nerdexam
Cisco

350-401 · Question #1164

Which policy feature is used with TrustSec to provide endpoint entitlement in an enterprise network?

The correct answer is A. security group tags. This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.

Submitted by ricky.ec· Mar 6, 2026Security

Question

Which policy feature is used with TrustSec to provide endpoint entitlement in an enterprise network?

Options

  • Asecurity group tags
  • Baccess control lists
  • Cvirtual local area network
  • Dvirtual routing and forwarding

How the community answered

(26 responses)
  • A
    88% (23)
  • B
    8% (2)
  • D
    4% (1)

Why each option

This question asks to identify the specific Cisco TrustSec policy feature used for endpoint entitlement in an enterprise network.

Asecurity group tagsCorrect

Security Group Tags (SGTs) are a fundamental feature of Cisco TrustSec that provide identity-based endpoint entitlement by assigning a numerical tag to authenticated endpoints. Network devices then enforce policies based on these SGTs, enabling consistent security regardless of IP address or network topology.

Baccess control lists

Access Control Lists (ACLs) are traditional network security mechanisms that filter traffic based on IP addresses, ports, and protocols, but they do not provide dynamic, identity-based entitlement in the manner that SGTs do in TrustSec.

Cvirtual local area network

Virtual Local Area Networks (VLANs) segment network traffic at Layer 2 and are not the primary mechanism for identity-based endpoint entitlement within the TrustSec framework, which moves beyond VLAN-based segmentation.

Dvirtual routing and forwarding

Virtual Routing and Forwarding (VRF) creates separate routing tables within a router for network virtualization and isolation, but it is not a policy feature for endpoint entitlement within TrustSec.

Concept tested: Cisco TrustSec Security Group Tags (SGTs)

Source: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/TrustSec_1-0/TrustSec_Solution_Guide/Trstsc_ch2.html

Topics

#TrustSec#security group tags#SGT#endpoint entitlement

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice