| 1: | What does AAA stand for, and what is its function? | |
| A1: | Answer: AAA stands for authentication, authorization, and accounting and provides security to Cisco IOS routers and network devices. | |
| 2: | What is authentication used for? | |
| A2: | Answer: By requiring the user's username and password, authentication enables administrators to identify who can connect to a router. | |
| 3: | What is authorization used for? | |
| A3: | Answer: Authorization allows administrators to control the level of access users have after they have successfully gained access to a device. | |
| 4: | What is accounting used for? | |
| A4: | Answer: Accounting allows administrators to collect information about users. More specifically, administrators can track which user logged in to which router, which Cisco IOS commands a user issued, and how many bytes were transferred during a user's session. | |
| 5: | What are the three types of authentication servers supported by Cisco IOS? | |
| A5: | Answer: The three types of authentication servers supported by Cisco IOS are TACACS+, RADIUS, and Kerberos. | |
| 6: | List three characteristics of the TACACS+ protocol. | |
| A6: | Answer: Three characteristics of the TACACS+ protocol are as follows:
| |
| 7: | List three characteristics of the RADIUS protocol. | |
| A7: | Answer: Three characteristics of the RADIUS protocol are as follows:
| |
| 8: | What Cisco IOS command is used to enable AAA on a router? | |
| A8: | Answer: The Cisco IOS command to enable AAA on a Cisco IOS device is aaa new-model . | |
| 9: | What is the Cisco IOS lock-and-key feature? | |
| A9: | Answer: The lock-and-key feature uses dynamic access lists to create specific, temporary openings in the network in response to a user's successful authentication. | |
| 10: | Give an example of two-factor identification.A10: | Answer: One example of two-factor identification is as follows: When retrieving money from an account at an ATM, a customer needs both a PIN number and the magnetic-strip card. |