QA

What does the acronym AAA stand for?

What external methods of authentication does a Catalyst switch support?

A RADIUS server is located at IP address 192.168.199.10. What command configures a Catalyst switch to find the server?

A Catalyst switch should be configured to authenticate users against RADIUS servers first, followed by TACACS+ servers. What command can define the authentication methods? Make sure users still can authenticate if none of the servers is available.

What is the purpose of authorization? What happens if authorization is not used?

Is it possible to use different methods to authorize users to run switch commands instead of making configuration changes?

When might the command switchport port-security maximum 2 be used?

After port-based authentication is configured and enabled, can any host connect as long as the user can authenticate?

When the 802.1x force-authorized keyword is used, how does the switch react to users attempting to connect?

Can more than one host be authenticated on a single switch port with port-based authentication?

In DHCP spoofing and ARP poisoning attacks, what is the goal of the attacker? What Catalyst features can be used to mitigate the risk of these attacks?

Which switch ports should be configured as trusted for DHCP snooping?

What is the function of a trusted port in DAI?

To inspect ARP information from a host that has received its IP address from a DHCP server, what must be enabled in addition to DAI?