nerdexam
Cisco

350-401 · Question #1224

What are two benefits of using Cisco TrustSec? (Choose two.)

The correct answer is A. consistent network segmentation D. simplified management of network access. Cisco TrustSec provides enhanced network security by enforcing policies based on identity rather than network topology, leading to consistent segmentation and simplified access management.

Submitted by andres_qro· Mar 6, 2026Security

Question

What are two benefits of using Cisco TrustSec? (Choose two.)

Options

  • Aconsistent network segmentation
  • Bend-to-end traffic encryption
  • Cadvanced endpoint protection against malware
  • Dsimplified management of network access
  • Eunknown file analysis using sandboxing

How the community answered

(40 responses)
  • A
    88% (35)
  • B
    3% (1)
  • C
    5% (2)
  • E
    5% (2)

Why each option

Cisco TrustSec provides enhanced network security by enforcing policies based on identity rather than network topology, leading to consistent segmentation and simplified access management.

Aconsistent network segmentationCorrect

Cisco TrustSec provides consistent network segmentation by using Security Group Tags (SGTs) to classify users and devices, enabling security policies to be applied uniformly across the entire network regardless of their physical location or underlying network infrastructure.

Bend-to-end traffic encryption

While TrustSec contributes to overall security, its primary mechanism is identity-based segmentation, not universal end-to-end traffic encryption, which would typically be handled by other technologies like MACsec or IPsec.

Cadvanced endpoint protection against malware

Advanced endpoint protection against malware is typically the domain of dedicated endpoint security solutions (e.g., Cisco Secure Endpoint), which operate at the host level, rather than a core feature of network segmentation provided by TrustSec.

Dsimplified management of network accessCorrect

TrustSec simplifies the management of network access by centralizing the definition of access policies based on SGTs, thereby reducing the need for complex, distributed ACL configurations on numerous network devices.

Eunknown file analysis using sandboxing

Unknown file analysis using sandboxing is a feature of advanced malware protection (AMP) solutions, designed to detect sophisticated threats by executing suspicious files in a controlled environment, which is outside TrustSec's scope.

Concept tested: Cisco TrustSec benefits

Source: https://www.cisco.com/c/en/us/solutions/enterprise-networks/trustsec/index.html

Topics

#TrustSec#SGT#network segmentation#access control

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice