According to the Nutanix Security Guide, Cluster Lockdown is the specific security feature designed to restrict access to the cluster by disabling password-based authentication. When Cluster Lockdown is enabled, the cluster allows access only via SSH keys (RSA keys).

To meet the requirement of allowing access from "selected workstations" while "disallowing password access," the administrator must use Cluster Lockdown. By generating an SSH key pair and configuring the public key within the Cluster Lockdown settings (and removing the "Enable Remote Login with Password" option), the administrator ensures that only workstations possessing the corresponding private key can authenticate. This effectively restricts access to the specific workstations holding the keys and eliminates the risk associated with password-based logins. While IP restrictions (Option B/C) can limit the source addresses, they do not inherently disable password authentication, which is the primary requirement of the question.