What is one of the changes that you must make to the policies to meet the scenario requirements?

Refer to the scenario.

A customer requires these rights for clients in the “medical-mobile” AOS firewall role on Aruba Mobility Controllers (MCs):

Permitted to receive IP addresses with DHCP

Permitted access to DNS services from 10.8.9.7 and no other server

Permitted access to all subnets in the 10.1.0.0/16 range except denied access to 10.1.12.0/22

Denied access to other 10.0.0.0/8 subnets

Permitted access to the Internet

Denied access to the WLAN for a period of time if they send any SSH traffic

Denied access to the WLAN for a period of time if they send any Telnet traffic

Denied access to all high-risk websites

External devices should not be permitted to initiate sessions with “medical-mobile” clients, only send return traffic.

The exhibits below show the configuration for the role.

There are multiple issues with the configuration.

What is one of the changes that you must make to the policies to meet the scenario requirements? (In the options, rules in a policy are referenced from top to bottom. For example, “medical-mobile” rule 1 is “ipv4 any any svc-dhcp permit,” and rule 8 is “ipv4 any any any permit’.)
A .  In the “medical-mobile” policy, change the source in rule 1 to “user.”
B. In the “medical-mobile” policy, change the subnet mask in rule 3 to 255.255.248.0.
C. In the “medical-mobile” policy, move rules 6 and 7 to the top of the list.
D. Move the rule in the “apprf-medical-mobile-sacl” policy between rules 7 and 8 in the “medical-mobile” policy.

View Answer

Answer: B