ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-715 All Questions

View all questions & answers for the 300-715 exam
Go to Exam

Exam 300-715 topic 1 question 11 discussion

Actual exam question from Cisco's 300-715
Question #: 11
Topic #: 1
[All 300-715 Questions]

A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed interface.
Which command should be used to accomplish this task?

  • A. cts role-based policy priority-static
  • B. cts cache enable
  • C. cts authorization list
  • D. cts role-based enforcement
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by [deleted] at Oct. 24, 2022, 11:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ed81044
9 months, 3 weeks ago
Selected Answer: D
How to Configure CTS SGACL Support Enabling SGACL Policy Enforcement Globally To enable SGACL policy enforcement on Cisco TrustSec-enabled routed interfaces, perform this task: enable configure terminal cts role-based enforcement Enabling SGACL Policy Enforcement Per Interface You can enable SGACL enforcement globally and disable on a specific interface with cts role-based enforcement command. SGACL enforcement can also be enabled on specific interfaces without enabling it globally. To enable SGACL policy enforcement on interfaces, perform this task: enable configure terminal interface GigabitEthernet 0/1/1 cts role-based enforcement
upvoted 2 times
...
XBfoundX
1 year, 5 months ago
How to Configure CTS SGACL Support Enabling SGACL Policy Enforcement Globally To enable SGACL policy enforcement on Cisco TrustSec-enabled routed interfaces, perform this task: enable configure terminal cts role-based enforcement https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cts/configuration/xe-16/sec-usr-cts-xe-16-book/sec-cts-sgacl.html
upvoted 1 times
...
ccnpsise
1 year, 7 months ago
this Q came out in my exam today.
upvoted 2 times
...
XBfoundX
1 year, 8 months ago
The answer is D: Procedure Command or Action Purpose Step 1 enable Example: Device# enable Enables privileged EXEC mode. Enter your password if prompted. Step 2 configure terminal Example: Device# configure terminal Enters global configuration mode. Step 3 cts role-based enforcement Example: Device(config)# cts role-based enforcement Enables Cisco TrustSec SGACL policy enforcement on routed interfaces. Step 4 end Example: Device(config)# end Exits global configuration mode and returns to privileged EXEC mode. cisco doc link below: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9200/software/release/16-11/configuration_guide/cts/b_1611_cts_9200_cg/configuring_security_group_acl_policies.html
upvoted 1 times
...
Totosos1
1 year, 10 months ago
Selected Answer: D
Enabling SGACL Policy Enforcement Per Interface: You can enable SGACL enforcement globally and disable on a specific interface with cts role-based enforcement command. SGACL enforcement can also be enabled on specific interfaces without enabling it globally. To enable SGACL policy enforcement on interfaces, perform this task: enable configure terminal interface GigabitEthernet 0/1/1 cts role-based enforcement
upvoted 1 times
...
jcms700
1 year, 11 months ago
Selected Answer: D
per Cisco documentation "cts role-based enforcement" is the correct answer https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cts/configuration/xe-16/sec-usr-cts-xe-16-book/sec-cts-sgacl.html
upvoted 2 times
...
denverfly
1 year, 11 months ago
Selected Answer: C
The correct answer is - cts authorization list. The cts authorization list command is used to create a list of security group tags that are allowed to access a network resource. This command can be used to filter traffic based on security group tags on a routed interface. To create a security group tag authorization list, follow these steps: Log in to the network device. Enter the config t command to enter configuration mode. Enter the cts authorization list command. Enter a name for the authorization list. Enter the security group tags that are allowed to access the network resource. Enter the end command to exit configuration mode.
upvoted 1 times
...
THEODORABLE
2 years ago
Selected Answer: D
D is correct-- To enable SGACL policy enforcement on Cisco TrustSec-enabled routed interfaces, perform this task: enable configure terminal cts role-based enforcement
upvoted 2 times
...
kingsalah1982
2 years, 7 months ago
d is correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel