Which configuration method provides the options to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each other with Vmware VDS or Microsoft vSwitch?
C ("intra") sounds most logical.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/virtualization/Cisco-ACI-Virtualization-Guide-42x/intra-epg-isolation-enforcement-42x.pdf
Intra-EPG Endpoint Isolation
Intra-EPG endpoint isolation policies provide full isolation for virtual or physical endpoints; no communication
is allowed between endpoints in an EPG that is operating with isolation enforced. Isolation enforced EPGs
reduce the number of EPG encapsulations required when many clients access a common service but are not
allowed to communicate with each other.
An EPG isisolation enforced for all Cisco Application Centric Infrastructure (ACI) network domains or none.
While the Cisco ACI fabric implements isolation directly to connected endpoints, switches connected to the
fabric are made aware of isolation rules according to a primary VLAN (PVLAN) tag.
The configuration method that provides the options to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each other with VMware VDS or Microsoft vSwitch is "intra-EPG isolation".
Therefore, the correct answer is C. intra-EPG isolation.
Intra-EPG isolation is a policy that allows traffic isolation between endpoints within the same EPG or uSeg. This method provides granular control over traffic flows within an EPG, preventing unauthorized communication between endpoints. By enabling intra-EPG isolation, administrators can prevent lateral movement of threats and limit the potential impact of security breaches
Intra-EPG Isolation is an option to prevent physical or virtual endpoint devices that are in the same base EPG or microsegmented (uSeg) EPG from communicating with each other.
C. Intra-EPG
Intra-EPG Isolation for VMware VDS or Microsoft Hyper-V Virtual Switch
Intra-EPG Isolation is an option to prevent physical or virtual endpoint devices that are in the same base EPG or microsegmented (uSeg) EPG from communicating with each other. By default, endpoint devices included in the same EPG are allowed to communicate with one another. However, conditions exist in which total isolation of the endpoint devices from on another within an EPG is desirable. For example, you may want to enforce intra-EPG isolation if the endpoint VMs in the same EPG belong to multiple tenants, or to prevent
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
jku2cya
9 months, 4 weeks agosull3y
1 year agoloser4fun
1 year, 1 month agoNet4dd
1 year, 3 months agoleowulf
1 year, 7 months ago