Which AAA protocol is commonly used for network devices?

The correct answer is based on the common usage of RADIUS (Remote Authentication Dial-In User Service) as an AAA (Authentication, Authorization, and Accounting) protocol, particularly for network access by devices such as routers, switches, and access points. RADIUS is widely adopted in various environments due to its ability to centralize authentication for users accessing network resources. It effectively facilitates access control and the ability to manage user sessions.

RADIUS operates by sending authentication and authorization requests to a centralized server, allowing network devices to verify the credentials of a user and also keeping track of their network usage for accounting purposes. This protocol supports many types of authentication mechanisms, making it versatile across different network environments.

In contrast, while TACACS+ is also used for device management and authenticating users on network devices, RADIUS is generally more prevalent in scenarios where remote access is required. LDAP (Lightweight Directory Access Protocol) is primarily used for directory services rather than direct AAA functions. Kerberos serves as a ticket-based authentication protocol and is not specifically tailored for managing network device access.