Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNP SISE 300-715 > CH 1 > Flashcards

CH 1 Flashcards

1
Q

involves controlling access to
who can log in to a network device console, Telnet session, or Secure Shell (SSH) session

A

Device administration AAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

involves securing network access to ensuring
the identity of the device or user before permitting the entity to communicate with
the network.

A

Network access AAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

lists of commands that an authenticated user
is either permitted or not permitted to run

A

command sets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IEEE 802.1X cannot use which protocol?

A

TACACS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TACACS+ was not supported by Cisco ISE until which ISE Version?

A

2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

which part of a packet is encrypted with TACACS+ and which port does TACACS+ use?

A

the entire packet, TCP 49

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When using TACACS+ for authentication, what are the three types of packets exchanged between the client (the network device) and the server:

A

START, REPLY, CONTINUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

This packet is used to begin the authentication request between the AAA
client and the AAA server

A

START

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

These messages are sent from the AAA server to the AAA client.

A

REPLY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

These messages from the AAA client are responses to the AAA server
requests for usernames and passwords

A

CONTINUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The final REPLY message from the AAA server to the AAA client can include the following
possible values:

A

ACCEPT, REJECT, ERROR, CONTINUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The user authentication succeeded, and the authorization process may
begin, if the AAA client is configured for authorization

A

ACCEPT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The user authentication failed. The login is denied or the end user is prompted to try again, depending on the configuration of the AAA client

A

REJECT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An error occurred at some point during the authentication. AAA clients typically attempt to authenticate the user again or attempt a different method of authenticating the user

A

ERROR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The user is prompted for additional information. This value sent from
the AAA server within a REPLY message, indicating that more information is required,
should not be confused with the CONTINUE message sent from the AAA client to
the AAA server

A

CONTINUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When using TACACS+ for authorization, only two messages are used between the AAA
client and the AAA server:

A

REQUEST or RESPONSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

This message is sent from the AAA client to the AAA server to request
authorization

A

REQUEST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

This message is sent from the AAA server back to the AAA client with
the result of the authorization request, including specific details, such as the privilege
level assigned to the end user.

A

RESPONSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A RESPONSE message may contain one of the following replies:

A

FAIL, PASS_ADD, PASS_REPL, FOLLOW, ERROR

20
Q

This response indicates that the user should be denied access to the
requested service.

A

FAIL

21
Q

This response indicates successful authorization, and the information contained within the RESPONSE message should be used in addition to the requested information.

A

PASS_ADD

22
Q

This response indicates successful authorization, but the server has
chosen to ignore the REQUEST message and is replacing it with the information
sent back in the RESPONSE message.

A

PASS_REPL

23
Q

This reply indicates that the AAA server wants the AAA client to send
the authorization request to a different server. The new server information will be
listed in the RESPONSE packet. The AAA client may use that new server or treat
the response as a FAIL.

A

FOLLOW

24
Q

This response indicates a problem occurring on the AAA server. Further
troubleshooting needs to occur.

A

ERROR

25
Q

With accounting, there are two message types used. What are they?

A

Request, Response

26
Q

This message is sent from the AAA client to the AAA server to indicate a
notification of activity

A

Request

27
Q

Three values that may be included in a REQUEST message:

A

Start, Stop, Continue

28
Q

This value indicates that a service has begun

A

Start

29
Q

This value indicates that the service has ended

A

Stop

30
Q

sometimes referred to as a Watchdog or
UPDATE record, is sent when a service has already started and is in progress, but
there is updated information to provide in relationship to the service

A

Continue

31
Q

This message is sent from the AAA server back to the AAA client
with the result of the accounting REQUEST message

A

RESPONSE

32
Q

RESPONSE messages may contain one of 3 replies:

A

Success, Error, Follow

33
Q

This value indicates that the server received the record from the client

A

Success

34
Q

This value indicates an error on the server and that the record was not
stored

A

Error

35
Q

This value indicates that the server wants the client to send the record
to a different AAA server and includes that server’s information in the RESPONSE
message

A

Follow

36
Q

An IETF standard for AAA, based on client/server model, protocol of choice for network access AAA.

A

RADIUS

37
Q

One of the major differences in RADIUS and TACACS is that “what” is not separated in a RADIUS transaction.

A

authentication and authorization

38
Q

What are the message types with RADIUS authentication/authorization?

A

Access-Request, Access-Accept, Access-Reject, Access-Challenge

39
Q

This message is sent from the AAA client to the AAA server to
request authentication and authorization

A

Access-Request

40
Q

This message is sent from the AAA server to the AAA client to signal
a passed authentication

A

Access-Accept

41
Q

This message is sent from the AAA server to the AAA client to signal
authentication failure and indicate that no authorization has been granted

A

Access-Reject

42
Q

This optional message may be sent from the AAA server to the
AAA client when additional information is needed, such as a second password for
two-factor authentications

A

Access-Challenge

43
Q

What are the 2 types of messages used in RADIUS accounting?

A

Accounting-Request, Accounting-Response

44
Q

This message is sent by the AAA client to the AAA server. It
may include time, packets, DHCP information, CDP information, and so on. The message may be a START message indicating that service has begun or a STOP message
indicating the service has ended.

A

Accounting-Request

45
Q

This message acts as an acknowledgment of receipt, so the
AAA client knows the accounting message was received by the AAA server.

A

Accounting-Response

46
Q

Unlike TACACS, RADIUS uses what as the transmission protocol?

A

UDP (1812 for authentication and 1813 for accounting)

47
Q

allows a RADIUS server to initiate a conversation with a network device and disconnect a user’s session, bounce the port (perform a shut/no-shut), or even tell the device to reauthenticate the user

A

CoA

CCNP SISE 300-715 (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions