nerdexam
Cisco

350-401 · Question #922

What is a benefit of using segmentation with TrustSec?

The correct answer is D. Firewall rules are streamlined by using business-level profiles.. TrustSec Segmentation Benefit TrustSec uses Security Group Tags (SGTs) to classify users and devices based on their role or identity, allowing firewall policies to be written using human-readable, business-level profiles (e.g., "Finance" or "Guest") rather than complex IP address

Submitted by alyssa_d· Mar 6, 2026Security

Question

What is a benefit of using segmentation with TrustSec?

Options

  • AIntegrity checks prevent data from being modified in transit.
  • BPackets sent between endpoints on a LAN are encrypted using symmetric key cryptography.
  • CSecurity group tags enable network segmentation.
  • DFirewall rules are streamlined by using business-level profiles.

How the community answered

(17 responses)
  • B
    6% (1)
  • D
    94% (16)

Explanation

TrustSec Segmentation Benefit

TrustSec uses Security Group Tags (SGTs) to classify users and devices based on their role or identity, allowing firewall policies to be written using human-readable, business-level profiles (e.g., "Finance" or "Guest") rather than complex IP address-based rules - this dramatically simplifies and streamlines firewall management, making D correct.

Why the distractors are wrong:

  • A is incorrect because TrustSec segmentation does not focus on integrity checks; that's a function of protocols like IPsec or MACsec.
  • B is incorrect because TrustSec's primary function is policy enforcement and segmentation, not LAN encryption (MACsec handles encryption, but it's a separate feature).
  • C is tempting and partially true - SGTs do enable segmentation - but this answer describes the mechanism, not the benefit. The question asks for the benefit, which is the simplification of security policy management using business-level profiles.

Memory Tip: Think of TrustSec as a "name badge" system - instead of remembering everyone's IP address, the network recognizes who you are (your role/profile), making policy rules as simple as "Contractors cannot access Finance." This business-level simplicity is the key benefit!

Topics

#TrustSec#Network Segmentation#Security Group Tags#Policy Management

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice