Question 4: Practice Test for Cisco exam #642-502
4) Objective: Configure authentication, authorization and accounting to provide basic secure access control for networks
SubObjective:
Configure administrative access to the Cisco Secure ACS server
Single Answer, Multiple Choice
A dial-up user is not able to connect to an authentication, authorization and accounting (AAA) Network Access Server (NAS), but a Telnet session is authenticated across the LAN. Which is NOT a possible reason for this?
A. modem configuration problem
B. missing authorization rights of the user
C. an incorrect AAA server configuration
D. denial of port 23 for a dial-up user
Answer:
D. denial of port 23 for a dial-up user
Tutorial:
Denial of port 23 cannot be cited as a possible reason. Port 23 is the default port for telnet. The dial-up user cannot Telnet into the device if port 23 is denied. This is not the case in this scenario because the telnet session is successfully authenticated.
All the other options can be a possible reason for a dial-up user not being able to connect to an AAA client. You should verify the accuracy of modem configuration or the AAA server configuration. It might be possible that the dial-up user does not have the necessary authorization rights to access the network.