Exam SY0-501 topic 1 question 599 discussion

RADIUS is all in one... where TACCS is split up

RADIUS provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management.

Remote Authentication Dial-In User Service is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service.

Keep in mind that LDAP is not an authentication protocol, but it does facilitate authentication and resource access.

Answer is D LDAP port 389 Key word back end directory Lightweight Directory Access Protocol (LDAP) is a client/server protocol used to access and manage directory information. It reads and edits directories over IP networks and runs directly over TCP/IP using simple string formats for data transfer. Directory servers include information about various entities on your network, such as user names, passwords, rights associated with user names, metadata associated with user names, devices connected to the network, and device configuration. Use LDAP to obtain directory information, such as email addresses and public keys. If you want to make directory information available over the Internet, this is the way to do it. LDAP works well for captive portal authentication. However, LDAP does not implement 802.1X security easily. 802.1X was essentially designed with RADIUS in mind, so 802.1X challenge/response protocols like MSCHAPv2 work well with RADIUS

"centralized authentication for its wireless system", that basically means RADIUS

TACACS+ - Device Authentication RADIUS - Network Access Source: https://www.networkworld.com/article/2838882/radius-versus-tacacs.html

Supporting C Radius which provides centralized AAA solution - Mike Meyers 501: "Terminal Access Controller Access Control System Plus (TACACS+) A proprietary protocol developed by Cisco to support AAA in a network with many routers and switches. It is similar to RADIUS in function, but uses TCP port 49 by default and separates authorization, authentication, and accounting into different parts.

Both are correct but TACACS+ Is a Cisco proprietary, so the answer is RADIUS.

Most likely RADIUS : see -> https://www.geeksforgeeks.org/difference-between-tacacs-and-radius/#:~:text=TACACS%2B%20provides%20more%20control%20over,in%20RADIUS%20i.e%20more%20secure.

Both are correct but for authentications in this case wireless it would be RADIUS. TACACS+ is usually used in case of device access and command authorization

Do you really think TACACS+ could be the answer or TACAS+? I know about TACAS and TACAS+ but not about TACACS+! Watch out on the exam

I think because it says wireless authentication, so RADIUS is the correct here.

I think the key here is that it has to talk to the directory backend. Per Gibson, "...it is more common for the RADIUS server to access an LDAP server...."

I think the answer is A- TACAC+

TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ also uses AAA framework to provide centralized access into a network. The answer should be A