ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 152 discussion

Actual exam question from Cisco's 300-715
Question #: 152
Topic #: 1
[All 300-715 Questions]

An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+. However, the administrator must restrict certain commands based on one of three user roles that require different commands.
How is this accomplished without creating too many objects using Cisco ISE?

  • A. Create one shell profile and one command set.
  • B. Create multiple shell profiles and one command set.
  • C. Create multiple shell profiles and multiple command sets.
  • D. Create one shell profile and multiple command sets.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by hisho72 at Sept. 17, 2022, 12:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hisho72
Highly Voted 2 years, 3 months ago
Selected Answer: D
it should be one shell profile to all NADs in same level ... and one command set for the one who needs restrict commands if others does not need command set (blank in policy set page) or multiple command sets if the other two rules need command set to be set.. so the answer is ; A or D . and D is the nearest correct answer
upvoted 10 times
...
Tom1417
Most Recent 8 months ago
We have three user roles (three is multiple). I think C is correct. Because each user's role should have its shell profile.
upvoted 1 times
...
XBfoundX
1 year ago
D makes sense. We are going to create the same shell profile, the shell profile is where you assign the level of privilage returned to the NAD device for that user. What we can do is set a specific command set for have more control on administrator users.
upvoted 3 times
...
ElCobra90
1 year, 4 months ago
Selected Answer: D
C and D are both good Answer, but D is better because of the final sentence on the question "without creating too many objects using Cisco ISE", is right that could be worst configure one shell profile and multiple command set because is not scalable, if you have a lot of users might become cumbersome but if you udon't want to create many object then the best answer is D, even if in a REAL big environment the best One would be C.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel