What is a difference between TACACS+ and RADIUS in AAA?

Jul 27, 2020 Last Updated: Jul 27, 2020 No Comments
Tweet Share Pin it
IT Questions BankWhat is a difference between TACACS+ and RADIUS in AAA?

Question:
What is a difference between TACACS+ and RADIUS in AAA?

  • Only TACACS+ allows for separate authentication.
  • Only RADIUS encrypts the entire access-request packet.
  • Only RADIUS uses TCP
  • Only TACACS+ couples authentication and authorization.

Explanation: TACACS+ is an AAA protocol developed by Cisco. TACACS+ separates the authentication, authorization, and accounting steps. This architecture allows for separate authentication solutions while still using TACACS+ for authorization and accounting. For example, it is possible to use the Kerberos Protocol for authentication and TACACS+ for authorization and accounting. After an AAA client passes authentication through a Kerberos server, the AAA client requests authorization information from a TACACS+ server without the necessity to re-authenticate the AAA client by using the TACACS+ authentication mechanism.

Authentication and authorization are not separated in a RADIUS transaction. When the authentication request is sent to a AAA server, the AAA client expects to have the authorization result sent back in reply.

Reference: http://www.cisco.com/c/dam/en/us/products/collateral/security/secure-access-control-server-windows/prod_white_paper0900aecd80737943.pdf

Exam with this question: CCNA v3.0 (200-125) Study Guide – Exam Dumps

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x