DRAG DROP - Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used. Select and Place:
I think the RADIUS options refers more to Authentication. Please correct me if im wrong, but i think that in Authorization the RADIUS option is incorrect, and instead it should be "Enables the device for user or group based access".
option Radius: After the user is authenticated, Authorization is used to determine whether the user is allowed to access the reverse Telnet session based on predefined policies (such as roles or groups).
Authorization controls access to resources
authentication controls identity verification
accounting records
Reverse telnet allows you to telnet to a device then from that device connect to the console of another device. Below is a quick snippet highlighting most of what you'll need to know about it.
https://community.cisco.com/t5/switching/reverse-telnet/td-p/2159217
Based on what reserve telnet is I would have to say the listed answer is correct.
Based on your information, reverse telnet is a method to access a device, another method could be to access a device via console cable, which does not seem to be authorization control.
Authorization controls limit the access of a user. A user group can be granted to multiple users and these users will be limited to the access granted to the group. This is more related to authorization.
The answer should be user/group based access and restrict CLI command for authorization
It is incorrect in authorization, it should be:
it enables the device to allow user or group based access
it restricts the cli commands that a user can perform
selected answer is correct.
confusion between Radius and allow user or group based access.
option with radius is more relevant, After the user is authenticated, Authorization is used to determine whether the user is allowed to access the reverse Telnet session based on predefined policies (such as roles or groups).
Given answer is wrong
Accounting:
- It records the amount of time for which a user accesses the network on a remote server.
- It uses TACACS+ to log the configuration commands entered by a network administrator.
Authorization:
- It enables the device to allow user- or group-based access.
- It restricts the CLI commands that a user can perform.
Authentication:
- It leverages a RADIUS server to grant user access to a reverse Telnet session.
- It verifies the user and password before granting access to the device.
1 - It enables the device to allow user/ group based access - Authenticates to user/group
2 - It leverages a Radius server to grant user access - specific access so Authorisation
3 - It records the amount of time - Accounting
4 - It restricts the CLI commands - Authorisation
5 - It uses TACACS+ to LOG... - Accounting
6- It VERIFIES = Authentication
My take anyway....
Okay, another weird question. Had to do some research, and I think the given answer is wrong. The answer "it restricts the CLI commands that a use can perform" should be replaced with "it enables the device to allow user or group based access."
Why?
Both of those features exist in official Cisco documentation.
https://edge.us.cdo.cisco.com/content/docs/g-appwrapper-olh-cdo-public-api.html#!t_control-user-permissions-and-attributes-using-radius-and-group-policies.html
https://documentation.meraki.com/MR/Group_Policies_and_Block_Lists/Using_RADIUS_Attributes_to_Apply_Group_Policies
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16-12/sec-usr-aaa-xe-16-12-book/sec-cfg-authorizatn.html#GUID-794B8DB0-8A30-4B1E-B41A-E14885CB6E79__GUID-B1D4DB6C-BBAB-4EDF-A823-99139E3C9D10
Scroll down a little in the second link to find the example for RADIUS.
CLI command restrictions seem possible using RADIUS on *other vendors*, but I couldn't find anything specific to Cisco for this functionality. Either way it seems these two options *are* correct.
Accounting:It records; It’s using TACACS+
Authorisation:It enables; It restricts
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
EliasM
Highly Voted 2 years, 3 months agoLse
1 week, 6 days agoRougePotatoe
2 years, 2 months agojonathan126
1 year, 8 months agostudying_1
1 year, 8 months agoenzo86
Highly Voted 1 year, 9 months agoLse
Most Recent 1 week, 6 days ago[Removed]
9 months, 3 weeks agoJulesAZ
11 months, 1 week agoMarkFromMilan
1 month, 2 weeks ago[Removed]
1 year, 1 month agoMalgaw
11 months, 3 weeks agovaderz
1 year, 2 months ago