An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network security engineer with meeting the following requirements: ✑ Encrypt all traffic between the network engineer and critical devices. ✑ Segregate the different networking planes as much as possible. ✑ Do not let access ports impact configuration tasks. Which of the following would be the BEST recommendation for the network security engineer to present? 

Answer options:

A. Deploy control plane protections.
B. Use SSH over out-of-band management.
C. Force only TACACS to be allowed.
D. Require the use of certificates for AAA.

B