You are the administrator of a Cisco ASA 9.0 firewall and have been tasked with ensuring that the
Firewall Admins Active Directory group has full access to the ASA configuration. The Firewall
Operators Active Directory group should have a more limited level of access.
Which statement describes how to set these access levels?
A.
Use Cisco Directory Agent to configure the Firewall Admins group to have privilege level 15 access.
Also configure the Firewall Operators group to have privilege level 6 access.
B.
Use TACACS+ for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA
server. Configure ACS CLI command authorization sets for the Firewall Operators group.
Configure level 15 access to be assigned to members of the Firewall Admins group.
C.
Use RADIUS for Authentication and Authorization into the Cisco ASA CLI, with ACS as the AAA
server. Configure ACS CLI command authorization sets for the Firewall Operators group.
Configure level 15 access to be assigned to members of the Firewall Admins group.
D.
Active Directory Group membership cannot be used as a determining factor for accessing the Cisco
ASA CLI.
Answer is correct:
https://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113590-acs5-tacacs-config.html