[TABS_R id=8782]
You issue the following command on a Cisco device: test aaa group radius user1 b0s0n newcode profile profile1Which of the following is true? (Select the best answer.)
- The command will fail.
- The command will succeed but report an error.
- The command will succeed without error.
- There is not enough information to determine the success or failure of the command.
Explanation:
There is not enough information in this scenario to determine the success or failure of the command. In order to determine whether the command would succeed or fail, you would need to know whether the profile named profile1 had been configured in this scenario. In addition, you would need to know whether the Remote Authentication DialIn User Service (RADIUS) server in this scenario is operational on the network.
The test aaa group command is used to verify an Authentication, Authorization, and Accounting (AAA) server configuration. However, the command works only with a RADIUS configuration, not with a Terminal Access Controller Access Control System Plus (TACACS+) configuration. The syntax of the test aaa command is test aaa {groupname | radius} username password newcode [profile profilename], where groupname is a subset of RADIUS servers, username is the name for the test user, and password is the test user’s password.
The test aaa group command can associate a Dialed Number Identification Service (DNIS) or Caller Line Identification (CLID) named user profile with a record sent to the server. The newcode keyword configures the command to support a CLID or DNIS user profile association with the RADIUS server. The profile profilename keyword associates the user profile specified by profilename with the RADIUS server.
The test aaa group command can generate either a “User rejected” message or a “User successfully authenticated” message if the RADIUS server is alive. In order to generate either of those messages, the test aaa command must be able to connect to the RADIUS server.
There is not enough information in this scenario to determine the success or failure of the command. In order to determine whether the command would succeed or fail, you would need to know whether the profile named profile1 had been configured in this scenario. In addition, you would need to know whether the Remote Authentication DialIn User Service (RADIUS) server in this scenario is operational on the network.
The test aaa group command is used to verify an Authentication, Authorization, and Accounting (AAA) server configuration. However, the command works only with a RADIUS configuration, not with a Terminal Access Controller Access Control System Plus (TACACS+) configuration. The syntax of the test aaa command is test aaa {groupname | radius} username password newcode [profile profilename], where groupname is a subset of RADIUS servers, username is the name for the test user, and password is the test user’s password.
The test aaa group command can associate a Dialed Number Identification Service (DNIS) or Caller Line Identification (CLID) named user profile with a record sent to the server. The newcode keyword configures the command to support a CLID or DNIS user profile association with the RADIUS server. The profile profilename keyword associates the user profile specified by profilename with the RADIUS server.
The test aaa group command can generate either a “User rejected” message or a “User successfully authenticated” message if the RADIUS server is alive. In order to generate either of those messages, the test aaa command must be able to connect to the RADIUS server.
[TABS_R id=8782]