Answer CCNA Security Chapter 3 Test CCNAS v1.

1 | Invisible Algorithm

Home

Category

Search

Sitemap

Contact Us

About

JAA / EASA FCL questions

actual questions with explanations books, online, software
www.aviationexam.com

Answer CCNA Security Chapter 3 Test CCNAS v1.1

Posted on August 2, 2012

RECENTLY WRI TTEN

Disable w3 Total Cache Plugin Completely Unable to Connect to Internet Eset Smart Security Atheros AR5007EG Windows 7 Driver Network Security Chapter 4 Packet Tracer Activity A Answer Answer CCNA Security Chapter 10 Test CCNAS v1.1

COFFEE FOR ME

SEARCH

This post is about questions and answer for CCNA Security Chapter 3 Test. The questions is based on CCNAS v1.1. All the answers has been verified to be 100% correct. Hopefully all these

Search

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

questions and answers will be a good guide and reference to all of us. Why is local database authentication preferred over a passwordonly login? It specifies a different password for each line or port. It provides for authentication and accountability. It requires a login and password combination on console, vty lines, and aux ports. It is more efficient for users who only need to enter a password to gain entry to a device.
Follow 105 people like
Facebook social plugin
Login

Invisible Algorithm
on Facebook Like

+6
Which authentication method stores usernames and passwords in the router and is ideal for small networks? local AAA local AAA over RADIUS local AAA over TACACS+ server-based AAA server-based AAA over RADIUS server-based AAA over TACACS+
Find us on Google+

In regards to Cisco Secure ACS, what is a client device? a web server, email server, or FTP server the computer used by a network administrator
CCNA SECURI TY

network users who must access privileged EXEC commands a router, switch, firewall, or VPN concentrator

Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

Chapter 6 Chapter 7

When configuring a Cisco Secure ACS, how is the configuration interface accessed? A Web browser is used to configure a Cisco Secure ACS. The Cisco Secure ACS can be accessed from the router console.

Chapter 8 Chapter 9 Chapter 10 Final Exam

Maritime Security Telnet can be used to configure a Cisco Secure ACS server after an initial configuration is complete. The Cisco Secure ACS can be accessed remotely after installing ACS client software on the administrator workstation.
REDfour MSS Ltd, Industry leader Highest standards of compliance
www.redfour-mss.com

Association "IT World BG"

An IT partner you can trust! E-Learning and Training Solutions
www.it-world.bg

What is a difference between using the login local command and using local AAA authentication for authenticating administrator access? Local AAA authentication supports encrypted passwords; login local does not. Local AAA provides a way to configure backup methods of authentication; login local does not. A method list must be configured when using the login local command, but is optional when using local AAA authentication. The login local command supports the keyword none, which ensures that authentication succeeds, even if all methods return an error.

DELE exam preparation

95% pass rate. Small groups. Cervantes accredited center
www.madridplus.es

official Red Hat Training

Red Hat training and certifications including RHCE and RHCSA
www.alfavad.com

CCIE / JNCIE Rack Rental

$79/mo - Up to 360 hours Over 30 network devices
lab.ghoudakis.com

RANDOM TERMS

ccna 3 chapter 4

Due to implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? accessibility accounting auditing authentication

packet tracers activity answer ccna security chapter 4 & 5 test ccnas v1 1 rom sony sk17i 5 best practices assigning ip addresses small branch office ccna4 chapitre 8 6 1 packet tracer

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

corrig

authorization

Which two AAA access method statements are true? (Choose two.) Character mode provides remote users with access to network resources and requires use of the console, vty, or tty ports. Character mode provides remote users with access to network resources and requires use of dialup or VPN. Character mode provides users with administrative privilege EXEC access and requires use of the console, vty, or tty ports. Packet mode provides users with administrative privilege EXEC access and requires use of dialup or VPN. Packet mode provides remote users with access to network resources and requires use of dialup or VPN. Packet mode provides users with administrative privilege EXEC access and requires use of the console, vty, or tty ports.

What is a characteristic of TACACS+? TACACS+ is an open IETF standard. TACACS+ is backward compatible with TACACS and XTACACS. TACACS+ provides authorization of router commands on a per-user or per-group basis. TACACS+ uses UDP port 1645 or 1812 for authentication, and UDP port 1646 or 1813 for accounting.

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

Refer to the exhibit. Router R1 is configured as shown. An administrative user attempts to use Telnet from router R2 to router R1 using the interface IP address 10.10.10.1. However, Telnet access is denied. Which option corrects this problem? The R1 10.10.10.1 router interface must be enabled. The vty lines must be configured with the login authentication default command. The aaa local authentication attempts max-fail command must be set to 2 or higher. The administrative user should use the username Admin and password Str0ngPa55w0rd.

Refer to the exhibit. In the network shown, which AAA command logs the use of EXEC session commands? aaa accounting connection start-stop group radius aaa accounting connection start-stop group tacacs+ aaa accounting exec start-stop group radius aaa accounting exec start-stop group tacacs+ aaa accounting network start-stop group radius
http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

aaa accounting network start-stop group tacacs+

When configuring a method list for AAA authentication, what is the effect of the keyword local? It accepts a locally configured username, regardless of case. It defaults to the vty line password for authentication. The login succeeds, even if all methods return an error. It uses the enable password for authentication.

What is the result if an administrator configures the aaa authorization command prior to creating a user with full access rights? The administrator is immediately locked out of the system. The administrator is denied all access except to aaa authorization commands. The administrator is allowed full access using the enable secret password. The administrator is allowed full access until a router reboot, which is required to apply changes.

Which statement identifies an important difference between TACACS+ and RADIUS? TACACS+ provides extensive accounting capabilities when

compared to RADIUS. The RADIUS protocol encrypts the entire packet transmission. The TACACS+ protocol allows for separation of authentication from authorization.
http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

RADIUS can cause delays by establishing a new TCP session for each authorization request.

Which two statements describe Cisco Secure ACS? (Choose two.) Cisco Secure ACS supports LDAP. Cisco Secure ACS is only supported on wired LAN connections. Cisco Secure ACS only supports the TACACS+ protocol. Cisco Secure ACS supports both TACACS+ and RADIUS

protocols. Cisco Secure ACS Express is a rack-mountable unit intended for more than 350 users.

How does a Cisco Secure ACS improve performance of the TACACS+ authorization process? reduces overhead by using UDP for authorization queries reduces delays in the authorization queries by using persistent TCP sessions reduces bandwidth utilization of the authorization queries by allowing cached credentials reduces number of authorization queries by combining the authorization process with authentication

How does a Cisco Secure ACS improve performance of the TACACS+ authorization process? reduces overhead by using UDP for authorization queries reduces delays in the authorization queries by using persistent TCP sessions

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

reduces bandwidth utilization of the authorization queries by allowing cached credentials reduces number of authorization queries by combining the authorization process with authentication

What is an effect if AAA authorization on a device is not configured? Authenticated users are granted full access rights. User access to specific services is determined by the

authentication process. Character mode authorization is limited, and packet mode denies all requests. All authorization requests to the TACACS server receive a REJECT response.

Refer to the exhibit. Router R1 has been configured as shown, with the resulting log message. On the basis of the information presented, which two AAA authentication statements are true? (Choose two.) The locked-out user failed authentication. The locked-out user is locked out for 10 minutes by default. The locked-out user should have used the username Admin and password Pa55w0rd. The locked-out user should have used the username admin and password Str0ngPa55w0rd. The locked-out user stays locked out until the clear aaa local user lockout username Admin command is issued.

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

Which technology provides the framework to enable scalable access security? role-based CLI access Simple Network Management Protocol AutoSecure Cisco Configuration Professional communities authentication, authorization, and accounting

Which two modes are supported by AAA to authenticate users for accessing the network and devices? (Choose two.) verbose mode character mode quiet mode packet mode ancillary mode

Which two features are included by both TACACS+ and RADIUS protocols? (Choose two.) separate authentication and authorization processes password encryption utilization of transport layer protocols SIP support 802.1X support

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

New Questions

After accounting is enabled on an IOS device, how is a default accounting method list applied? (by Naji Alobaidi) Accounting method lists are applied only to the VTY interfaces. A named accounting method list must be explicitly defined and applied to desired interfaces. Accounting method lists are not applied to any interfaces until an interface is added to the server group. The default accounting method list is automatically applied to all interfaces, except those with named accounting method lists.

