CCNA: Cisco Certified Network Associate — Question 69

What is the difference between RADIUS and TACACS+?

Answer options

• A. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands.
• B. TACACS+ separates authentication and authorization, and RADIUS merges them.
• C. TACACS+ encrypts only password information, and RADIUS encrypts the entire payload.
• D. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication.

Correct answer: B

Explanation

The correct answer is B because TACACS+ separates the processes of authentication and authorization, providing more granular control over access. Options A and C are incorrect as they misrepresent the logging and encryption capabilities of each protocol. Option D is also incorrect because while RADIUS is commonly used for network access, TACACS+ is not limited to dial authentication and can handle multiple authentication types.