ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam SSCP All Questions

View all questions & answers for the SSCP exam
Go to Exam

Exam SSCP topic 1 question 234 discussion

Actual exam question from ISC's SSCP
Question #: 234
Topic #: 1
[All SSCP Questions]

Which of the following statements pertaining to RADIUS is incorrect:

  • A. A RADIUS server can act as a proxy server, forwarding client requests to other authentication domains.
  • B. Most of RADIUS clients have a capability to query secondary RADIUS servers for redundancy.
  • C. Most RADIUS servers have built-in database connectivity for billing and reporting purposes.
  • D. Most RADIUS servers can work with DIAMETER servers.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
This is the correct answer because it is FALSE.
Diameter is an AAA protocol, AAA stands for authentication, authorization and accounting protocol for computer networks, and it is a successor to RADIUS.
The name is a pun on the RADIUS protocol, which is the predecessor (a diameter is twice the radius).
The main differences are as follows:
Reliable transport protocols (TCP or SCTP, not UDP)
The IETF is in the process of standardizing TCP Transport for RADIUS
Network or transport layer security (IPsec or TLS)
The IETF is in the process of standardizing Transport Layer Security for RADIUS
Transition support for RADIUS, although Diameter is not fully compatible with RADIUS
Larger address space for attribute-value pairs (AVPs) and identifiers (32 bits instead of 8 bits)
Clientserver protocol, with exception of supporting some server-initiated messages as well
Both stateful and stateless models can be used
Dynamic discovery of peers (using DNS SRV and NAPTR)

Capability negotiation -
Supports application layer acknowledgements, defines failover methods and state machines (RFC 3539)

Error notification -

Better roaming support -
More easily extended; new commands and attributes can be defined

Aligned on 32-bit boundaries -
Basic support for user-sessions and accounting
A Diameter Application is not a software application, but a protocol based on the Diameter base protocol (defined in RFC 3588). Each application is defined by an application identifier and can add new command codes and/or new mandatory AVPs. Adding a new optional AVP does not require a new application.
Examples of Diameter applications:
Diameter Mobile IPv4 Application (MobileIP, RFC 4004)
Diameter Network Access Server Application (NASREQ, RFC 4005)
Diameter Extensible Authentication Protocol (EAP) Application (RFC 4072)
Diameter Credit-Control Application (DCCA, RFC 4006)
Diameter Session Initiation Protocol Application (RFC 4740)
Various applications in the 3GPP IP Multimedia Subsystem
All of the other choices presented are true. So Diameter is backwork compatible with Radius (to some extent) but the opposite is false.
Reference(s) used for this question:
TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, 2001, CRC Press, NY, Page 38. and https://secure.wikimedia.org/wikipedia/en/wiki/Diameter_%28protocol%29
by xymavu at April 4, 2025, 11:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel