Restricting Management Access on Cisco Wireless LAN Controller

B.

Whenever you want to control which devices can talk to the main CPU, a CPU ACL is used.

Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting or generated by the CPU.

The correct answer to this question is option C, Flex ACL.

Flex ACL, or Flexible Access Control Lists, is a feature on the Cisco Wireless LAN Controller that allows for granular control over traffic filtering and access control. With Flex ACL, you can create and apply access control policies to specific user groups, network segments, or devices. This helps to prevent unauthorized access to your network and provides an additional layer of security.

One of the ways that Flex ACL can be used is to restrict management access from specific networks. This is achieved by creating an ACL rule that blocks traffic from the specified network to the management interface of the Cisco Wireless LAN Controller. This prevents users on that network from accessing the management interface and making changes to the configuration.

To configure Flex ACL on a Cisco Wireless LAN Controller, you need to follow these general steps:

1. Create an ACL rule that defines the traffic to be filtered. This can be based on source and destination IP addresses, protocols, ports, or other criteria.

2. Apply the ACL rule to the appropriate interface or VLAN. In this case, you would apply it to the management interface or VLAN to restrict access.

3. Verify that the ACL is working correctly by testing access from the restricted network.

Overall, Flex ACL is a powerful feature on the Cisco Wireless LAN Controller that provides fine-grained control over network access and security. By using Flex ACL to restrict management access from specific networks, you can help to ensure that your network is more secure and less vulnerable to unauthorized changes.