Mitko Bogdanoski, Pero Latkoski, Tomislav Shuminoski, Aleksandar Risteski The architecture and protocols for authentication, authorization, and accounting (AAA) are one of the most important des...
Descripción: MAT540 Quiz Chapter 3
accontFull description
Accounting Information System by James Hall chapter 3 powerpoint presentation
Solutions to textbook problems in Chapter 3 of Hamlen's Advanced Accounting, 3rd editionFull description
Full description
Full description
Accounting 101 Quiz test1
Cost Accounting Quiz
Financial Accounting Theory Craig Deegan Chapter 3 The regulation of financial accounting Slides written by Craig Deegan and Michaela RankinDeskripsi lengkap
Solutions for the different exercises in the Cost Accounting 2012 ed. authored by Guillermo and Norma de Leon.Full description
a manual solution for accounting for manager book
SIADeskripsi lengkap
Chapter 1 Advanced AccountingFull description
test bank
Chapter 5 Homework Advanced Accounting Strayer University ACC410
Advanced Accounting Chapter 6Deskripsi lengkap
mgt acctg
Cost Accounting Chapter 7Full description
Chapter 5 Homework Advanced Accounting Strayer University ACC410Deskripsi lengkap
Chapter 10 Managerial Accounting by Garrision, 14th EditionDeskripsi lengkap
Full description
Chapter 3 Quiz - Authentication, Authorization, Authorization, and Accounting Fecha límite No hay fecha de vencimiento
Puntos 24
Preguntas 12
Tiempo límite Ninguno
Intentos permitidos Ilimitado
Instructions This quiz covers the content in CCNA Security: Implementing Network Security 1.2 Chapter 3 . It is designed to provide an additional opportunity to practice the skills and knowledge presented in the chapter and to prepare for the Chapter Exam. You will be allowed multiple attempts and the grade does not appear in the gradebook. There are multiple task types that may be available in this quiz. Rather than having static graphics to view, some items may require you to open a PT activity and perform some investigation and configuration of devices before answering the question. NOTE: There are some small differences in how the questions score and operate in the Quiz and how they score and operate in the Chapter Exam. Quizzes allow for partial credit
scoring on all item types to foster learning. Points on quizzes can also be deducted for answering incorrectly. This does not occur with the Chapter Exam. Form 28083
Volver a realizar la evaluación
Historial de intentos EL ÚLTIMO
Intento
Ti Tiempo
Calificación
Intento 1
30 minutos
10 de 24
Enviado Mar 24 en 9:29pm
Pregunta 1
0 / 2 pts
Which statement describes a characteristic of authorization in an AAA solution? Respuesta correcta
Respondido
It works similarly to privilege levels and role-based CLI.
It accepts usernames and passwords to determine if users are who they say they are.
Refer to curriculum topic: 3.1.2 The authorization process is similar to CLI privilege levels and role-based CLI. It happens automatically after a user authenticates, and does not require the user to perform any additional steps.
Pregunta 2 Which statement describes a difference between RADIUS and TACACS+?
¡Correcto!
RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
2 / 2 pts
Refer to curriculum topic: 3.3.2 TACACS+ uses TCP, encrypts the entire packet (not just the password), and separates authentication and authorization into two distinct processes. Both protocols are supported by the Cisco Secure ACS software.
Pregunta 3
2 / 2 pts
Refer to the exhibit. Which statement describes the output of the debug?
¡Correcto!
A user was successfully authenticated.
Refer to curriculum topic: 3.4.3 The "authen response status = PASS" line in the debug output indicates that the login attempt was successful.
Pregunta 4
2 / 2 pts
Which scenario represents an AAA client that would be configured in the Cisco Secure ACS application? ¡Correcto!
a router that allows users to connect remotely
Refer to curriculum topic: 3.3.4 AAA clients are the dev ices that use the services o f the Cisco Secure ACS application for AAA. This includes router s, switches, firewalls, and VPN concentrators. Although users and hosts are sometimes referred to as "clients" in other contexts, they are not AAA clients in the Cisco Secure ACS application.
Pregunta 5
0 / 2 pts
What is the primary function of the aaa authorization command?
Respuesta correcta
Respondido
limit authenticated user access to AAA client services permit authenticated user access to AAA client services
Refer to curriculum topic: 3.5.1 Authorization is concerne d with a llowing and disallowing authen ticated user s access to cer tain ar eas an d pr ograms on the network as well as specific services. Controlling access to configuration commands greatly simplifies the infrastructure security in large enterprise networks.
