You have executed the following commands on switch55:
What is the result of executing the given commands? (Choose two.)
A.
Only the listed RADIUS server is used for authentication
B.
802.1X authentication is enabled on the Fa0/1 interface only
C.
The key for the RADIUS server is firstKey111
D.
AAA is not enabled on the switch
Explanation:
As a result of executing these commands, the default list is used for the RADIUS server for authentication, and
the key for the RADIUS server is firstKey111.
A RADIUS server combines the authentication and authorization processes. Before you configure the RADIUS
server, you should enable AAA by using the aaa new-model command in global configuration mode. Then, you
can specify the location of the RADIUS server and the key using the radius-server host command. In this case,
the RADIUS server is located at the IP address 192.168.105.67 and requires the key firstKey111 as the
encryption key. This key must be mutually agreed upon by the server and the clients.
The aaa authentication dot1x default group radius command creates a method list for 802.1X authentication.
The default group radius keywords specify that the default method will be to use all listed RADIUS servers to
authenticate clients. Since only one is listed, it will be the only one used.
It is incorrect to state that 802.1X authentication is enabled only on the Fa0/1 interface. The interface range Fa
0/1 – 11 and the dot1x port-control auto commands specify that 802.1X authentication is enabled on the
interfaces Fa0/1 to Fa0/11.
It is incorrect to state that AAA is not enabled on the switch. The aaa new-model command enables AAA
globally on the switch.
Objective:
Infrastructure Security
Sub-Objective:
Describe device security using AAA with TACACS+ and RADIUSCisco > Support > Cisco IOS Security Command Reference: Commands A to C > aaa new-model
Cisco > Support > Cisco IOS Security Command Reference: Commands D to L > dot1x port-control
Cisco > Support > Cisco IOS Security Command Reference: Commands M to R > radius-server host