Quiz Entry - updated: 2026.07.14
What are the three components of AAA, and what does each control?
AAA stands for Authentication (who are you?), Authorization (what can you do?), and Accounting (what did you do?). Together they form the primary framework for access control on network devices.
* The AAA pipeline. *
| Component | Question It Answers | What It Does |
|---|---|---|
| Authentication | "Who are you?" | Verifies the identity of users, administrators, or devices before granting access |
| Authorization | "What are you allowed to do?" | Determines what resources and commands the authenticated user can access. Happens automatically after authentication |
| Accounting | "What did you do?" | Logs all actions — connection times, commands executed, bytes transferred. Used for auditing, billing, and forensics |
Why all three matter:
- Without authentication: Anyone can access the network
- Without authorization: Authenticated users have unrestricted access
- Without accounting: No audit trail — you can't investigate incidents or prove compliance
Accounting data typically includes:
- Username and date/time of login
- All EXEC and configuration commands entered
- Number of packets and bytes transferred
- Start and stop times of connections
Tip: Think of AAA like airport security: Authentication = checking your passport (who are you?), Authorization = checking your boarding pass (which gate can you go to?), Accounting = the security camera recording (what did you do?).
Go deeper:
AAA (computer security) (Wikipedia) — canonical breakdown of Authentication (identity), Authorization (permissions), Accounting (audit) plus RADIUS/TACACS+/Diameter.