When you configure an ASA with RADIUS authentication and authorization, which
attribute is used to differentiate user roles?
A.
cisco-priv-level
B.
service-type
C.
termination-action
D.
tunnel-type
E.
login-ip-host
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/aaa_radius.html#23109
Cisco VSA (Cisco-Priv-Level), which provides a standard 0-15 numeric ranking of privileges, with 1 being the lowest level and 15 being the highest level. A zero level indicates
no privileges. The first level (login) allows privileged EXEC access for the commands
available at this level. The second level (enable) allows CLI configuration privileges.
IETF-Radius-Service-Type
6
Integer
Single
Seconds. Possible Service Type values:
.Administrative—User is allowed access to the configure prompt.
.NAS-Prompt—User is allowed access to the exec prompt.
.remote-access—User is allowed network access