352-001 · Question #417
352-001 Question #417: Real Exam Question with Answer & Explanation
The correct answer is A: a set of interaction rules between endpoint groups. In Cisco ACI (Application Centric Infrastructure), the network policy model uses Endpoint Groups (EPGs) to group related endpoints, and 'contracts' to define the communication rules between those EPGs. A contract specifies which traffic is permitted or denied between a provider E
Question
Options
- Aa set of interaction rules between endpoint groups
- Ba Layer 3 forwarding domain
- Cto determine endpoint group membership status
- Dnamed groups of related endpoints
Explanation
In Cisco ACI (Application Centric Infrastructure), the network policy model uses Endpoint Groups (EPGs) to group related endpoints, and 'contracts' to define the communication rules between those EPGs. A contract specifies which traffic is permitted or denied between a provider EPG and a consumer EPG. Contracts contain 'subjects,' which in turn reference 'filters' (Layer 2–4 classifiers such as protocol, port, DSCP). By default, ACI uses a whitelist model - EPGs cannot communicate without an explicit contract. Contracts are the policy enforcement mechanism that replaces traditional ACLs and VLAN-based segmentation. Option B describes a VRF (bridge domain or VRF context). Option C describes EPG membership classification. Option D describes an EPG itself.
Community Discussion
No community discussion yet for this question.