Which statement about RBAC user roles on a Cisco Nexus switch is true?
A.
If you belong to multiple roles, you can execute only the commands that are permitted by both
roles (logical AND).
B.
Access to a command takes priority over being denied access to a command.
C.
The predefined roles can only be changed by the network administrator (superuser).
D.
The default SAN administrator role restricts configuration to Fibre Channel interfaces.
E.
On a Cisco Nexus 7000 Series Switch, roles are shared between VDCs.
Explanation:
If you belong to multiple roles, you can execute a combination of all the commands permitted by
these roles. Access to a command takes priority over being denied access to a command. For
example, suppose a user has RoleA, which denied access to the configuration commands. However,
the users also have RoleB, which has access to the configuration commands. In this case, the users
have access to the configuration commands.http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli
/CLIConfigurationGuide/sec_rbac.html