Cisco Certified Network Professional 2025 – 400 Free Practice Questions to Pass the Exam

The command to configure a Virtual Access Control List (VACL) is indeed "vlan access-map map-name [sequence-number]." This command is essential for defining a VLAN access map, which allows for the filtering of traffic in a VLAN based on specified criteria.

When using this command, "map-name" identifies the specific access map you are creating, and the "sequence-number" determines the order in which the rules within that map will be evaluated. This enables administrators to apply complex filtering rules to VLAN traffic, enhancing the control over what traffic is allowed or denied in a specific VLAN.

In contrast, "ip access-list" is used to create standard or extended IP access lists, but it does not directly apply to VLAN filtering. "vlan filter map-name" is not a valid command in this context, as it doesn't exist in the Cisco IOS for configuring VACLs. Lastly, "interface vlan access" does not correspond to any recognized command for configuring VACLs; it is a misinterpretation of how VLANs and access lists are managed on Cisco devices.

The specific use of "vlan access-map" effectively centralizes policy enforcement for VLAN traffic, making option B the correct answer.