background image
Answers to Chapter 12 Q&A Section 441
8
What is authorization?
Authorization enables the administrator to control authorization on a one-time, per-
service, per-user list, per-group, or per-protocol basis.
9
What does the argument start-stop mean when using AAA accounting?
The start-stop option sends an accounting record when the process has begun. This is sent
as a background process and the user request is begun without delay. When the user
process is completed, the stop time and information is sent to the AAA database. This
option is needed when an elapsed time of usage is required.
10
What commands when tracked should use the wait-start argument?
The wait-start option is important when the tracked event might cause a loss of
connectivity with the accounting database, such as during a reload or shutdown.
11
What is stored in a virtual profile?
The user-specific information for a particular connection is stored in a virtual profile on
the AAA server. This information is specific to the destination being called and the
connection being used. The key to a virtual profile is that it can be centrally managed.
Answers to Chapter 12 Q&A Section
1
What does AAA stand for?
It stands for authentication, authorization, and accounting.
2
What ports operate in character mode on the router?
The VTY, AUX, and CON ports operate in character mode.
3
When enabling AAA for TACACS+, what does the argument single-connection do?
It establishes a connection that is not torn down.
4
What is authentication?
Authentication provides a method of identifying users. During the authentication process,
the user login (name) and password are checked against the AAA database.
5
What is the difference between character mode and packet mode?
Character mode sends keystrokes to the router through the TTY, VTY, AUX, and CON
ports for configuration or query commands. Packet mode uses interface mode or a link
protocol session to communicate with a device other than the router. These defined
interfaces are async, group-async, BRI, PRI, serial, dialer profiles and dialer rotaries.