What is a difference between TACACS+ and RADIUS in AAA?

Questions BankCategory: CCNAWhat is a difference between TACACS+ and RADIUS in AAA?
ITExamAnswers Staff asked 2 months ago
Question:
What is a difference between TACACS+ and RADIUS in AAA?

  • Only TACACS+ allows for separate authentication.
  • Only RADIUS encrypts the entire access-request packet.
  • Only RADIUS uses TCP
  • Only TACACS+ couples authentication and authorization.

Explanation: TACACS+ is an AAA protocol developed by Cisco. TACACS+ separates the authentication, authorization, and accounting steps. This architecture allows for separate authentication solutions while still using TACACS+ for authorization and accounting. For example, it is possible to use the Kerberos Protocol for authentication and TACACS+ for authorization and accounting. After an AAA client passes authentication through a Kerberos server, the AAA client requests authorization information from a TACACS+ server without the necessity to re-authenticate the AAA client by using the TACACS+ authentication mechanism.

Authentication and authorization are not separated in a RADIUS transaction. When the authentication request is sent to a AAA server, the AAA client expects to have the authorization result sent back in reply.

Reference: http://www.cisco.com/c/dam/en/us/products/collateral/security/secure-access-control-server-windows/prod_white_paper0900aecd80737943.pdf

More Questions: CCNA v3.0 (200-125) Study Guide – Exam Dumps



Your Answer







Related Articles