Authentication Flashcards

1
Q

802.1X

A

This is a standards-based authentication method for wired and wireless connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

MAC Authentication Bypass(MAB)

A

for devices that lack 802.1x capability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Web Authentication

A

for guest access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Authentication

A

determine whether the user can access the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Authorization

A

controls what actions a user can perform

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Accounting

A

tracks user actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Posture assessment

A

allows you to validate and maintain endpoint security capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ISE CAN DO

A

AAA, Posture, and Guest Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Device administration

A

controlling access to who can log in to a network device console, telnet session, secure shell (SSH) session, or other method is one form of AAA that you should be aware of

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Network access

A

securing network access can provide the identity of the device or user before permitting the entity to communicate with the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Cisco Secure Access Control Server

A

has a capability to provide command sets, which are listing of commands that are permitted or denied to be run by an authenticated user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

RADIUS

A

used between the network access device (NAD) and the authentication server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

TACACS+

A

uses TCP port 49

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Difference between RADIUS and TACACS+

A

TACACS+ is able to separate authentication, authorization, and accounting as separate and independent functions
TACACS+ encrypt the entire payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

TACACS+ Authentication Messages

A
  1. START- This packet is used to begin the authentication request between the AAA client and the AAA server
    REPLY - Message sent from the AAA server to the AAA client
    CONTINUE - Message from the AAA client used to respond to the AAA server requests for username and password
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

All possible values returned by AAA server for TACACS authentication

A

ACCEPT- The user authentication succeeded and the authorization process may begin if the AAAclient is configured for authorization
REJECT - user authentication has failed. The login will be denied or the end-user will be prompted to try again, depending on the configuration of the AAA client
ERROR- An error occurred at some point during the authentication. AAA clients will typically attempt to authenticate the user again or attempt a different method of authenticating the user
CONTINUE - The user is prompted for additional information. This is not to be confused with the CONTINUE message sent from the AAA client to the AAA server.

17
Q

TACACS+ Authorization

A

When using TACACS+ for authorization, only two messages are used between the AAA client and the AAA server:

  1. REQUEST- this message is sent from the AAA client to the AAA server to request an authorization
  2. RESPONSE - This message is sent from the AAA server back to the AAA client with the results of the authorization request including specific details, such as the privilege level assigned to the end-user.

RESPONSE messages can contain one of five replies:
i. FAIL- This response indicates the user should be denied access to the requested service
ii. PASS_ADD - this response indicates a successful authorization, and the information contained within the RESPONSE message should be used in addition to the requested information.
iii. PASS_REPL- indicates a successful authorization, but the server has chosen to ignore the REQUEST and is replacing it with the information sent back in the RESPONSE
iv. FOLLOW- this reply indicates that the AAAserver wants the AAA client to send the authorization request to a different server. The new server information will be listed in the RESPONSE packet. The AAA client can use that new server or treat the response as a FAIL
V. ERROR- Areply of ERROR indicates a problem occurring on the AAA server and further troubleshooting needs to occur.

18
Q

TACACS+ Accounting Messages

A
  1. REQUEST- this message is sent from the AAA client to the AAA server to indicate a notification of activity.
    Three values can be included with the REQUEST:
    i.START - A start record indicates that the service has begun.
    ii.STOP- the stop record indicates that the service has ended
    iii.CONTINUE - The CONTINUE record is also sometimes referred to as a Watchdog or UPDATE record.
  2. RESPONSE - this message is sent from the AAA server back to the AAA client with the result of the accounting REQUEST and can contain one of three replies
    i. SUCCESS- indicates that the server received the record from the client
    ii. ERROR- indicates an error on the server and that the record from the client
    iii. FOLLOW- indicates that the server wants the client to send the record to a different AAA server and includes that server’s information in the RESPONSE
19
Q

RADIUS Authentication and Authorization Messages

A

Access-Request - This message is sent from the AAA client to the AAA server to request authentication and authorization
Access-Accept- sent from the AAA server to the AAA client signaling a passed authentication. The authorization result will be included as AV pairs. The AV-pairs can include items such as the assigned VLAN, a downloadable access control list , SGT and more.
Access-Reject- sent from the AAA server to the AAA client signaling the authentication failure. The failed authentication also signifies that no authorization has been granted
Access-Challenge- this optional message can be sent from the AAA server to the AAA client when additional information is needed

20
Q

RADIUS Account message types

A

Accounting- Request - This message is sent by the AAA client to the AAA server. This can include time, packets, DHCP information, CDP information and so on.
Accounting-Response- This message acts like an acknowledgment of receipt, so the AAA client knows the accounting message was received by the AAA server

21
Q

RADIUS protocol and port number

A

UDP 1812 and 1813