SYSTEM ADMINISTRATION FINAL EXAM
PRACTICE QUESTIONS WITH DETAILED
SOLUTIONS 2026
▶ Which IETF attribute is supported for the RADIUS CoA feature?
A. 24 State
B. 30 Calling-Station-ID
C. 42 Acct-Session-ID
D. 81 Message-Authenticator. Answer:
▶ PAC. Answer: Proxy Auto Configuration. Method used to automatically
configure systems to use a proxy server.
▶ IETF. Answer: Internet Engineering Task Force - develops and
promotes voluntary Internet standards and protocols, in particular the
standards that comprise the Internet protocol suite (TCP/IP).
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is State?. Answer: Type: 24
Description: Contains state information that is passed between the NAS
and the RADIUS server.
Usage: Often used in challenge/response authentication methods to
maintain state between requests.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Calling-Station-ID?. Answer: Type: 31
Description: Identifies the phone number or MAC address of the client
device.
Usage: Useful in tracking and identifying devices that are making
authentication requests.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Acct-Session-ID?. Answer: Type: 44
Description: A unique identifier for an accounting session, used in RADIUS
accounting.
, Usage: Helps in correlating multiple RADIUS accounting messages related
to the same session.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Message-Authenticator?. Answer: Type: 80
Description: Used to verify the authenticity and integrity of RADIUS
packets, ensuring that the message has not been tampered with.
Usage: Essential for securing RADIUS communications.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Error-Cause?. Answer: Type: 101
Description: Typically included in a RADIUS response message to inform
the RADIUS client (such as a Network Access Server, NAS) about the
reason for the rejection or failure of a request. Usage: Helps in diagnosing
issues and allows for appropriate corrective actions to be taken.
▶ When a transparent authentication fails on the Web Security Appliance,
which type of access does the end user get?
A. guest
B. limited Internet
C. blocked
D. full Internet. Answer: A. Guest
If transparent authentication fails, you can configure how to handle the
transaction: you can grant the user guest access, or you can force an
authentication prompt to appear to the user.
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-
0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_01001.html
#con_1442362
▶ NAD. Answer: Network Access Device:
Any network device that controls access to the network. This includes
switches, wireless access points (APs), VPN concentrators, and other
devices that manage how users and devices connect to the network.
▶ CoS. Answer: Class of Service:
A method of managing traffic in a network by assigning different levels of
priority to different types of traffic. This allows network administrators to
ensure that more important or time-sensitive data, such as voice or video,
receives preferential treatment over less critical traffic, like email or file
downloads.
PRACTICE QUESTIONS WITH DETAILED
SOLUTIONS 2026
▶ Which IETF attribute is supported for the RADIUS CoA feature?
A. 24 State
B. 30 Calling-Station-ID
C. 42 Acct-Session-ID
D. 81 Message-Authenticator. Answer:
▶ PAC. Answer: Proxy Auto Configuration. Method used to automatically
configure systems to use a proxy server.
▶ IETF. Answer: Internet Engineering Task Force - develops and
promotes voluntary Internet standards and protocols, in particular the
standards that comprise the Internet protocol suite (TCP/IP).
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is State?. Answer: Type: 24
Description: Contains state information that is passed between the NAS
and the RADIUS server.
Usage: Often used in challenge/response authentication methods to
maintain state between requests.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Calling-Station-ID?. Answer: Type: 31
Description: Identifies the phone number or MAC address of the client
device.
Usage: Useful in tracking and identifying devices that are making
authentication requests.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Acct-Session-ID?. Answer: Type: 44
Description: A unique identifier for an accounting session, used in RADIUS
accounting.
, Usage: Helps in correlating multiple RADIUS accounting messages related
to the same session.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Message-Authenticator?. Answer: Type: 80
Description: Used to verify the authenticity and integrity of RADIUS
packets, ensuring that the message has not been tampered with.
Usage: Essential for securing RADIUS communications.
▶ Regarding the Common IETF Attributes in RADIUS what attribute
number is Error-Cause?. Answer: Type: 101
Description: Typically included in a RADIUS response message to inform
the RADIUS client (such as a Network Access Server, NAS) about the
reason for the rejection or failure of a request. Usage: Helps in diagnosing
issues and allows for appropriate corrective actions to be taken.
▶ When a transparent authentication fails on the Web Security Appliance,
which type of access does the end user get?
A. guest
B. limited Internet
C. blocked
D. full Internet. Answer: A. Guest
If transparent authentication fails, you can configure how to handle the
transaction: you can grant the user guest access, or you can force an
authentication prompt to appear to the user.
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-
0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_chapter_01001.html
#con_1442362
▶ NAD. Answer: Network Access Device:
Any network device that controls access to the network. This includes
switches, wireless access points (APs), VPN concentrators, and other
devices that manage how users and devices connect to the network.
▶ CoS. Answer: Class of Service:
A method of managing traffic in a network by assigning different levels of
priority to different types of traffic. This allows network administrators to
ensure that more important or time-sensitive data, such as voice or video,
receives preferential treatment over less critical traffic, like email or file
downloads.
