Non-802.1x Authentications Flashcards

1
Q

True/ False. In MAB the authenticator act on behalf of the endpoint that does not have a supplicant by crafting a RADIUS Access-Request message and sends it to the authentication server. The authenticator uses the endpoint’s MAC address as the identity

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How does a switch(authenticator) know when the endpoint that is plugged into it does not have a supplicant?

A

The authenticator is meant to send EAP over LAN identity request frames every 30 seconds by default. After 3 timeouts- a period of 90 seconds by default- it accepted that the endpoint must not have a supplicant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Web Authentication

A

An authenticator would be able to send a user to a locally hosted web page- in other words, a web page hosted on the local device itself example Switch, WLC, etc. The username and password that are submitted to the web portal are then sent from the authenticator to the authentication server in a standard RADIUS Access-Request packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Local Web Authentication

A

the credentials are submitted through the web portal, and the authenticator (switch, wireless controller and so on) sends the RADIUS Access-Request to the authentication server using the username and password from the form. It is key to remember that any time the switch is sending the credentials for the user, it is considered LWA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

LWA limitations

A

LWA does not support VLAN assignment, so you are basically limited to ACL assignment. LWA is also restricted from change of authorization (COA) support;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Centralized Web Authentication

A

the portal is hosted on ISE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

True/ False CoA works fully with CWA

A

True. CWA also supports all the advanced services, such as client provisioning, posture assessments, acceptable use policies (AUPs) password changing, self registration, and device registration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly