Admin
Admin
Age : 21
Joined : 22 Feb 2007
Posts : 72
Localisation : Cyprus
|  Subject: module 11  Fri Nov 30, 2007 4:44 pm | |
| CCNP 2
Chapter 11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The network administrator in a large organization wants to delegate some router administration tasks to her technicians. Which AAA supported security protocol allows her to control which commands they can execute on a router?
LDAP
RADIUS
Kerberos
TACACS+ X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which three security protocols can AAA use to authenticate a user? (Choose three.)
Kerberos X
SPCS-SP
RADIUS X
PPP
CHAP
TACACS+ X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are three valid methods that may be used in the following command:
Router(config)#aaa authenticationtype {default | list-name} method1 [method4]? (Choose three.)
login
default
local X
enable X
NASI
group TACACS+ X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What command applies named lists for login authentication?
Router(config)# aaa authentication login list-name
Router(config-line)# login authentication list-name X
Router(config-if)# aaa authentication list-name
Router(config-line)# enable authetication list-name
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which three security features are supported by RADIUS? (Choose three.)
authentication X
access control
administration
authorization X
accounting X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which are features of RADIUS? (Choose three.)
uses TCP
uses UDP X
encrypts only the password in the information request packet X
provides two ways to control authorization of router commands
uses a third party for secure verification of users and services
is an open standard X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are three valid types that may be used in the following command:
Router(config)#aaa authorizationtype {default | list-name} [method1...[method4]]? (Choose 3.)
commands X
NASI
network X
EXEC X
named-list
login
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How many methods can be specified in an aaa authentication login command?
1
4 X
AAA server dependent
limited to CLI line length
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which security protocol is necessary to take advantage of all the features supported by Cisco's implementation of AAA?
TACACS+ X
RADIUS
Kerberos
MD5 Authentication
SPCS-SP
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which command enables authorization for a reverse Telnet session?
aaa authorization reverse-access X
authorization reverse-telnet access
authorization reverse-telnet
aaa authorization reverse-telnet
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which security protocol uses a trusted third party to verify users and applications?
TACACS+
MD5
RADIUS
Kerberos X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
When creating a method list, what keyword specifies that the user is granted access, even if all methods return an ERROR?
allow
permit
none X
abort
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are three advantages that RADIUS provides over TACACS+? (Choose three.)
typically uses fewer CPU cycles X
greater scalability
less memory intensive X
support for wireless authentication protocols X
maximum security
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What must be configured to successfully exchange data between an AAA client and TACACS+ server?
identical secret encryption keys X
private and public encryption keys
dynamic routing protocol
static route on the client pointing to the server network
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which of the following is an advantage of AAA authentication?
supports only proprietary security protocols
allows for multiple backup systems X
maintains a local username and password database
provides increased network availability
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
When authenticating, what does a FAIL response indicate?
The security server did not respond and authentication ends.
The user did not meet criteria and authentication ends. X
The security server did not respond and the next authentication method is attempted.
The user did not meet criteria and the next authentication method is attempted.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the only security method supported by wireless authentication protocols?
TACACS+
RADIUS X
Kerberos
LEAP
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The Cisco IOS provides support for which three key security protocols? (Choose three.)
TACACS+ X
RADIUS X
Kerberos X
MD5 Authentication
SPCS-SP
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What does the keyword default specify when used with the aaa authentication login command?
Authentication is automatically applied to the con 0 and all TTY and VTY lines. X
The local username/password database is accessed for authentication.
Authentication must be specifically set for all lines, otherwise access is denied and no authentication is performed.
Authentication is automatically enabled for the VTY lines utilizing the enable password.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
AAA provides support for which three security features? (Choose three.)
authentication X
accounting X
administration
access control
authorization X
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How many privilege levels are configured on a router by default?
3 X
5
7
15
16
_________________ |
|
