350-801 Question #549: Real Exam Question with Answer & Explanation

The correct answer is A: access. The access layer is the optimal trust boundary for an untrusted Cisco endpoint because it is the first layer in the network where devices connect. This layer is responsible for marking and classifying traffic for Quality of Service (QoS) purposes. Establishing a trust boundary at

Infrastructure and Design

Question

Which layer is the optimal trust boundary for an untrusted Cisco endpoint?

Options

Aaccess
Bcore
CWAN
Ddistribution

Explanation

The access layer is the optimal trust boundary for an untrusted Cisco endpoint because it is the first layer in the network where devices connect. This layer is responsible for marking and classifying traffic for Quality of Service (QoS) purposes. Establishing a trust boundary at the access layer ensures that untrusted endpoints cannot alter QoS markings further upstream. The core and distribution layers are deeper into the network, where traffic aggregation occurs. By this point, traffic should already be marked and trusted. Moving the trust boundary further up the network increases the risk of untrusted devices introducing incorrect QoS markings. The WAN is an external connection to another network. The trust boundary must already be defined before traffic reaches this point to ensure consistent QoS treatment across the network.

Topics

#Network security#Trust boundary#Access layer security#Hierarchical network design

Community Discussion

No community discussion yet for this question.

Full 350-801 Practice Browse All 350-801 Questions