Refer to the exhibit below. Assuming that all other supporting configurations are correct, what can be determined from the partial IP admission configuration shown?
aaa new-model
aaa authentication login default local
aaa authorization auth-proxy default local
!
aaa attribute list SUPERUSER-ATTRS
attribute type supplicant-group ”SUPERUSER”
!
username power1 privilege secert thi3fftv4
username power1 aaa attribute SUPERUSER-ATTRS
!
ip admission name USER-AUTH proxy http inactivity-time 60
ip http server
interface gi0/0
ip admission USER-AUTH
zone-member security OUTSIDE
A. The router will forward authentication requests to an AAA server for authentication and authorization.
B. The attribute type supplicant-group “SUPERUSER” configuration can be used to match criteria in the “inspect” class-map type using the match access-group option.
C. The local user password is thl3F4ftvA.
D. The router will intercept incoming HTTP sessions on interface G0/0 for authentication.
E. The SUPERUSER’s privilege level is being restricted.
Related Resources
Cisco White Papers
Related Course
CCNP Security e-Camp
Please support our Sponsors here :