1. What is a feature of the TACACS+ protocol?
- It combines authentication and authorization as one process.
- It encrypts the entire body of the packet for more secure communications.
- It hides passwords during transmission using PAP and sends the rest of the packet in plaintext.
- It utilizes UDP to provide more efficient packet transfer.
2. Which two protocols are used to provide server-based AAA authentication? (Choose two.)
- SSH
- SNMP
- TACACS+
- 802.1x
- RADIUS
3. Which functionality does the TACACS single-connection keyword provide to AAA services?
- allows the use of differing keys between the TACACS+ server and the AAA client
- enhances the performance of the TCP connection
- maintains a single UDP connection for the life of the session
- encrypts the data transfer between the TACACS+ server and the AAA client
4. What are three access control security services? (Choose three.)
- access
- authorization
- repudiation
- availability
- authentication
- accounting
5. What is the purpose of the network security accounting function?
- to keep track of the actions of a user
- to provide challenge and response questions
- to require users to prove who they are
- to determine which resources a user can access
6. What does the TACACS+ protocol provide in a AAA deployment?
- AAA connectivity via UDP
- authorization on a per-user or per-group basis
- password encryption without encrypting the packet
- compatibility with previous TACACS protocols
7. Which term describes the ability of a web server to keep a log of the users who access the server, as well as the length of time they use it?
- accounting
- authentication
- assigning permissions
- authorization
8. What is the first required task when configuring server-based AAA authentication?
- Configure the IP address of the server.
- Specify the type of server providing the authentication.
- Configure the type of AAA authentication.
- Enable AAA globally.
9. What is a characteristic of AAA accounting?
- Accounting can only be enabled for network connections.
- Users are not required to be authenticated before AAA accounting logs their activities on the network.
- Accounting is concerned with allowing and disallowing authenticated users access to certain areas and programs on the network.
- Possible triggers for the aaa accounting exec default command include start-stop and stop-only.
10. When a method list for AAA authentication is being configured, what is the effect of the keyword local?
- It uses the enable password for authentication.
- It defaults to the vty line password for authentication.
- The login succeeds, even if all methods return an error.
- It accepts a locally configured username, regardless of case.
11. Which statement describes a difference between RADIUS and TACACS+?
- RADIUS separates authentication and authorization whereas TACACS+ combines them as one process.
- RADIUS uses TCP whereas TACACS+ uses UDP.
- RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
- RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not.
12. A user complains about not being able to gain access to a network device configured with AAA. How would the network administrator determine if login access for the user account is disabled?
- Use the show aaa user command.
- Use the show running-configuration command.
- Use the show aaa sessions command.
- Use the show aaa local user lockout command.
13. Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?
- authorization
- authentication
- accounting
- auditing