1. What must be done before any role-based CLI views can be created?
- Assign multiple privilege levels.
- Configure usernames and passwords.
- Issue the aaa new-model command.
- Create the secret password for the root user.
2. Which three statements describe limitations in using privilege levels for assigning command authorization? (Choose three.)
- Creating a user account that needs access to most but not all commands can be a tedious process.
- Commands set on a higher privilege level are not available for lower privilege users.
- The root user must be assigned to each privilege level that is defined.
- It is required that all 16 privilege levels be defined, whether they are used or not.
- There is no access control to specific interfaces on a router.
- Views are required to define the CLI commands that each user can access.
3. Which two router commands can a user issue when granted privilege level 0? (Choose two.)
- ping
- disable
- help
- configure
- show
4. What does level 5 in the following enable secret global configuration mode command indicate?
Router(config)# enable secret level 5 csc5io
- The enable secret password can only be set by individuals with privileges for EXEC level 5.
- The enable secret password is hashed using SHA.
- The enable secret password is hashed using MD5.
- The enable secret password grants access to privileged EXEC level 5.
5. What are three network enhancements achieved by implementing the Cisco IOS software role-based CLI access feature? (Choose three.)
- fault tolerance
- cost reduction
- operational efficiency
- scalability
- security
- availability
6. A network administrator wants to create a new view so that a user only has access to certain configuration commands. In role-based CLI, which view should the administrator use to create the new view?
- superview
- admin view
- CLI view
- root view
7. A network administrator enters the command R1# enable view adminview. What is the purpose of this command?
- to enter a superview named adminview
- to enter a CLI view named adminview
- to create a CLI view named adminview
- to enter the root view
8. Which range of custom privilege levels can be configured on Cisco routers?
- 0 through 15
- 2 through 14
- 1 through 15
- 2 through 15
- 1 through 16
9. Which command will move the show interface command to privilege level 10?
- router(config-if)# privilege exec level 10 show interface
- router(config)# show interface level 10
- router(config-if)# show interface level 10
- router(config)# privilege exec level 10 show interface
- router(config)# privilege level 10 show interface
- router(config-if)# privilege level 10 show interface
10. What is the default privilege level of user accounts created on Cisco routers?
- 0
- 15
- 1
- 16
11. An administrator assigned a level of router access to the user ADMIN using the commands below.
Router(config)# privilege exec level 14 show ip route Router(config)# enable algorithm-type scrypt secret level 14 cisco-level-10 Router(config)# username ADMIN privilege 14 algorithm-type scrypt secret cisco-level-10
Which two actions are permitted to the user ADMIN? (Choose two.)
- The user can issue the show version command.
- The user can only execute the subcommands under the show ip route command.
- The user can issue the ip route command.
- The user can issue all commands because this privilege level can execute all Cisco IOS commands.
- The user can execute all subcommands under the show ip interfaces command.