Question 1 | Which of the following external databases are specifically supported by CSACS version 3.0.1? |
A1: | Answers: A, D, E. Generic LDAP and ODBC-compliant relational databases are also supported. Although MySQL and Oracle might be supported via ODBC, those two databases are not directly supported by CSACS for Windows. |
Question 2 | Which CSACS v3.0.1 service monitors the CSACS system and automatically attempts to fix any problems that are detected ? -
A. CSMon -
B. CSAlert -
C. CSSynch -
D. CSMonitor -
E. CSAuth |
A2: | Answer: A. CSAlert and CSMonitor are bogus services. CSAuth is the authentication and authorization service. The correct service used to synchronize the CSACS database with third-party RDBMS systems is CSDBSync , not CSSynch . |
Question 3 | Select the features of the RADIUS protocol. |
A3: | Answers: B, D. TACACS+ is more widely used than RADIUS. RADIUS was developed by Livingston, which became part of Lucent. RADIUS only encrypts the password in the packet sent by the AAA client to the AAA server. |
Question 4 | Suppose you issued the debug aaa authorization command, and output was the following. What service is this user attempting to access? 11:11:11: AAA/AUTHOR (0): user='kennyg' 11:11:11: AAA/AUTHOR (0): send AV service=shell 11:11:11: AAA/AUTHOR (0): send AV cmd* 11:11:11: AAA/AUTHOR (125485216): Method=RADIUS 11:11:11: AAA/AUTHOR/TAC+ ((125485216): user= kennyg 11:11:11: AAA/AUTHOR/TAC+ ((125485216): send AV service=shell 11:11:11: AAA/AUTHOR/TAC+ ((125485216): send AV cmd* 11:11:12: AAA/AUTHOR ((125485216): Post authorization status = PASS -
A. ARA -
B. ATALK -
C. LCP -
D. EXEC -
E. IPX |
A4: | Answer: D. service=shell means that an EXEC (shell) session is being requested . If the other services were being attempted, the service= line would indicate the service. |
Question 5 | What is the correct command to configure a AAA authentication method on a line? -
A. login aaa authentication QUE -
B. authentication login QUE -
C. aaa authentication login QUE -
D. authentication QUE -
E. login authentication QUE |
A5: | Answer: E. If a list is not applied to a line or interface, the default list is used. All the other answers are invalid commands. |
Question 6 | What is the consequence of applying the following AAA authentication method to the aux port? aaa authentication login TESTING none group tacacs+ groups radius enable -
A. All users will be able to access the aux port. -
B. Only users who are configured in the TACACS+ database will be able to access the aux port. -
C. Only users who are configured in the RADIUS database will be able to access the aux port. -
D. Only users who know the enable password will be able to access the aux port. -
E. No one will be able to access the aux port. |
A6: | Answer: A. The none method means that authentication is not required. Therefore, all users will be able to access the aux port. AAA methods are tried in the order in which you configure them. Because none is listed before the tacacs+ , radius , or enable methods, no authentication is required. |