Documente Academic
Documente Profesional
Documente Cultură
login?
It specifies a different password for each line or port.
auditing
authentication
authorization
7) Which two AAA access method statements are true? (Choose two.)
Character mode provides remote users with access to network resources and
requires use of the console, vty, or tty ports.
Character mode provides remote users with access to network resources and
requires use of dialup or VPN.
local AAA
Packet mode provides users with administrative privilege EXEC access and
requires use of dialup or VPN.
Packet mode provides remote users with access to network resources and
requires use of dialup or VPN.
Packet mode provides users with administrative privilege EXEC access and
requires use of the console, vty, or tty ports.
TACACS+ uses UDP port 1645 or 1812 for authentication, and UDP port 1646
or 1813 for accounting.
5) What is a difference between using the login local command and using
local AAA authentication for authenticating administrator access?
Local AAA authentication supports encrypted passwords; login local does
not.
Local AAA provides a way to configure backup methods of authentication;
login local does not.
A method list must be configured when using the login local command, but is
optional when using local AAA authentication.
The login local command supports the keyword none, which ensures that
authentication succeeds, even if all methods return an error.
15) How does a Cisco Secure ACS improve performance of the TACACS+
authorization process?
reduces overhead by using UDP for authorization queries
reduces delays in the authorization queries by using persistent TCP sessions
reduces bandwidth utilization of the authorization queries by allowing
cached credentials
10) Refer to the exhibit. In the network shown, which AAA command logs
the use of EXEC session commands?
11) When configuring a method list for AAA authentication, what is the
effect of the keyword local?
17) Refer to the exhibit. Router R1 has been configured as shown, with the
resulting log message. On the basis of the information presented, which
two AAA authentication statements are true? (Choose two.)
The locked-out user should have used the username Admin and password
Pa55w0rd.
The locked-out user should have used the username admin and password
Str0ngPa55w0rd.
The locked-out user stays locked out until the clear aaa local user lockout
username Admin command is issued.
AutoSecure
Cisco Configuration Professional communities
authentication, authorization, and accounting
19) Which two modes are supported by AAA to authenticate users for
accessing the network and devices? (Choose two.)
verbose mode
14) Which two statements describe Cisco Secure ACS? (Choose two.)
Cisco Secure ACS supports LDAP.
Cisco Secure ACS is only supported on wired LAN connections.
Cisco Secure ACS only supports the TACACS+ protocol.
character mode
quiet mode
packet mode
ancillary mode
20) Which two features are included by both TACACS+ and RADIUS
protocols? (Choose two.)
separate authentication and authorization processes
password encryption