Cacic

Disponível somente no TrabalhosFeitos
  • Páginas : 6 (1344 palavras )
  • Download(s) : 0
  • Publicado : 19 de junho de 2011
Ler documento completo
Amostra do texto
1. Why is local database authentication preferred over a password-only login? It specifies a different password for each line or port. It provides for authentication and accountability. It requires a login and password combination on console, vty lines, and aux ports. It is more efficient for users who only need to enter a password to gain entry to a device.

2. What is a characteristic of AAA?Authorization can only be implemented after a user is authenticated. Accounting services are implemented prior to authenticating a user. Accounting services determine which resources the user can access and which operations the user is allowed to perform. Authorization records what the user does, including what is accessed, the amount of time the resource is accessed, and any changes that weremade.

3. Due to implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? accessibility accounting auditing authentication authorization

4. Which two AAA access method statements are true? (Choose two.) Character mode provides remote users with access to network resources and requires use of the console, vty, or tty ports. Character modeprovides remote users with access to network resources and requires use of dialup or VPN.

Character mode provides users with administrative privilege EXEC access and requires use of the console, vty, or tty ports. Packet mode provides users with administrative privilege EXEC access and requires use of dialup or VPN. Packet mode provides remote users with access to network resources and requiresuse of dialup or VPN. Packet mode provides users with administrative privilege EXEC access and requires use of the console, vty, or tty ports.

5. Which two statements describe AAA authentication? (Choose two.) Server-based AAA authentication is more scalable than local AAA authentication. Local AAA is ideal for large complex networks because it uses the local database of the router forauthentication. Server-based AAA authentication can use the RADIUS or TACACS+ protocols to communicate between the router and a AAA server. Server-based AAA authentication is ideal for large complex networks because it uses the local database of the router for authentication. Local AAA authentication requires the services of an external server, such as the Cisco Secure ACS for Windows Server.

6. Whatis a difference between using the login local command and using local AAA authentication for authenticating administrator access? Local AAA authentication supports encrypted passwords; login local does not. Local AAA provides a way to configure backup methods of authentication; login local does not. A method list must be configured when using the login local command, but is optional when usinglocal AAA authentication. The login local command supports the keyword none, which ensures that authentication succeeds, even if all methods return an error.

7 .

Refer to the exhibit. Router R1 has been configured as shown, with the resulting log message. On the basis of the information presented, which two AAA authentication statements are true? (Choose two.) The locked-out user failedauthentication. The locked-out user is locked out for 10 minutes by default. The locked-out user should have used the username Admin and password Pa55w0rd. The locked-out user should have used the username admin and password Str0ngPa55w0rd. The locked-out user stays locked out until the clear aaa local user lockout username Admin command is issued.

8 .

Refer to the exhibit. Router R1 is configuredas shown. An administrative user attempts to use Telnet from router R2 to router R1 using the interface IP address 10.10.10.1. However, Telnet access is denied. Which option corrects this problem? The R1 10.10.10.1 router interface must be enabled. The vty lines must be configured with the login authentication default command. The aaa local authentication attempts max-fail command must be set...
tracking img