Sign Up
Log In
Home
discussion
Exam 400-101 Question id=735 Infrastructure Security

Which of the following statements are true regarding RADIUS?

A. RADIUS is an IETF standard protocol
B. RADIUS uses TCP port 49
C. RADIUS encrypts the entire packet during transmission
D. RADIUS combines authentication and authorization into a single function
E. RADIUS provides more flexible security options than TACACS+

Of the choices available, Remote Authentication DialIn User Service (RADIUS) is an Internet Engineering Task Force (IETF) standard protocol and combines authentication and authorization into a single function. RADIUS is an Authentication, Authorization, and Accounting (AAA) protocol that can be used for controlling access to a router or switch. Although RADIUS does not encrypt the entire contents of a packet, it does provide some security by encrypting the password in an AccessRequest packet. By contrast, Terminal Access Controller Access Control System Plus (TACACS+) encrypts the entire packet.
RADIUS is limited by the fact that authorization and authentication are combined into a single function. By contrast, TACACS+ separates authorization, authentication, and accounting functions, which provides TACACS+ with more flexible security options for controlling access to configuration commands.
RADIUS uses User Datagram Protocol (UDP), not Transmission Control Protocol (TCP), for packet delivery. By contrast, TACACS+ uses TCP on port 49 for data delivery.