Given:XYZ company has recently installed a controller based WLAN and is using a RADIUS server to proxy authenticate request to an LDAP server user based across controls and would like to use the RADIUS server to facilitate network authorization
What RADIUS features could be used by XYZ to assign the proper network permissions to users during authentication? (Choose 3)

A.
The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response which can be used for ASL or firewall assignment.

B.
The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignments to users.

C.
According to database entries, RADIUS can reassign client 801.11assosiations to proper SSID by referring a user name to SSID mapping

D.
RADIUS return list attributes can be used to assign permission level, such as read only permission, to users of particular network source.

E.
RADIUS can send a VLAN assignment for each authorized user to the VLAN controller in a return list attribute.

Explanation:
When a RADIUS server provides a successful response to an authentication, the ACCESS – ACCEPT response contains a series of attribute – value pairs (AVPs).Part of the extensibility of RADIUS is the built – in support for adding additional nonreserved AVPs that can be utilized by vendors, called vendor – specific attributes

The IP address of the ACS (RADIUS) server is 172.16.1.1. The DHCP server address 172.16.1.1 is used to assign the LWAPP to the IP address. The internal DHCP server on the controller is used to assign the IP address to wireless clients.

Dynamic VLAN assignment is one such feature that places a wireless user into a specific VLAN based on the credentials supplied by the user. This task of assigning users to a specific VLAN is handled by a RADIUS authentication server,

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076 317c.shtml