A firewall administrator must write a short script for network operations that will login to all cisco ASA firewalls and check that the current running version is compliant with company policy. The administrator must first configure a restricted local username on each of the the Cisco ASA firewalls so that the current running version can be validated.
Which configuration command provides the least access in order to perform this function?
A. username versionuser password cisco
B. username versionuser password cisco privilege 0
C. username versionuser password cisco privilege 2
D. username versionuser password cisco privilege 15
Marco, the correct answer is B. I’ve just did a copy and paste from the B alternative and it works like a charm.
ciscoasa> sh ver
Cisco Adaptive Security Appliance Software Version 9.12(2)
Firepower Extensible Operating System Version 2.6(1.141)
Device Manager Version 7.12(2)
The correct answer is B for this output on Cisco ASA
MG-ASA-01# sh running-config all privilege | in version
privilege show level 0 mode exec command version
Correct answer is C
There are five commands associated with privilege level 0: disable, enable, exit, help, and logout. If you configure AAA authorization for a privilege level greater than 0, these five commands will not be included.
User EXEC mode commands are privilege level 1.