350-401 · Question #1164
Which policy feature is used with TrustSec to provide endpoint entitlement in an enterprise network?
The correct answer is A. security group tags. This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.
Question
Options
- Asecurity group tags
- Baccess control lists
- Cvirtual local area network
- Dvirtual routing and forwarding
How the community answered
(26 responses)- A88% (23)
- B8% (2)
- D4% (1)
Why each option
This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.
Security Group Tags (SGTs) are a fundamental feature of Cisco TrustSec that provide identity-based endpoint entitlement by assigning a numerical tag to authenticated endpoints. Network devices then enforce policies based on these SGTs, enabling consistent security regardless of IP address or network topology.
Access Control Lists (ACLs) are traditional network security mechanisms that filter traffic based on IP addresses, ports, and protocols, but they do not provide dynamic, identity-based entitlement in the manner that SGTs do in TrustSec.
Virtual Local Area Networks (VLANs) segment network traffic at Layer 2 and are not the primary mechanism for identity-based endpoint entitlement within the TrustSec framework, which moves beyond VLAN-based segmentation.
Virtual Routing and Forwarding (VRF) creates separate routing tables within a router for network virtualization and isolation, but it is not a policy feature for endpoint entitlement within TrustSec.
Concept tested: Cisco TrustSec Security Group Tags (SGTs)
Source: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/TrustSec_1-0/TrustSec_Solution_Guide/Trstsc_ch2.html
Topics
Community Discussion
No community discussion yet for this question.