RADIUS Protocol Statements: True Facts | Exam 400-251 | Cisco

Which Three RADIUS Protocol Statements Are True?

Prev Question Next Question

Question

Which three RADIUS protocol statements are true? (Choose three.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

CDF.

The RADIUS (Remote Authentication Dial-In User Service) protocol is used to provide centralized authentication, authorization, and accounting (AAA) management for users who connect to a network service. RADIUS protocol statements are used to describe the characteristics and behavior of this protocol.

The correct statements about the RADIUS protocol are:

C. RADIUS packet types for authentication include Access-Request, Access-Challenge, Access-Accept, and Access-Reject. RADIUS messages are classified into different types. These four packet types are used for authentication. Access-Request packets are used to request authentication, Access-Challenge packets are used to request additional information from the user, Access-Accept packets are used to indicate successful authentication, and Access-Reject packets are used to indicate unsuccessful authentication.

D. RADIUS protocol runs over UDP 1812 and 1813. The RADIUS protocol typically runs over User Datagram Protocol (UDP) on ports 1812 and 1813. These ports are reserved for RADIUS authentication and RADIUS accounting, respectively.

F. RADIUS supports PPP, PAP, and CHAP as authentication methods. RADIUS supports multiple authentication protocols, including the Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), and Challenge-Handshake Authentication Protocol (CHAP).

Therefore, options C, D, and F are the correct statements about the RADIUS protocol.

Option A is incorrect because RADIUS protocol uses UDP, not TCP, for communication. The correct ports are 1812 and 1813, not 1645 and 1646.

Option B is incorrect because RADIUS operates as a client/server protocol, and the Network Access Server (NAS) acts as a client to the RADIUS server.

Option E is incorrect because the correct packet types for authentication are Access-Request, Access-Challenge, Access-Accept, and Access-Reject, not Access-Permit and Access-Denied.