Config Router

You are here: Home / Cisco / Network Security FAQ: Remote Access

Network Security FAQ: Remote Access

by

Network Security FAQ: Remote Access

Q1. What does AAA stand for, and what is its function?

Answer: AAA stands for authentication, authorization, and accounting and provides security to Cisco IOS routers and network devices.

Q2. What is authentication used for?

Answer: By requiring the user’s username and password, authentication enables administrators to identify who can connect to a router.

Q3. What is authorization used for?

Answer: Authorization allows administrators to control the level of access users have after they have successfully gained access to a device.

Q4. What is accounting used for?

Answer: Accounting allows administrators to collect information about users. More specifically, administrators can track which user logged in to which router, which Cisco IOS commands a user issued, and how many bytes were transferred during a user’s session.

Q5. What are the three types of authentication servers supported by Cisco IOS?

Answer: The three types of authentication servers supported by Cisco IOS are TACACS+, RADIUS, and Kerberos.

Q6. List three characteristics of the TACACS+ protocol.

Answer: Three characteristics of the TACACS+ protocol are as follows:

  • Packets sent between client/server are TCP.
  • TCP port is 49.
  • There is packet encryption.

Q7. List three characteristics of the RADIUS protocol.

Answer: Three characteristics of the RADIUS protocol are as follows:

  • Packets sent between client/server are UDP.
  • UDP port is 1812.
  • There is password encryption.

Q8. What Cisco IOS command is used to enable AAA on a router?

Answer: The Cisco IOS command to enable AAA on a Cisco IOS device is aaa new-model.

Q9. What is the Cisco IOS lock-and-key feature?

Answer: The lock-and-key feature uses dynamic access lists to create specific, temporary openings in the network in response to a user’s successful authentication.

Q10. Give an example of two-factor identification.

Answer: One example of two-factor identification is as follows: When retrieving money from an account at an ATM, a customer needs both a PIN number and the magnetic-strip card.