Pregunta 6
0 / 2 pts
What is a drawback of the local database method of securing device access that can be solved by using AAA with centralized servers?
Respondido
Respuesta correcta
The passwords can only be stored in plain text in the running configuration.
Because the user accounts must be configured locally on each device, AAA with centralized servers is not scalable.
Refer to curriculum topic: 3.1.1 The local database method of securing device access utilizes usernames and passwords that are configured locally on the router. This allows administrators to keep track of who logged in to the device and when. The passwords can also be encrypted in the configuration. However, the account information must be configured on each device where that account should have access, making this solution very difficult to scale.
Pregunta 7
Refer to the exhibit. What configuration would need to be applied to the vty lines in order to use this AAA policy?
Respondido
Respuesta correcta
login authentication radius
No configuration is necessary.
0 / 2 pts
Refer to curriculum topic: 3.2.1 The special named list "default" is enabled automatically on all interfaces and lines. No extra configuration is necessary to make the configuration work. If the default list is replaced with another list on the vty line, it can be put back again with the login authentication default command.
0 / 2 pts
Pregunta 8
Which server-based authentication protocol would be best for an organization that wants to apply authorization policies on a per-group basis?
Respondido
Respuesta correcta
ACS
TACACS+
Refer to curriculum topic: 3.3.2 TACACS+ is considered to be more secure than RADIUS because all TACACS+ traffic is encrypted instead of just the user password when using RADIUS.
0 / 2 pts
Pregunta 9 What is the purpose of the none keyword in an AAA authentication configuration?
Respondido
Respuesta correcta
It only allows users with privilege level 15 to log in to the device.
It allows users to log into the device without credentials if all other authentication methods fail.
Refer to curriculum topic: 3.2.1 The none keyword allows a user to log in without credentials, and provides a backup in case all other authentication methods fail. A failure occurs if the authentication method is not working, for example if a server is unreachable, or a local database has not been configured.
2 / 2 pts
Pregunta 10 Match each functional component of AAA with its description. (Not all options are used.) ¡Correcto!
authentication
¡Correcto!
authorization
provin g that users are who t
determining what resources
¡Correcto!
accounting
recording what users do an
Other Incorrect Match Options: calculating how much a user must pay for remote access to a device
Refer to curriculum topic: 3.1.1
2 / 2 pts
Pregunta 11
6:50:12:
AAA/AUTHEN /START (50996740): Method=TACACS+ 6:50:12: TAC+ (50996740): received authen response status = GETUSER 6:50:12: AAA/AUTHEN (50996740): status = GETUSER 6:50:15: AAA/AUTHEN/CONT (50996740): continue_login 6:50:15: AAA/AUTHEN (50996740): status = GETUSER 6:50:15: AAA/AUTHEN (50996740): Method=TACACS+ 6:50:15: TAC+: send AUTHEN/CONT packet 6:50:15: TAC+ (50996740): received authen response status = GETPASS 6:50:15: AAA/AUTHEN (50996740): status = GETPASS 6:50:20: AAA/AUTHEN/CONT (50996740): continue_login 6:50:20: AAA/AUTHEN (50996740): status = GETPASS 6:50:20: AAA/AUTHEN (50996740): Method=TACACS+ 6:50:20: TAC+: send AUTHEN/CONT packet 6:50:20: TAC+ (50996740): received authen response status = PASS 6:50:20: AAA/AUTHEN (50996740): status = PASS"> Refer to the exhibit. What part of the AAA status message helps a network administrator determine which method list is being referenced? ¡Correcto!
GETUSER
Refer to curriculum topic: 3.2.3 The GETUSER and GETPASS are useful status messages to look for in the output in order to quickly identify which method list is being used.
Pregunta 12
0 / 2 pts
What is the purpose of the start-stop parameter when AAA accounting is being configured?
Respuesta correcta
Respondido
It generates a log entry at the beginning and end of a process. It ensures that users cannot start or stop the AAA process on the router.
Refer to curriculum topic: 3.5.2 There are three triggers that define when AAA generates a log entry: start-stop, stop-only, and none. Start-stop generates a log entry when a process both starts and stops. The stop-only generates a log entry only when a process completes. None prevents accounting messages from being sent at all.
