Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.)
Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.)
To authenticate end users to the Cisco Web Security Appliance (WSA), the two protocols that must be configured are NTLMSSP and Kerberos. NTLMSSP (NT LAN Manager Security Support Provider) is a protocol used for authentication in Windows environments. Kerberos is a widely used network authentication protocol that uses tickets for process secure user authentication. These protocols are commonly used to authenticate users in a secure and efficient manner in environments where Cisco WSA is deployed.
should be C. NTLMSSP E. Kerberos https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-7/user_guide/b_WSA_UserGuide_11_7/b_WSA_UserGuide_11_7_chapter_0101.html
I agree!
C,E is correct
Neither RADIUS or TACACS+ authenticates the user. They facilitate communication to the authentication server. Kerberos and NTLMSSP do authenticate the user.
Agreed! You can deploy a WSA to act as a RADIUS client in this instance, facilitating communication to a RADIUS server for verification. Kerberos, NTLMSSP, & Basic are supported authentication schemes that DO authenticate the user.
he correct answer for the question is D. RADIUS E. Kerberos. NTLMSSP is also an option, but it's not a common one as the question is asking for the most common protocols that are used to authenticate end users to the Cisco WSA.https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-7/user_guide/b_WSA_UserGuide_11_7/b_WSA_UserGuide_11_7_chapter_0101.html
To authenticate end users to the WSA, you would typically configure the following two protocols: NTLMSSP and RADIUS. Kerberos is another authentication protocol commonly used in Windows environments, but it is not typically used directly with WSA for web authentication. Instead, NTLMSSP is more commonly used for Windows-based authentication scenarios. Note from Cisco guide: Kerberos is only supported in Standard mode. It is not supported in Cloud Connector mode. Another note from this guide: You can authenticate users through an external LDAP or RADIUS server. (...) The WSA and AD agent communicate with each other using the RADIUS protocol. https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-7/user_guide/b_WSA_UserGuide_11_7/b_WSA_UserGuide_11_7_chapter_0101.html
Correct Answer is C & E
chatgpt says C. NTLMSSP D. RADIUS so im going with that :P lol