supports client-server architecture
D. It supports client-private cloud architecture
A. It supports TCP port 49
B. It supports packet encryption
C. It supports client-server architecture
Which two packet types for authentication and authorization are used in TACACS+? (Choose two) A. request B. continue C. response D. start E. stop
A. request
C. response
Which statement is true about TACACS+?
A. It is a Cisco proprietary technology
B. Support several less common protections in address to IP
C. More reliable than RADIUS because it communicate with UDP packets
D. Backwards compatible with TACACS
A. It is a Cisco proprietary technology