When a Cisco ASA is configured in multiple context mode, within which configuration are the interfaces allocated to the security contexts?
A.
each security context
B.
system configuration
C.
admin context (context with the “admin” role)
D.
context startup configuration file (.cfg file)
Explanation:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/
products_configuration_example09186a00808d2b63.shtml
In order to specify the interfaces that you can use in the context, enter the command appropriate for a physical interface or for one or more subinterfaces.
In order to allocate a physical interface, enter this command:
hostname(config-ctx)# allocate-interface <physical_interface> [mapped_name] [visible | invisible]
Context Configurations
The security appliance includes a configuration for each context that identifies the security policy, interfaces, and almost all the options you can configure on a
standalone device. You can store context configurations on the internal Flash memory or the external Flash memory card, or you can download them from a TFTP,
FTP, or HTTP(S) server.
System Configuration
The system administrator adds and manages contexts by configuring each context configuration location, allocated interfaces, and other context operating
parameters in the system configuration, which, like a single mode configuration, is the startup configuration. The system configuration identifies basic settings for
the security appliance. The system configuration does not include any network interfaces or network settings for itself; rather, when the system needs to access
network resources (such as downloading the contexts from the server), it uses one of the contexts that is designated as the admin context. The system
configuration does include a specialized failover interface for failover traffic only.
Admin Context Configuration
The admin context is just like any other context, except that when a user logs in to the admin context, then that user has system administrator rights and can access
the system and all other contexts. The admin context is not restricted in any way, and can be used as a regular context. However, because logging into the admin
context grants you administrator privileges over all contexts, you might need to restrict access to the admin context to appropriate users. The admin context must
reside on Flash memory, and not remotely.
If your system is already in multiple context mode, or if you convert from single mode, the admin context is created automatically as a file on the internal Flash
memory called admin.cfg. This context is named “admin.” If you do not want to use admin.cfg as the admin context, you can change the admin context.