300-420 Question #121: Real Exam Question with Answer & Explanation

The correct answer is C: Cisco Identity Services Engine. {"question_number": 9, "question": "Which component of Cisco SD-Access integrates with Cisco DNA Center to perform policy segmentation and enforcement through SGACLs and SGTs?", "correct_answer": "C", "explanation": "Cisco Identity Services Engine (ISE) is the correct answer. In

Advanced Enterprise Campus Networks

Question

Which component of Cisco SD-Access integrates with Cisco DNA Center to perform policy segmentation and enforcement through the use of security group access control lists and security group tags?

Options

ACisco Application Policy Infrastructure Controller Enterprise Module
BCisco Network Data Platform
CCisco Identity Services Engine
DCisco TrustSec

Explanation

{"question_number": 9, "question": "Which component of Cisco SD-Access integrates with Cisco DNA Center to perform policy segmentation and enforcement through SGACLs and SGTs?", "correct_answer": "C", "explanation": "Cisco Identity Services Engine (ISE) is the correct answer. In the SD-Access architecture, ISE is the policy engine that integrates with Cisco DNA Center to authenticate users and devices, assign Security Group Tags (SGTs) based on identity and context, and enforce Security Group Access Control Lists (SGACLs) for micro-segmentation. ISE is the authoritative source of policy decisions in the SD-Access fabric. Option A (APIC-EM) is a legacy controller replaced by DNA Center and is not involved in SGT-based enforcement. Option B (Cisco Network Data Platform) is an analytics and assurance component, not a policy enforcement engine. Option D (Cisco TrustSec) is the overarching framework/technology for SGT-based segmentation, but ISE is the specific product component that implements and enforces TrustSec policies.", "generated_by": "claude-sonnet", "llm_judge_score": 4}

Topics

#SD-Access#Cisco ISE#Policy Enforcement#Security Segmentation

Community Discussion

No community discussion yet for this question.

Full 300-420 Practice Browse All 300-420 Questions