Quản trị mạng Chapter11
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (132.27 KB, 6 trang )
Dao Xuan Hung - Take Exam
Exam questions
1 . Your absent minded junior administrator has enabled AAA authentication on the HanoiCTT network, but forgot to set
the authentication. What will happen when a user try’s to login?
Disallow a user from access to all resources after login.
Allow any user to login without checking the authentication data.
Record all access of resources and how long the user accessed each resource.
Allow a user to access all resources after login.
Not to record any access of resources after login.
Disallow any user from logging in with or without a valid username and password.
2 . You are tasked with configuring authentication on one of the HanoiCTT routers. Which of the following authentication
protocols exchanges information between the client and the server using UDP?
AAA
RADIUS
LCP
TACACS+
All of the above
3 . Read and answer the question
A
B
C
D
4 . Which six AAA accounting types will a TACACS+/RADIUS server record?
Network, interface, exec, protocol, system, and resource
Resource, interface, connection, system, command, and network
Command, system, exec, network, connection, and resource
Connection, protocol, system, network, command, and resource
Crypto, system, network, protocol, command, and resource
5 . What command would you use to enable AAA (Authentication, Authorization, Accounting) on a router?
enable aaa
set aaa
aaa new-model
aaa set
6 . ADSL broadband connections using the PPPoE access method typically uses which type of user authentication method?
AAA authentication
DNIS authentication
Caller-ID authentication
PPP CHAP authentication
IPSec authentication
L2TP authentication
7 . Some of the Cisco System locations are still using AppleTalk. What is true about RADIUS and TACACS+
compatibility with the AppleTalk Remote Access (ARA) protocol? (Choose all that apply.)
RADIUS server is incapable of supporting AppleTalk Remote Access (ARA) protocol.
TACACS+ server is incapable of supporting AppleTalk Remote Access (ARA) protocol.
RADIUS server is capable of supporting AppleTalk Remote Access (ARA) protocol.
TACACS+ server is capable of supporting AppleTalk Remote Access (ARA) protocol.
Neither TACACS+ or RADIUS servers is capable of supporting AppleTalk Remote Access (ARA) protocol.
All of the above.
8 . What is the default action of authentication when AAA is enabled but authentication is not set?
Allow a user to access all resources after login.
Disallow a user from access to all resources after login.
Record all access of resources and how long the user accessed each resources.
Not to record any access of resources after login.
Allow any user to login without checking the authentication data.
Disallow any user from logging in with or without a valid username and password.
9 . What is the purpose of the AAA server? Choose three.
Authentication
Authorization
Accuracy
Accounting
10 . What six types of accounting information does a TACACS+ / RADIUS server record?
Connection, protocol, system, network, command, and resource
Resource, interface, connection, system, command, and network
Command, system, exec, network, connection, and resource
Network, interface, exec, protocol, system, and resource
Crypto, system, network, protocol, command, and resource
None of the above
11 . Read and answer the question
A
B
C
D
E
F
12 . What feature enables tracking of services and the tracking of network resource consumption?
PPP accounting
AAA logging
AAA accounting
AAA insurance
13 . Which IOS command would you use on your router to specify a RADIUS server to take responsibility for
authenticating dial-up clients?
aaa radius server
radius-server host
ip aaa radius host
aaa authentication radius-server
14 . What is authentication?
Authentication is a security measure that is always one-way
Authentication is a security measure that is always two-way
Authentication verifies the identity of a user or system
Authentication verifies the users or systems security measures
15 . You have just received a brand new Cisco router and need to configure auditing on it. What command would you use
to enable auditing of the privileged mode access commands?
aaa accounting enable 15
ip audit enable
aaa accounting command 15
aaa accounting enable priv
16 . The three parts of CiscoSecure are:
Stacker Compression
AAA server
Netscape Fastrack
Relational Database (RDBMS)
17 . You have just received a brand new Cisco router and need to configure auditing on it. What command would you use
to enable auditing of the privileged mode access commands?
aaa accounting enable 15
ip audit enable
aaa accounting command 15
aaa accounting enable priv
18 . Under which circumstance would use of Kerberos authentication system be required instead of TACACS+ or
RADIUS?
Authentication, authorization and accounting need to use a single
Multiple level of authorization need to be applied to various router
DES encrypted authentication is required.
The usage of various router functions needs to be accounted for by user name
19 . AN IPSec secure tunnel is being built between routers LabA and LabB. In IPSec, what are the common services
provided by Authentication Header (AH) and Encapsulation Security Payload (ESP)?
Data origin authentication, confidentiality, and anti-replay service
Confidentiality, data integrity, and anti-replay service
Data integrity, data origin authentication, and anti-replay service
Confidentiality, data integrity, and data origin authentication
Confidentiality, data integrity and authorization.
20 . Read and answer the question
A
B
C
D
E
