You issue the following block of commands on a Cisco router:
RouterA(config)#privilege exec level 10 show users
RouterA(config)#username boson password cisco
RouterA(config)#username boson privilege 15
RouterA(config)#username boson autocommand show users
RouterA(config)#line vty 0 4
RouterA(configline)#login local
RouterA(configline)#privilege level 7Which of the following statements accurately describes what happens when the user boson successfully
initiates a Telnet session to RouterA? (Select the best answer.)
A.
The autocommand command fails, and the user is disconnected.
B.
The autocommand command fails, and the user is not disconnected.
C.
The autocommand command succeeds, and the user is disconnected.
D.
The autocommand command succeeds, and the user is not disconnected.
Explanation:
When the user boson successfully initiates a Telnet session to RouterA in this scenario, the autocommand
command succeeds and the user is disconnected from the router. When issued with the username command,
the autocommand keyword can execute a specific command immediately after a user successfully logs in to a
Cisco router. In this scenario, the autocommand specifies that the show users command should execute
immediately after the user logs in. The command output is displayed to the user terminal, and then the user’s
session is terminated. You can prevent the user session from being terminated either by using the nohangup
keyword or by issuing the no username username autocommand command to remove the autocommand
keyword. However, the no username username autocommand command will delete both the
autocommandkeyword and the specified user name from the local database? therefore, you will need to issue
the username username password password again to recreate the user entry. By contrast, the nohangup
keyword does not affect the autocommand keyword but instead changes the default behavior so that the user
session is not disconnected.
The privilege exec level 10 show users command in this scenario changes the required privilege level of the
show users command to level 10. The default EXEC privilege level is level 1? therefore, this command
removes the show users command from the EXEC shells of all users with privilege levels less than 10. The
default enable privilege level is level 15? therefore, any user could enter privileged EXEC mode and execute
the command. The username boson privilege 15 command in this scenario configures the user boson with a
privilege level of 15. Because the user’s base privilege level is already 15, the user is not required to issue the
enable command to enter privileged EXEC mode. The following block of commands configures the four default
virtual terminal (VTY) interfaces on RouterA to use the local database for authentication and to assign user
sessions a default privilege level of 7:
RouterA(config)#line vty 0 4
RouterA(configline)#login local
RouterA(configline)#privilege level 7
Although Telnet users are assigned a default privilege level of 7 in this scenario, peruser privileges override the
privileges configured for the VTY line. Therefore, the user boson will be granted privilege level 15 when
connected to a VTY line through a Telnet session. By contrast, a user without a specified privilege level will be
granted privilege level 7 in this scenario. Because the show users command has been assigned a required
privilege level of 10, the boson user will be able to execute the command, whereas a Telnet user with the
default privilege level would be unable to execute the command without first issuing the enable command to
enter privileged EXEC mode.
If the boson user was assigned a privilege level that was insufficient to execute the show users command, the
autocommand keyword would still attempt to execute the command. The autocommand keyword does not
verify that a user has sufficient privileges to execute the specified command. However, the command would
cause the router to display an error message instead of the expected command output. The user session would
be disconnected after the error message was displayed.
In no case would the user session remain connected. The nohangup keyword must be used with the username
command to change the default behavior so that a user session is not disconnected after the command
specified by the autocommand command is executed.Cisco: RoleBased CLI Access: username