On a Cisco ASA, which of the following authentication protocols is not supported by the TACACS+ server? (Select the best answer.)

Last Updated on August 4, 2021 by Admin 3

On a Cisco ASA, which of the following authentication protocols is not supported by the TACACS+ server? (Select the best answer.)

  • ASCII
  • CHAP
  • PAP
  • MSCHAPv1
  • MSCHAPv2
Explanation:
The Terminal Access Controller Access Control System Plus (TACACS+) server on a Cisco Adaptive
Security Appliance (ASA) does not support Microsoft Challenge Handshake Authentication Protocol version
2 (MSCHAPv2). Remote Authentication DialIn User Service (RADIUS) and TACACS+ server groups on a Cisco ASA support Challenge Handshake Authentication Protocol (CHAP), MSCHAP version 1 (MSCHAPv1), and Password Authentication Protocol (PAP).
A Cisco ASA supports a number of different Authentication, Authorization, and Accounting (AAA) server types, such as RADIUS, TACACS+, Lightweight Directory Access Protocol (LDAP), Kerberos, and RSA Security Dynamics, Inc. (SDI) servers.
When authenticating with a TACACS+ server, a Cisco ASA can use the following authentication protocols:
– ASCII
– PAP
– CHAP
– MSCHAPv1
When authenticating with a RADIUS server, a Cisco ASA can use the following authentication protocols:
– PAP
– CHAP
– MSCHAPv1
– MSCHAPv2
– Authentication Proxy Mode (for example, RADIUS to RSA/SDI, RADIUS to Active Directory, and others)

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments