A security administrator has been tasked to ensure access to all network equipment is controlled
by a central server such as TACACS+. This type of implementation supports which of the following
risk mitigation strategies?
A.
User rights and permissions review
B.
Change management
C.
Data loss prevention
D.
Implement procedures to prevent data theft
Explanation:
TACACS+ and RADIUS both use AAA –
An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides AUTHENTICATION, AUTHORIZATION, and ACCOUNTING (AAA) services.
The primary functional difference between RADIUS and TACACS+ is that TACACS+ separates out the Authorization functionality, where RADIUS combines both Authentication and Authorization. Though this may seem like a small detail, it makes a world of difference when implementing administrator AAA in a network environment.
• Terminal Access Controller Access-Control System (TACACS, and variations like XTACACS and TACACS+) is a client/server-oriented environment, and it operates in a manner similar to RADIUS.
• Furthermore TACACS+ allows for credential to be accepted from multiple methods. Thus you can perform user rights and permission reviews with TACACS+.
What really help us in here is that the incorrect answers (B, C and D) are so blatantly daft that they are not even worth investigating
0
0