Which option is a characteristic of the RADIUS protocol?

Which option is a characteristic of the RADIUS protocol?

Which option is a characteristic of the RADIUS protocol?

A.
uses TCP

B.
offers multiprotocol support

C.
combines authentication and authorization in one process

D.
supports bi-directional challenge

Explanation:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
Authentication and Authorization
RADIUS combines authentication and authorization. The access-accept packets sent by the
RADIUS server to the client contain authorization information. This makes it difficult to
decouple authentication and authorization.
TACACS+ uses the AAA architecture, which separates AAA. This allows separate
authentication solutions that can still use TACACS+ for authorization and accounting. For
example, with TACACS+, it is possible to use Kerberos authentication and TACACS+
authorization and accounting. After a NAS authenticates on a Kerberos server, it requests
authorization information from a TACACS+ server without having to re-authenticate. The NAS
informs the TACACS+ server that it has successfully authenticated on a Kerberos server, and
the server then provides authorization information.
During a session, if additional authorization checking is needed, the access server checks
with a TACACS+ server to determine if the user is granted permission to use a particular
command. This provides greater control over the commands that can be executed on the
access server while decoupling from the authentication mechanism.



Leave a Reply 0

Your email address will not be published. Required fields are marked *