Which of the following answers is true of TACACS+ but not true of RADIUS?

The ability of TACACS+ to authorize different users to access specific subsets of CLI commands is a significant feature that sets it apart from RADIUS. TACACS+ provides extensive command authorization, enabling network administrators to control which commands specific users or groups of users are permitted to execute on network devices. This granularity allows for fine-tuned security practices within a network environment, enhancing the organization’s ability to manage user privileges effectively.

RADIUS, on the other hand, primarily handles authentication, authorization, and accounting at a more basic level, typically using groups for authorization rather than providing detailed command-level control. Thus, while RADIUS can authorize access to resources, it does not offer the same level of detail regarding command execution permissions that TACACS+ does, making this feature unique to TACACS+.

In contrast, the other provided options relate to broader functionalities or characteristics of the protocols. TACACS+ does support encryption of all traffic, unlike RADIUS, which encrypts only the password during the authentication process. Also, both TACACS+ and RADIUS support multiple authentication methods and use different transport protocols, with TACACS+ relying on TCP and RADIUS typically using UDP. Therefore, the distinct ability of TACACS+ to manage command authorizations is what makes