Implementing Cisco Application Centric Infrastructure (DCACI) — Question 236

An engineer must limit management access to the Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

Answer options

• A. policy in the management tenant
• B. ACL on the console interface
• C. ACL on the management interface of the APIC
• D. policy on the management VLAN

Correct answer: A

Explanation

The correct answer is A because configuring the policy in the management tenant allows for specific management access restrictions, including protocols like SSH and HTTPS. The other options, such as ACL on the console interface or the management interface, do not provide the appropriate level of access control for the entire fabric management requirements.