CCSP SECUR FAQ : Authentication, Authorization, and Accounting
Q1. Which of the following best describes AAA authentication?
A. Authentication is last defense against hackers.
B. Authentication can only work with firewalls.
C. Authentication is the way a user is identified prior to being allowed into the network.
D. Authentication is a way to manage what a user can do on a network.
E. Authentication is way to track what a user does once logged in.
Q2. Which of the following best describes AAA authorization?
A. Authorization cannot work without accounting.
B. Authorization provides the means of tracking and recording user activity on the network.
C. Authorization is the way a user is identified.
D. Authorization determines which resources the user is permitted to access and what operation the user is permitted to perform.
Q3. Which of the following best describes AAA accounting?
A. Accounting is the way that users are identified before they log in to the network.
B. Accounting enables you to track the services users are accessing as well as the amount of network resources they are consuming.
C. Accounting cannot be used for billing.
D. Accounting is a way to curtail where users can go on a network access server.
E. AAA accounting is used only to track users logging on to the network.
Q4. What is the command that enables AAA on a network access server or a router?
A. aaa in
B. aaa on
C. aaa new-model
D. enable aaa
E. start aaa services
Q5. Which of the following is the correct syntax to specify RADIUS as the default method for a user authentication during login?
A. authentication radius login
B. login radius aaa authentication
C. aaa login authentication group radius
D. aaa authentication login default group radius
E. radius authentication login
Q6. Which of the following authorization methods does AAA not support?
Q7. What command enables you to troubleshoot and debug authentication problems?
A. debug authentication
B. debug aaa authentication
C. authentication debug aaa
D. show authentication
E. show aaa authentication
Q8. How do you track user activity on your network access server?
A. You cannot track user activities on your NAS.
B. Use AAA authorization only.
C. Use AAA authentication only.
D. A and B.
E. Configure AAA accounting.
Q9. Which of the following commands requires authentication for dialup users via async or ISDN connections?
A. ppp authentication default radius
B. aaa authentication ppp default local
C. authentication line isdn
D. aaa authentication login remote
E. aaa ppp authentication radius
Q10. After an authentication method has been defined, what is the next step to make AAA authentication work on the access server?
A. Set up AAA accounting.
B. Do nothing.
C. Apply the authentication method to the desired interface.
D. Reload the router or NAS.
Q11. What command enables AAA on a router/NAS?
Q12. Which of the AAA services can be used for billing and auditing?
Q13. What are the seven types of AAA authorization that are supported on the Cisco IOS Software?
Q14. What AAA command would you use to configure authentication for login to an access server?
Q15. Name two authorization methods supported by AAA?
Q16. What command enables you to troubleshoot a AAA authorization problem?
Q17. How many authentication methods can you specify in AAA configuration?
Q18. What is the difference between a FAIL response and an ERROR response in a AAA configuration?
Q19. How would you display all the accounting records for actively accounted functions?
Q20. What command disables AAA functionality on your access server?