Last Updated on August 3, 2021 by Admin 3
Which of the following is typically implemented in a cluster configuration? (Select the best answer.)
- ACS
- CSA
- CTA
- SSC
Explanation:
Cisco Secure Access Control System (ACS) is typically implemented in a cluster configuration. ACS is an
Authentication, Authorization, and Accounting (AAA) server that uses Remote Authentication DialIn User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) to provide AAA services for users, hosts, and network infrastructure devices such as switches and routers. An ACS deployment typically consists of a primary server responsible for configuration, authentication, and policy enforcement and one or more secondary servers serving as a backup in case the primary server fails. In largescale deployments, the primary server’s function is typically relegated to configuration and synchronization services, whereas the secondary servers provide AAA services to the network clients.
Cisco Trust Agent (CTA) is responsible for ascertaining the status of security applications and management tools that are installed on a client. As client software, CTA communicates host posture information back to a network access device on a Cisco Network Admission Control (NAC) framework. NAC is a Cisco feature that prevents hosts from accessing the network if they do not comply with organizational requirements, such as containing an updated antivirus definition file. When NAC is configured on an access device, such as a router or switch, the NAC device intercepts connections from hosts that are not yet registered on the network. When a host attempts to connect to the network, the access device queries the CTA running on the host for the host’s security status. The access device then sends this information to the ACS, which determines whether the host is in compliance with organizational security policies. If the host is in compliance, it is allowed to access the network? if the host is not in compliance, it can be denied access, quarantined, or allowed limited network access.
Cisco Secure Services Client (SSC) is client security software that facilitates the use of one authentication framework for connecting to both wired and wireless devices on a Cisco Unified Wireless Network. SSC makes use of the Extensible Authentication Protocol (EAP), WiFi Protected Access (WPA), and WPA2 standards to control network access and enforce security policies for clients using Microsoft Windows platforms. Cisco SSC is not typically implemented in a cluster configuration.
Cisco Security Agent (CSA) is a Hostbased Intrusion Prevention System (HIPS) that can be installed on host computers, servers, and pointofsale (POS) computers. CSA can help protect these devices from malicious network traffic, such as zeroday attacks. In addition, CSA can provide local firewall services, antivirus services, and security policy enforcement. CSA is not typically implemented in a cluster configuration.
Cisco Secure Access Control System (ACS) is typically implemented in a cluster configuration. ACS is an
Authentication, Authorization, and Accounting (AAA) server that uses Remote Authentication DialIn User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) to provide AAA services for users, hosts, and network infrastructure devices such as switches and routers. An ACS deployment typically consists of a primary server responsible for configuration, authentication, and policy enforcement and one or more secondary servers serving as a backup in case the primary server fails. In largescale deployments, the primary server’s function is typically relegated to configuration and synchronization services, whereas the secondary servers provide AAA services to the network clients.
Cisco Trust Agent (CTA) is responsible for ascertaining the status of security applications and management tools that are installed on a client. As client software, CTA communicates host posture information back to a network access device on a Cisco Network Admission Control (NAC) framework. NAC is a Cisco feature that prevents hosts from accessing the network if they do not comply with organizational requirements, such as containing an updated antivirus definition file. When NAC is configured on an access device, such as a router or switch, the NAC device intercepts connections from hosts that are not yet registered on the network. When a host attempts to connect to the network, the access device queries the CTA running on the host for the host’s security status. The access device then sends this information to the ACS, which determines whether the host is in compliance with organizational security policies. If the host is in compliance, it is allowed to access the network? if the host is not in compliance, it can be denied access, quarantined, or allowed limited network access.
Cisco Secure Services Client (SSC) is client security software that facilitates the use of one authentication framework for connecting to both wired and wireless devices on a Cisco Unified Wireless Network. SSC makes use of the Extensible Authentication Protocol (EAP), WiFi Protected Access (WPA), and WPA2 standards to control network access and enforce security policies for clients using Microsoft Windows platforms. Cisco SSC is not typically implemented in a cluster configuration.
Cisco Security Agent (CSA) is a Hostbased Intrusion Prevention System (HIPS) that can be installed on host computers, servers, and pointofsale (POS) computers. CSA can help protect these devices from malicious network traffic, such as zeroday attacks. In addition, CSA can provide local firewall services, antivirus services, and security policy enforcement. CSA is not typically implemented in a cluster configuration.