As stated earlier, all the answers should be 100% correct. However if you find any mistake or wrong answer in the solution above, please do not hesitate to comment below. Also, if you have new updated questions, you may share here to all the readers. We really appreciate it. Hopefully it will benefits all of us. Questions and answers in this chapter 3 test has been provided by XASE. All credits goes to him.

Web hosting services

Web hosting servers

Cisco Ccna

This entry was posted in Data Network, Network Security and tagged 2012, Answer, CCNA Security, CCNA Security Chapter 3 Answer, CCNA Security Chapter 3Test, CCNAS Chapter 3 Test, CCNAS v1.1, Chapter 3 Test, Solution, Solution CCNA Security Chapter 3 by InviAlgo. Bookmark the permalink.

8 THOUGHTS ON ANSWER CCNA SECURITY CHAPTER 3 TEST CCNAS V1.1

leandro on August 2, 2012 at 11:23 PM said:

Muchas gracias!, me sirvio mucho!.

Reply

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

leandro on August 2, 2012 at 11:26 PM said:

Si pudieras subir los demas exmenes te lo agredecera mucho!

Reply

Naji Alobaidi on August 4, 2012 at 6:03 PM said:

I had my quzie today and I got those qusetions which not here..It is %100 corect When configuring a Cisco Secure ACS, how is the configuration interface accessed? A Web browser is used to configure a Cisco Secure ACS.(answer) The Cisco Secure ACS can be accessed from the router console. Telnet can be used to configure a Cisco Secure ACS server after an initial configuration is complete. The Cisco Secure ACS can be accessed remotely after installing ACS client software on the administrator workstation. After accounting is enabled on an IOS device, how is a default accounting method list applied? Accounting method lists are applied only to the VTY interfaces. A named accounting method list must be explicitly defined and applied to desired interfaces.

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

Accounting method lists are not applied to any interfaces until an interface is added to the server group. The default accounting method list is automatically applied to all interfaces, except those with named accounting method lists.(answer) Thank you I got 100% by your help
Reply

InviAlgo on August 4, 2012 at 9:30 PM said:

Hi Naji Alobaidi, I believe the first question is already stated in the post. I have update the second question in this post. Thank you very much for the update and congrats.
Reply

Ilf Peprov on October 3, 2012 at 5:28 PM said:

New question When configuring a method list for AAA authentication, what is the effect of the keyword local? *It accepts a locally configured username, regardless of case.* truly It defaults to the vty line password for authentication.

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

The login succeeds, even if all methods return an error. It uses the enable password for authentication.
Reply

InviAlgo on October 4, 2012 at 2:43 AM said:

I believe the question is already in the list. Just copy, use find on your browser and youll found it. Thanks for your effort anyway.
Reply

netadmin on October 18, 2012 at 6:41 AM said:

new question: Refer to the exhibit. Router R1 has been configured as shown, with the resulting log message. On the basis of the information presented, which two AAA authentication statements are true? (Choose two.) Correct Response The locked-out user failed authentication. The locked-out user stays locked out until the clear aaa local user lockout username Admin command is issued.
Reply

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

InviAlgo on October 18, 2012 at 6:42 PM said:

thanks. however i believe the question is already in the list. copy the question and use find in your browser. Thanks anyway
Reply

Leave a Reply
Your email address will not be published. Required fields are marked *

Name

Email

Website

Comment

All All

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]

Answer CCNA Security Chapter 3 Test CCNAS v1.1 | Invisible Algorithm

Post Comment
Notify me of followup comments via e-mail. You can also subscribe without commenting.

Search Invisible Algorithm: ccna security chapter 3 exam answers, which authentication method stores usernames and passwords in the router and is ideal for small networks?, Which technology provides the framework to enable scalable access security?, why is local database authentication preferred over a password-only login?, which technology provides the framework to enable scalable access security, ccna security chapter 3, after accounting is enabled on an ios device how is a default accounting method list applied?, which two features are included by both tacacs and radius protocols, Which two features are included by both TACACS and RADIUS protocols? (Choose two ), Which two features are included by both TACACS and RADIUS protocols? (Choose two

http://www.invialgo.com/2012/answer-ccna-security-chapter-3-test-ccnas-v1-1/[11/1/2012 1:16:24 AM]