An engineer must configure a new local user inside a Cisco ACI. The new user must meet th…

Question

An engineer must configure a new local user inside a Cisco ACI. The new user must meet these criteria:
• Must be provided with complete read-only access to the tenant.
• Must be permitted to create and delete EPGs within a specific tenant.
• Must not be allowed to modify any other objects within that tenant.

Accepted Answer

Correct answer: B. B. Create a new role with tenant-epg privilege.
Create the local user and assign it to the tenant-security domain.
Add the tenant-security domain to the role read-all with access privilege type Read.
Add the tenant-security domain to the new role with access privilege type Write. — Option B is correct because it specifies that the user has tenant-epg privileges, allowing the necessary permissions to create and delete EPGs while maintaining read-only access to other tenant objects. The other options either grant broader administrative privileges or do not align with the requirements for EPG management, making them inappropriate for the scenario.

Implementing Cisco Application Centric Infrastructure (DCACI) — Question 161

Answer options

Correct answer: B

Explanation