The network engineering team is interested in deploying NAC within the enterprise network to enhance security. What deployment model should be used if the team
requests that the NAC be logically inline with clients?

A.
Layer 2 in-band

B.
Layer 2 out-of-band

C.
Layer 3 in-band

D.
Layer 3 out-of-band

Explanation:
https://www.cisco.com/c/en/us/products/collateral/security/nac-appliance-clean-access/product_data_sheet0900aecd802da1b5.html
Passing traffic mode
• Virtual gateway (bridged mode)
• Real IP gateway (routed mode)
Client access mode
• Layer 2 (client is adjacent to the Cisco NAC Server)
• Layer 3 (client is multiple hops from the Cisco NAC Server)
Traffic flow model
• In-band (Cisco NAC Server is always in-line with user traffic)
• Out-of-band (Cisco NAC Server is in-line only during authentication, posture assessment,andremediation)
https://www.cisco.com/c/en/us/products/collateral/security/nac-appliance-clean-access/prod_qas0900aecd802da200.html
Q: Does an in-band deployment require the placement of multiple Cisco NAC Servers at the access layer?
\\A: No. The Server is logically in-line, not physically. This permits the placement of the Server at the core.

So, logically = layer 3 and inline = in-band