300-715 · Question #137
300-715 Question #137: Real Exam Question with Answer & Explanation
The correct answer is A: CMD filed. {"question_number": 5, "question": "A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices. Where in the Layer 2 frame should this be verified?", "correct_answer": "A", "explanation": "In Cisco Tru
Question
A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices. Where in the Layer 2 frame should this be verified?
Options
- ACMD filed
- B802.1Q filed
- CPayload
- D802.1 AE header
Explanation
{"question_number": 5, "question": "A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices. Where in the Layer 2 frame should this be verified?", "correct_answer": "A", "explanation": "In Cisco TrustSec, the Security Group Tag (SGT) is carried within the CMD (Cisco MetaData) field, which is a Cisco-proprietary header inserted into the Layer 2 Ethernet frame between the source MAC address and the EtherType field. This allows SGT information to be transported inline between TrustSec-capable devices (inline tagging). The 802.1Q field carries VLAN tagging information, not SGTs. The payload carries upper-layer data. The 802.1AE header is used for MACsec encryption and while TrustSec can use MACsec, the SGT value itself resides in the CMD field. Verifying the CMD field confirms whether SGT propagation is functioning correctly between the two network devices.", "generated_by": "claude-sonnet", "llm_judge_score": 2}
Topics
Community Discussion
No community discussion yet for this question.