Home » Cisco » 350-080 » Which two of these parameters cannot be applied as a rule?
When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule? (Choose two.)
A. port-profile
B. command
C. access-list
D. feature-group
E. OID
Correct Answer: AC
Explanation/Reference:
Explanation:
User roles contain rules that define the operations allowed for the user who is assigned the role. Each user role can contain multiple rules and each user can have multiple roles. For example, if role1 allows access only to configuration operations, and role2 allows access only to debug operations, then users who belong to both role1 and role2 can access configuration and debug operations. You can also limit access to specific VLANs, virtual routing and forwarding instances (VRFs), and interfaces.
The Cisco NX-OS software provides four default user roles:
network-admin — Complete read-and-write access to the entire NX-OS device (only available in the default VDC)
network-operator — Complete read access to the entire NX-OS device (only available in the default VDC)
vdc-admin — Read-and-write access limited to a VDC vdc-operator — Read access limited to a VDC
vdc-operator — Read access limited to a VDC
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_rbac.html