Home » Cisco » 210-260 » Which statement about command authorization and security contexts is true?
Which statement about command authorization and security contexts is true?
A. If command authorization is configured, it must be enabled on all contexts
B. The changeto command invokes a new context session with the credentials of the currently logged-in user
C. AAA settings are applied on a per-context basis
D. The enable_15 user and admins with changeto permissions have different command authorization levels per context
Correct Answer: B
Explanation/Reference:
The capture packet function works on an individual context basis. The ACE traces only the packets that belong to the context where you execute the capture command. You can use the context ID, which is passed with the packet, to isolate packets that belong to a specific context. To trace the packets for a single specific context, use the changeto command and enter the capture command for the new context.
To move from one context on the ACE to another context, use the changeto command Only users authorized in the admin context or configured with the changeto feature can use the changeto command to navigate between the various contexts. Context administrators without the changeto feature, who have access to multiple contexts, must explicitly log in to the other contexts to which they have access. http://www.cisco.com/c/en/us/td/docs/ interfaces_modules/services_modules/ace/vA5_1_0/comm and/ reference/ACE_cr/execmds.html
For me the less correct seems to be B
The explanation is talking about ACE and this questin seem to refer to ASA Contexts