Foundation Summary

The "Foundation Summary" section of each chapter lists the most important facts from the chapter. Although this section does not list every fact from the chapter that will be on your SNRS exam, a well-prepared candidate should at a minimum know all the details in each "Foundation Summary" before going to take the exam.

To configure security on a Cisco router or access server using AAA, follow these steps:

Step 1. Activate AAA services by using the aaa new-model command.

Step 2. Select the type of security protocols, such as RADIUS, TACACS+, or Kerberos.

Step 3. Define the method list's authentication by using an aaa authentication command.

Step 4. Apply the method lists to a particular interface or line, if required.

Step 5. (Optional) Configure authorization using the aaa authorization command.

Step 6. (Optional) Configure accounting using the aaa accounting command.

• show aaa server Displays RADIUS servers used for AAA authentication

• show aaa user Displays AAA authenticated users statistics

• debug aaa authentication Displays debugging messages on authentication functions

• debug aaa authorization Displays debugging messages on authorization functions

• debug aaa accounting Displays debugging messages on accounting functions



As mentioned in the section "How to Use This Book" in the Introduction, you have two choices for review questions: the Q&A questions here or the exam simulation questions on the CD-ROM. The questions that follow present a bigger challenge than the exam itself because they use an open-ended question format. By using this more difficult format, you can exercise your memory better and prove your conceptual and factual knowledge of this chapter. You can find the answers to these questions in the appendix.

1. Which command enables AAA on a router/NAS?

2. Which of the AAA services can be used for billing and auditing?

3. What is the difference between console and network AAA authorization supported on the Cisco IOS Software?

4. Which AAA command would you use to configure authentication for login to an access server?

5. Where is authorization information stored for each user?

6. Which command enables you to troubleshoot a AAA accounting problem?

7. What types of auditing methods can be specified in a AAA configuration?

8. What is the difference between a FAIL response and an ERROR response in a AAA configuration?

9. How do you display all the detailed accounting records for actively accounted functions? 10. What command disables AAA functionality on your access server?


Chapter 8. Configuring RADIUS and TACACS+ on Cisco IOS Software

0 0

Post a comment