A security engineer has a new TrustSec projct and must create a few static security group tag classifications as proof of concept. Which two classifications must the engineer configure? (Choose two.)
The correct answer is C. VLAN.
Reason: In the context of Cisco TrustSec, VLAN (Virtual Local Area Network) is a common classification used to segment network traffic based on logical groupings. By configuring VLANs as security group tags, the engineer can enforce policy-based access controls and ensure that traffic within the same VLAN is treated consistently. This is essential for maintaining security across different segments of the network.
The process of assigning the SGT is called Classification. A SGT can be assigned dynamically as the result of an ISE authorization or it can be assigned via static methods that map the SGT to some thing, like a VLAN, subnet, IP Address, or port-profile (for VMs or interface). Dynamic classification is typically used to assign SGT to users because users are mobile. They could be connected from any location via wireless, wired, or vpn. On the other hand, servers tend not to move, so typically static classification methods are used.
This section is not available anymore. Please use the main Exam Page.300-715 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
logitrain
6 months, 2 weeks agoTiberiuszSun
6 months, 2 weeks agoNullNull88
1 year, 1 month agoHercJ
1 year, 3 months agoqqqqqqqqqqq123
1 year, 3 months ago