Security

Question 1

Difference between tacacs server and tacacs-server w/r to AAA

Answer 1

Prioer to IOS 15 - tacacs-server
After IOS 15 - tacacs server

Question 2

How do you group different authentication servers in AAA?

Answer 2

aaa group server

Question 3

Command to add a (alreayd configured) server to a AAA group?

Answer 3

server server

Question 4

AAA ports - what prots are used for ACCOUNTING

Answer 4

1646
1813

Question 5

AAA ports - what prots are used for AUTHORIZATION AND AUTHENTICATION

Answer 5

1645
1812

Question 6

How to remember AAA accounting ports

Answer 6

Accounting ports are the last of the 16/18 block

1646
1813 V 1645
1812

Question 7

What does the “QM_IDLE” indicate? What does QM mean?

Answer 7

QM = QUick Mode
aka IKE Phase 2

Indicates Phase 1 established succesfully, put Phase 2 has not

Question 8

View status of a GRE IPSEC tunnel?

Answer 8

show crypto isakmp sa

Question 9

show crypto isakmp sa
What would a succesful Quick Mode establishment indicate?

Answer 9

Noegitated IPSec Security Associations

Question 10

How does IKE report states in show crypto isakmp sa command?

Answer 10

show cryptio isakmp sa

Question 11

On A Cisco PACL - are packets that originated from that router affected by OUTGOING ACL’s?

Answer 11

No