CCNA Security FAQ: Configuring AAA

CCNA Security FAQ: Configuring AAA

Question. Which of the following commands is used in global configuration mode to enable AAA?
A. aaa EXEC
B. aaa new-model
C. configure aaa-model
D. configure-model aaa

Answer: B

Question. How do you define the authentication method that will be used with AAA?
A. With a method list
B. With a method statement
C. With the method command
D. With the method aaa command

Answer: A

Question. Which of the following are authentication methods that may be used with AAA? (Choose three.)
A. Local
B. Remote
C. TACACS+
D. RADIUS
E. IPsec

Answer: A, C, and D

Question. To configure accounting in AAA, from which mode should the aaa accounting command be issued?
A. Privileged EXEC
B. Command mode
C. Global configuration
D. Admin EXEC

Answer: C

Question. What does the aaa authentication login console-in local command do?
A. It specifies the login authorization method list named console-in using the local username-password database on the router.

B. It specifies the login authentication list named console-in using the local username-password database on the router.

C. It specifies the login authentication method list named console-in using the local user database on the router.

D. It specifies the login authorization method list named console-in using the local RADIUS username-password database.

Answer: C

Question. Which command should be used to enable AAA authentication to determine if a user can access the privilege command level?
A. aaa authentication enable level
B. aaa authentication enable method default
C. aaa authentication enable default local
D. aaa authentication enable default

Answer: D

Question. Which of the following are features provided by Cisco Secure ACS 4.0 for Windows? (Choose three.)
A. Cisco NAC support
B. IPsec support
C. Network access profiles
D. NTVLM profiles
E. Machine access restrictions

Answer: A, C, and E

Question. Which of the following browsers are supported for use with Cisco Secure ACS? (Choose three.)
A. Opera 9.2
B. Microsoft Internet Explorer 6 with SP1
C. Netscape 7.1
D. Firefox 2.0
E. Netscape 7.2

Answer: B, C, and E

Question. Which of the following ports are used with RADIUS authentication and authorization? (Choose two.)
A. UDP port 2000
B. TCP port 2002
C. UDP port 1645
D. TCP port 49
E. UDP port 1812

Answer: C and E

Question. Which of the following are valid responses that the TACACS+ daemon might provide the NAS during the authentication process? (Choose three.)
A. Accept
B. Reject
C. Approved
D. Continue
E. Failed

Answer: A, B, and D

Question. Which RADIUS message type contains AV pairs for username and password?
A. Access-Request
B. Access-Accept
C. Access-Reject
D. Access-Allow

Answer: A

Question. To enable AAA through the SDM, you choose which of the following?
A. Configure > Tasks > AAA
B. Configure > Authentication > AAA
C. Configure > Additional Tasks > AAA
D. Configure > Additional Authentication > AAA

Answer: C
Enabling AAA in the Cisco SDM
AAA-1

About the author

Scott

Leave a Comment