All four options can be used as conditions by the iMaster NCE-Campus intelligent policy engine. Huawei describes this capability through a 5W1H-based policy model. “Who” represents the user identity, user group, or role. “Where” represents the access location, including the site, region, device group, device, SSID, or IP address. “How” represents the access mode, such as wired or wireless access and the authentication method used. “What” represents the terminal type or device attributes, including PCs and mobile operating systems.
The platform can combine these conditions rather than evaluating them independently. For example, a finance employee using a corporate laptop through wired 802.1X access at headquarters can receive different permissions from the same employee connecting through a personal mobile device at a branch. The authorization result can include a VLAN, ACL, security group, bandwidth limit, DSCP value, application policy, or URL-filtering rule.
This multidimensional evaluation enables context-aware, fine-grained access control. Therefore, A, B, C, and D are all correct.
==================