Designing Cisco Enterprise Networks (ENSLD) — Question 159
An engineer must design a management network for a customer's enterprise network. The design must:
• provide the ability to grant and revoke access privileges
• allow only protocols SSH, NTP, FTP, and SNMP
• restrict access to management interfaces
Which solution must the engineer choose to meet the requirements?
Answer options
- A. in-band
- B. mGRE
- C. out-of-band
- D. enterprise internal private
Correct answer: C
Explanation
The correct answer is C, out-of-band, as it allows for secure management access while keeping management traffic separate from production traffic, thus enabling better control over access privileges. In-band solutions (A) mix management traffic with user data, which can compromise security. Options B (mGRE) and D (enterprise internal private) do not specifically address the requirement for restricting access to management interfaces.