CCNA Security FAQ: Configuring AAA
Question. Which of the following commands is used in global configuration mode to enable AAA?
A. aaa EXEC
B. aaa new-model
C. configure aaa-model
D. configure-model aaa
Question. How do you define the authentication method that will be used with AAA?
A. With a method list
B. With a method statement
C. With the method command
D. With the method aaa command
Question. Which of the following are authentication methods that may be used with AAA? (Choose three.)
A. Local
B. Remote
C. TACACS+
D. RADIUS
E. IPsec
Question. To configure accounting in AAA, from which mode should the aaa accounting command be issued?
A. Privileged EXEC
B. Command mode
C. Global configuration
D. Admin EXEC
Question. What does the aaa authentication login console-in local command do?
A. It specifies the login authorization method list named console-in using the local username-password database on the router.
B. It specifies the login authentication list named console-in using the local username-password database on the router.
C. It specifies the login authentication method list named console-in using the local user database on the router.
D. It specifies the login authorization method list named console-in using the local RADIUS username-password database.
Question. Which command should be used to enable AAA authentication to determine if a user can access the privilege command level?
A. aaa authentication enable level
B. aaa authentication enable method default
C. aaa authentication enable default local
D. aaa authentication enable default
Question. Which of the following are features provided by Cisco Secure ACS 4.0 for Windows? (Choose three.)
A. Cisco NAC support
B. IPsec support
C. Network access profiles
D. NTVLM profiles
E. Machine access restrictions
Question. Which of the following browsers are supported for use with Cisco Secure ACS? (Choose three.)
A. Opera 9.2
B. Microsoft Internet Explorer 6 with SP1
C. Netscape 7.1
D. Firefox 2.0
E. Netscape 7.2
Question. Which of the following ports are used with RADIUS authentication and authorization? (Choose two.)
A. UDP port 2000
B. TCP port 2002
C. UDP port 1645
D. TCP port 49
E. UDP port 1812
Question. Which of the following are valid responses that the TACACS+ daemon might provide the NAS during the authentication process? (Choose three.)
A. Accept
B. Reject
C. Approved
D. Continue
E. Failed
Question. Which RADIUS message type contains AV pairs for username and password?
A. Access-Request
B. Access-Accept
C. Access-Reject
D. Access-Allow
Question. To enable AAA through the SDM, you choose which of the following?
A. Configure > Tasks > AAA
B. Configure > Authentication > AAA
C. Configure > Additional Tasks > AAA
D. Configure > Additional Authentication > AAA
Enabling AAA in the Cisco SDM