300-715 · Question #213
300-715 Question #213: Real Exam Question with Answer & Explanation
The correct answer is A: The device is performing inline tagging without acting as a SXP speaker. The following restrictions are applicable when running Cisco TrustSec in enforcement mode or inline tagging mode. These restrictions do not apply when these switches are used as an SXP - An IP subnet address cannot be statically mapped to a Security Group Tag (SGT). - If a port i
Question
A Cisco device has a port configured in multi-authentication mode and is accepting connections only from hosts assigned the SGT of SGT_0422048549. The VLAN trunk link supports a maximum of 8 VLANS. What is the reason for these restrictions?
Options
- AThe device is performing inline tagging without acting as a SXP speaker
- BThe device is performing mime tagging while acting as a SXP speaker
- CThe IP subnet addresses are dynamically mapped to an SGT.
- DThe IP subnet addresses are statically mapped to an SGT
Explanation
The following restrictions are applicable when running Cisco TrustSec in enforcement mode or inline tagging mode. These restrictions do not apply when these switches are used as an SXP - An IP subnet address cannot be statically mapped to a Security Group Tag (SGT). - If a port is configured in multi-authentication mode, all hosts connecting to that port must be assigned the same SGT. - Cisco TrustSec enforcement mode on a VLAN trunk line supports only up to eight VLANs. If more than eight VLANs are configured on a VLAN trunk link and Cisco TrustSec is enabled on ig.html#Restriction%20for%20SGT%20Exchange%20Protocol
Topics
Community Discussion
No community discussion yet for this question.