CiscoCisco
350-401 · Question #1164
350-401 Question #1164: Real Exam Question with Answer & Explanation
The correct answer is A: security group tags. This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.
Submitted by ricky.ec· Mar 6, 2026DOMAIN_LIST_MISSING_FROM_PROMPT
Question
Which policy feature is used with TrustSec to provide endpoint entitlement in an enterprise network?
Options
- Asecurity group tags
- Baccess control lists
- Cvirtual local area network
- Dvirtual routing and forwarding
Explanation
This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.
Common mistakes.
- B. Access Control Lists (ACLs) are traditional network security mechanisms that filter traffic based on IP addresses, ports, and protocols, but they do not provide dynamic, identity-based entitlement in the manner that SGTs do in TrustSec.
- C. Virtual Local Area Networks (VLANs) segment network traffic at Layer 2 and are not the primary mechanism for identity-based endpoint entitlement within the TrustSec framework, which moves beyond VLAN-based segmentation.
- D. Virtual Routing and Forwarding (VRF) creates separate routing tables within a router for network virtualization and isolation, but it is not a policy feature for endpoint entitlement within TrustSec.
Concept tested. Cisco TrustSec Security Group Tags (SGTs)
Topics
#Cisco TrustSec#Security Group Tags#Endpoint Entitlement
Community Discussion
No community discussion yet for this question.