Scenario: An administrator configured an LDAP authentication policy and bound it globally. The only
system group configured on the Netscaler is NS_Admins. After reviewing the security logs, the
administrator notices that users in the External_Contractors LDAP group are able to log on to
NetScaler using SSH; however, members of the External_Contractors group are NOT authorized to
run any commands.
Which action could the administrator take to prevent the members of the External_Contractors
LDAP Group from logging on to NetScaler using SSH without affecting other users?

A.
Configure an authorization policy that allows logon only by members of the
“External_Contractors” LDAP Group. Bind the new policy globally.

B.
Specify (memberOf=”CN=External_Contractors, CN=Groups, CN=example, CN=com”) as a filter in
the properties of the configured LDAP server.

C.
Specify (!(memberOf=”CN=External_Contractors, CN=Groups, CN=example, CN=com”)) as a filter
in the properties of the configured LDAP server.

D.
Create a new command policy with a DENY action. Create a System Group named
“External_Contractors” and assign the new command policy to the External_Contractors group.