• The privilege command is used to assign a specific command to a specific privilege level.

  • During the Cisco Secure ACS install, you are prompted for an NAS IP address called access server name . This is the IP address of the PIX firewall.

  • The cut-through proxy enables you to control standard ports for HTTP, FTP, and Telnet services through the PIX firewall.

  • Virtual HTTP is used to prevent caching problems with Web browsers.

  • Virtual Telnet can be used when nonstandard port access is needed. HTTP, FTP, and Telnet are the standard ports.

  • Named ACLs are shared among several users and are downloaded only once during authentication. Unnamed ACLs are not shared and are downloaded during authentication.

  • Downloadable ACL can be performed only with RADIUS protocol, not TACACS+.

  • AAA stands for authentication, authorization, and accounting. You cannot have authorization without successful authentication first.

  • TACACS+ uses TCP for connections between AAA servers and clients , whereas RADIUS uses UDP connections.

  • The AAA command parameter local specifies the use of the local database for usernames and passwords.

  • The aaa-server command specifies the location of the AAA services: local, RADIUS, or TACACS+.

  • When users fail authentication, their basic connections are dropped.

CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218 © 2008-2017.
If you may any questions please contact us: