Which statement about command authorization and security contexts is true?
A.
If command authorization is configured, it must be enabled on all contexts
B.
The changeto command invokes a new context session with the credentials of the currently
logged-in user
C.
AAA settings are applied on a per-context basis
D.
The enable_15 user and admins with changeto permissions have different command
authorization levels per context
Explanation:
The capture packet function works on an individual context basis. The ACE traces only the
packets that belong to the context where you execute the capture command. You can use the
context ID, which is passed with the packet, to isolate packets that belong to a specific
context. To trace the packets for a single specific context, use the changeto command and
enter the capture command for the new context.
To move from one context on the ACE to another context, use the changeto command Only
users authorized in the admin context or configured with the changeto feature can use the
changeto command to navigate between the various contexts. Context administrators without
the changeto feature, who have access to multiple contexts, must explicitly log in to the other
contexts to which they have access.
http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA5_1_0/co
mmand/ reference/ACE_cr/execmds.html