Refer to the exhibit.
Which two functions will the Set ASDM Defined User Roles perform? (Choose two.)
A.
enables role based privilege levels to most Cisco ASA commands
B.
enables the Cisco ASDM user to assign privilege levels manually to individual commands or
groups of commands
C.
enables command authorization with a remote TACACS+ server
D.
enables three predefined user account privileges (Admin=Priv 15, Read Only=Priv 5, Monitor
Only=Priv 3)
Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/devaccss.html
•To use predefined user account privileges, click Set ASDM Defined User Roles.
The ASDM Defined User Roles Setup dialog box shows the commands and their levels. Click Yes
to use the predefined user account privileges: Admin (privilege level 15, with full access to all CLI
commands; Read Only (privilege level 5, with read-only access); and Monitor Only (privilege level
3, with access to the Monitoring section only).
•To manually configure command levels, click the Configure Command Privileges button.
The Command Privileges Setup dialog box appears. You can view all commands by choosing –All
Modes– from the Command Mode drop-down list, or you can choose a configuration mode to view
the commands available in that mode. For example, if you choose context, you can view all
commands available in context configuration mode. If a command can be entered in user
EXEC/privileged EXEC mode as well as configuration mode, and the command performs different
actions in each mode, you can set the privilege level for these modes separately.
The Variant column displays show, clear, or cmd. You can set the privilege only for the show,
clear, or configure form of the command. The configure form of the command is typically the form
that causes a configuration change, either as the unmodified command (without the show or clear
prefix) or as the no form.
To change the level of a command, double-click it or click Edit. You can set the level between 0
and 15. You can only configure the privilege level of the main command. For example, you can
configure the level of all aaa commands, but not the level of the aaa authentication command and
the aaa authorization command separately.
To change the level of all shown commands, click Select All and then Edit.
Click OK to accept your changes.