CiscoCisco
300-420 · Question #259
300-420 Question #259: Real Exam Question with Answer & Explanation
The correct answer is C: scalable groups. Scalable Groups provide the capability for intra-VN (Virtual Network) traffic filtering and control within the Cisco SD-Access architecture.
Advanced Enterprise Campus Networks
Question
Which feature provides the capability for intra-VN traffic filtering and control within the Cisco SD- Access architecture?
Options
- AMAC ACL
- Bprefix list
- Cscalable groups
- Dservice policy
Explanation
Scalable Groups provide the capability for intra-VN (Virtual Network) traffic filtering and control within the Cisco SD-Access architecture.
Common mistakes.
- A. MAC ACLs are Layer 2 access control lists that offer basic filtering based on MAC addresses, which is not as scalable or granular for identity-based intra-VN traffic control compared to scalable groups in SD-Access.
- B. Prefix lists are primarily used for filtering IP routing updates based on network prefixes, not for applying identity-based traffic filtering and control within a VN.
- D. Service policies are generally used for QoS, traffic shaping, or other interface-level traffic management, but they do not provide the identity-based, intra-VN segmentation and filtering capabilities of scalable groups.
Concept tested. SD-Access intra-VN micro-segmentation and traffic control
Reference. https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html
Topics
#SD-Access#Micro-segmentation#Scalable Groups#Security Policy
Community Discussion
No community discussion yet for this question.