CCNP AAA, RADIUS, and TACACS+ • Complete Question Bank
Complete CCNP AAA, RADIUS, and TACACS+ question bank — all 0 questions with answers and detailed explanations.
A network engineer runs the following command on Router R1:
R1# show aaa sessions
Total sessions since last reload: 5 Session Id: 1 Unique Id: 1 User Name: admin
IP Address: 10.1.1.100
Idle Time: 0 Timeout: 0 Type: Login Method: RADIUS Session Id: 2 Unique Id: 2 User Name: jdoe
IP Address: 10.1.1.101
Idle Time: 120 Timeout: 0 Type: Login Method: LOCAL
Based on this output, what can be concluded?
A network administrator issues the following command on a Cisco switch:
Switch# show aaa servers
RADIUS: id 1, priority 1, host 192.168.1.10, auth-port 1812, acct-port 1813 State: current UP, duration 3600s, previous duration 0s Dead: total 0, retransmit 0 RADIUS: id 2, priority 2, host 192.168.1.20, auth-port 1812, acct-port 1813 State: current UP, duration 100s, previous duration 300s Dead: total 3, retransmit 2
Based on this output, what can be concluded?
A network engineer runs the following debug on a router:
R1# debug aaa authentication *Mar 1 00:01:23.456: AAA/BIND(00000001): Bind iplist *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): Pick method list 'default' *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): Method=RADIUS *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): RADIUS server 10.1.1.10:1812, timeout 5, retransmit 2 *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): Sent username 'admin', password **** *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): Received PASS response *Mar 1 00:01:23.456: AAA/AUTHEN/LOGIN (00000001): Pass
Based on this output, what can be concluded?
A network administrator checks the AAA configuration on a router:
R1# show running-config | include aaa aaa new-model aaa authentication login default group radius local aaa authentication login console local aaa authorization exec default group tacacs+ local aaa accounting exec default start-stop group radius
Based on this output, what can be concluded?
A network engineer issues the following command on a router:
R1# show tacacs
TACACS+ Server: 10.1.1.10/49 Socket opens: 5 Socket closes: 3 Socket aborts: 0 Total packets sent: 10 Total packets received: 9 Retransmissions: 1 Timeouts: 1 Current idle time: 30 seconds
Based on this output, what can be concluded?
A network administrator runs the following command on a switch:
Switch# show aaa method-list
Method List Name: default Type: authentication Group: radius Group: local Method List Name: console Type: authentication Group: local Method List Name: default Type: authorization Group: tacacs+ Group: local
Based on this output, what can be concluded?
A network engineer checks the AAA server status:
R1# show aaa servers
RADIUS: id 1, priority 1, host 10.1.1.10, auth-port 1812, acct-port 1813 State: current DEAD, duration 0s, previous duration 500s Dead: total 1, retransmit 3 RADIUS: id 2, priority 2, host 10.1.1.20, auth-port 1812, acct-port 1813 State: current UP, duration 200s, previous duration 0s Dead: total 0, retransmit 0
Based on this output, what can be concluded?
A network administrator runs the following debug on a router:
R1# debug aaa authorization *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): Processing author request for user 'jdoe' *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): Method=TACACS+ *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): TACACS+ server 10.1.1.10:49, timeout 5 *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): Sent author request *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): Received PASS response *Mar 1 00:02:45.678: AAA/AUTHOR/EXEC(00000002): Pass
Based on this output, what can be concluded?
A network engineer checks AAA accounting on a router:
R1# show aaa accounting
Accounting method list 'default': Type: exec Start-stop: group radius Accounting records: Total started: 10 Total stopped: 8 Total failed: 2 Last record: user 'admin', start time 00:01:00 UTC Mar 1 2023
Based on this output, what can be concluded?
Examine the following AAA configuration snippet:
aaa new-model aaa authentication login default local aaa authentication login CONSOLE local aaa authorization exec default local aaa accounting exec default start-stop group tacacs+ line con 0
login authentication CONSOLE
line vty 0 4
login authentication default
What is the effect of this configuration?
Given the following configuration:
aaa new-model aaa authentication login default group radius local aaa authorization exec default group radius local aaa accounting exec default start-stop group radius
radius-server host 192.168.1.100 key Cisco123 radius-server host 192.168.1.101 key Cisco123
Which statement is true about this configuration?
Consider this AAA configuration:
aaa new-model aaa authentication login default group tacacs+ local aaa authorization exec default group tacacs+ local aaa accounting exec default stop-only group tacacs+
tacacs-server host 10.0.0.1 key SecretKey tacacs-server host 10.0.0.2 key SecretKey
What is the effect of the accounting command?
Examine this configuration:
aaa new-model aaa authentication login default local aaa authorization exec default local aaa accounting exec default start-stop group tacacs+ line vty 0 4
login authentication default privilege level 15
What is missing to ensure that VTY users are authenticated via TACACS+?
Given this configuration:
aaa new-model aaa authentication login default group radius aaa authorization exec default group radius aaa accounting exec default start-stop group radius
radius-server host 192.168.1.1 auth-port 1645 acct-port 1646 key radiuskey radius-server host 192.168.1.2 auth-port 1645 acct-port 1646 key radiuskey
Which statement is true about the RADIUS server ports?
Consider this AAA configuration:
aaa new-model aaa authentication login default local aaa authorization exec default local aaa accounting exec default start-stop group tacacs+
tacacs-server host 10.0.0.1 key SecretKey
line con 0
login authentication default
line vty 0 4
login authentication default
What is the effect of this configuration?