Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs?
Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs?
To support separate authorization and authentication solutions for wireless access points, TACACS+ is the most suitable protocol. TACACS+ provides the ability to split the authentication, authorization, and accounting (AAA) functions, enabling clear separation between authentication and authorization processes. This architecture allows the flexibility to use different authentication methods while still managing authorization independently.
Correct: B Authentication and Authorization RADIUS combines authentication and authorization. The access-accept packets sent by the RADIUS server to the client contain authorization information. This makes it difficult to decouple authentication and authorization. TACACS+ uses the AAA architecture, which separates AAA. This allows separate authentication solutions that can still use TACACS+ for authorization and accounting. For example, with TACACS+, it is possible to use Kerberos authentication and TACACS+ authorization and accounting. After a NAS authenticates on a Kerberos server, it requests authorization information from a TACACS+ server without having to re-authenticate. The NAS informs the TACACS+ server that it has successfully authenticated on a Kerberos server, and the server then provides authorization information. Source: https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13838-10.html
but the question state "SEPARATE authorization and authentication solutions...."
Correct Answer: A The key word in the question is "solution." Separate Authorization and Authentication Solutions..... Indeed is the RADIUS that can solve the problem of separation by combining the two. TACACS+ allows seperation of AAA
You have opened my brain to re-think, however question says <<to support separate authorization and authentication solutions>>. RADIUS dos the job but TACACS+ is even better??? RADIUS does not strictly separate authentication and authorization into distinct processes like TACACS+, it does provide both authentication and authorization functionalities within the same protocol.
Correct: B Authentication and Authorization RADIUS combines authentication and authorization.
TACACS+ uses the AAA architecture, which separates AAA
Why do i think 802.1X is the answer? Tacacs is not really used on wireless network solutions. And if you use 802.1X for authentication on the wireless network, you have separated the solution of authentication and authorization while making Radius do the backend authorization. On wireless networks, 802.1X and radius are usually used together to provide authentication and authorization .
correct Answer is B
it´s B
what a tricky question
The question is tricky it says to support separate....
it is TACACS+
tacas +
Correct Answer: A The key word in the question is "solution." Separate Authorization and Authentication Solutions..... Indeed is the RADIUS that can solve the problem of separation by combining the two. TACACS+ allows seperation of AAA
it must b TACACS+
Separate is the key word here
RADIUS (Remote Authentication Dial-In User Service) is commonly used for both authentication and authorization in networking environments. It allows for separate authentication (verifying the identity of the user or device) and authorization (determining what the authenticated user or device is allowed to access) processes. This is important in scenarios like wireless networks where you want to control who can access the network and what resources they can access.
A is correct
correct answer: B