An engineer must configure RBAC in Cisco UCS Manager in an existing data center environment. Which two roles are suitable for configuring LAN connectivity policies? (Choose two.)
Suggested Answer:BE🗳️
The system contains the following default user roles:
AAA Administrator - Read-and-write access to users, roles, and AAA configuration. Read access to the rest of the system.
Administrator - Complete read-and-write access to the entire system. The default admin account is assigned this role by default and it cannot be changed.
Facility Manager - Read-and-write access to power management operations through the power-mgmt privilege. Read access to the rest of the system.
Network Administrator - Read-and-write access to fabric interconnect infrastructure and network security operations. Read access to the rest of the system.
Operations - Read-and-write access to systems logs, including the syslog servers, and faults. Read access to the rest of the system.
Read-Only - Read-only access to system configuration with no privileges to modify the system state.
Server Equipment Administrator - Read-and-write access to physical server related operations. Read access to the rest of the system.
Server Profile Administrator - Read-and-write access to logical server related operations. Read access to the rest of the system.
Server Security Administrator - Read-and-write access to server security related operations. Read access to the rest of the system.
Storage Administrator - Read-and-write access to storage operations. Read access to the rest of the system. Reference: https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/UCSM_GUI_Configuration_Guide_141_chapter9.html
You get 5 Gold stars! :)
Just created a user in my domain with only server-profile role and i can create LAN Connectivity policy. You are also right, it is asking for roles....admin is a user. A and B will be my choice as well.
but the questions - to configure the network LAN Connectivity Policies
So Option B & E
Operation role - Read access and not to configure,
enable - is not role,
Server-profile - is role but configure a server related changes
B and E are correct
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Network-Mgmt/3-2/b_CLI_UCSM_Network_Management_Guide_3_2/b_CLI_UCSM_Network_Management_Guide_3_2_chapter_01001.html#concept_FB41C0E2FA9F4733BC5088F065225632
I would say AE (server-profile, admin):
- admin role has Admin privilege
- server-profile role has Service Profile Config privilege
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsm_privileges/3-2/UCSM-Privileges-3_2/UCSM-Privileges-3_2_chapter_01.html
B & E
network admin have access to network security, so i guess its include scope security /aaa
Administrator
Complete read-and-write access to the entire system. Assigns this role to the default administrator account by default. You cannot change it.
Network Administrator
Read-and-write access to fabric interconnect infrastructure and network security operations. Read access to the remaining system.
Operations
Read-and-write access to systems logs, including the syslog servers, and faults. Read access to the remaining system.
Server Profile Administrator
Read-and-write access to logical server-related operations. Read access to the remaining system.
Server Security Administrator
Read-and-write access to server security-related operations. Read access to the remaining system.
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-Management/3-2/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_2/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_2_chapter_0100.html
upvoted 3 times
...
...
This section is not available anymore. Please use the main Exam Page.350-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Salilgen
2 years, 5 months agoCoAsT_x
11 months, 4 weeks agoSaran_Br
6 months, 3 weeks agoGuyThatTakesDumps
2 years, 7 months agomauchi
3 years agoMaxG
3 years, 7 months agoMunch
3 years, 6 months agoValkyrie17
3 years, 9 months agopoy4242
3 years, 6 months ago