Which authentication type in QRadar encrypts the username and password and forwards the username and password to the external server for authentication?

Which authentication type in QRadar encrypts the username and password and forwards the username and password to the external server for authentication?
A . RADIUS authentication
B . Two-factor authentication
C . TACACS authentication
D . System authentication

View Answer

Answer: C

Explanation:

TACACS (Terminal Access Controller Access-Control System) authentication is a protocol used in IBM QRadar SIEM V7.5 for authenticating users by forwarding their credentials to an external server.

Here’s how it works:

Encryption: TACACS encrypts the entire payload of the authentication packet, including the username and password, ensuring secure transmission.

Forwarding Credentials: After encryption, the credentials are forwarded to an external TACACS server, which performs the actual authentication.

Authentication Process: The external server checks the credentials against its database and sends a response back to QRadar indicating whether the authentication is successful or not.

Reference

IBM QRadar SIEM documentation explains TACACS authentication in detail, highlighting its secure encryption and external server verification process.