Which of the following statements are true regarding TACACS+? (Select 2 choices.)

A. TACACS+ is a standard protocol created by IETF.

B. TACACS+ separates the authentication, authorization, and accounting functions of AAA.

C. TACACS+ encrypts only the password in AccessRequest packets.

D. TACACS+ enables administrators to control access to configuration commands.

E. TACACS+ uses UDP for packet delivery.

Explanation:

Explanation/Reference:
Of the choices available, Terminal Access Controller Access Control System Plus (TACACS+) separates the authentication, authorization, and accounting functions of Authentication, Authorization, and Accounting (AAA) and enables administrators to control access to configuration commands. TACACS+ is a Ciscoproprietary protocol used during AAA operations. Unlike other AAA protocols, such as Remote Authentication DialIn User Service (RADIUS), TACACS+ provides more granular and flexible control over user access privileges. For example, the AAA operations are separated by TACACS+, whereas RADIUS combines the authentication and authorization services into a single function. Because TACACS+ separates these functions, administrators have more control over access to configuration commands. Additionally, TACACS+ encrypts the entire contents of packets, thus providing additional security. TACACS + uses Transmission Control Protocol (TCP) port 49 for transport.

RADIUS, not TACACS+, is a standard AAA protocol created by the Internet Engineering Task Force (IETF). Compared to TACACS+, RADIUS has several limitations. For example, RADIUS encrypts only the password in AccessRequest packets? it does not encrypt the entire contents of the packet like TACACS+ does. RADIUS, not TACACS+, uses User Datagram Protocol (UDP) for packet delivery.

Reference:
Cisco: TACACS+ and RADIUS Comparison: Compare TACACS+ and RADIUS