RADIUS Server Response Types

C.

In response to an access-request from a client, a RADIUS server returns one of three authentication responses: access-accept, access-reject, or access- challenge, the latter being a request for additional authentication information such as a one-time password from a token or a callback identifier.

Source: TIPTON, Harold.

F.

& KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, 2001, CRC Press, NY, page 36.

RADIUS (Remote Authentication Dial-In User Service) is a protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service. When a client (such as a Network Access Server) sends an Access-request to a RADIUS server, the server can send several types of responses.

The options provided in the question are: A. Access-Accept B. Access-Reject C. Access-Granted D. Access-Challenge

Out of these options, "Access-Granted" is not a valid response that a RADIUS server sends to an Access-request from a client. The correct response types are:

A. Access-Accept: If the RADIUS server successfully authenticates and authorizes the client's request, it sends an Access-Accept message to the client, allowing access to the requested network resource.

B. Access-Reject: If the RADIUS server cannot authenticate or authorize the client's request, it sends an Access-Reject message to the client, denying access to the requested network resource.

D. Access-Challenge: Sometimes the RADIUS server may require additional information from the client to complete the authentication and authorization process. In this case, it sends an Access-Challenge message to the client, requesting additional information or credentials.

To summarize, when a client sends an Access-request to a RADIUS server, the server can respond with Access-Accept, Access-Reject, or Access-Challenge, but not Access-Granted.