nerdexam
Exams300-415Questions#7
Cisco

300-415 · Question #7

300-415 Question #7: Real Exam Question with Answer & Explanation

The correct answer is C: one. In Cisco SD-WAN, when VPNs are used to create destination zones for security policies, a single VPN can only be part of one destination zone at a time.

Security and Quality of Service

Question

When VPNs are grouped to create destination zone, how many zones can a VPN be part of?

Options

  • Atwo
  • Bfour
  • Cone
  • Dthree

Explanation

In Cisco SD-WAN, when VPNs are used to create destination zones for security policies, a single VPN can only be part of one destination zone at a time.

Common mistakes.

  • A. Allowing a VPN to be part of two zones would create policy ambiguity and potentially security loopholes.
  • B. Allowing a VPN to be part of four zones would introduce significant complexity and policy conflicts.
  • D. Allowing a VPN to be part of three zones would introduce significant complexity and policy conflicts.

Concept tested. SD-WAN security zone VPN membership

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/security/sdwan-security-cg-book/security-overview.html

Topics

#VPNs#Security Zones#SD-WAN Security#Zone-based Firewall

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice