Notifications
Clear all
Topic starter
06/07/2022 4:16 am
Which feature does Cisco TrustSec use to provide scalable, secure communication throughout a network?
- A . security group tag ACL assigned to each port on a switch
- B . security group tag number assigned to each port on a network
- C . security group tag number assigned to each user on a switch
- D . security group tag ACL assigned to each router on a network
Suggested Answer: B
Explanation:
Cisco TrustSec uses tags to represent logical group privilege. This tag, called a Security Group Tag (SGT), is used in access policies. The SGT is understood and is used to enforce traffic by Cisco switches, routers and firewalls. Cisco TrustSec is defined in three phases: classification, propagation and enforcement.
When users and devices connect to a network, the network assigns a specific security group. This process is called classification. Classification can be based on the results of the authentication or by associating the SGT with an IP, VLAN, or port-profile (-> Answer 'security group tag ACL assigned to each port on a switch' and answer 'security group tag number assigned to each user on a switch' are not correct as they say “assigned … on a switch” only. Answer 'security group tag ACL assigned to each router on a network' is not correct either as it says “assigned to each router”).
Explanation:
Cisco TrustSec uses tags to represent logical group privilege. This tag, called a Security Group Tag (SGT), is used in access policies. The SGT is understood and is used to enforce traffic by Cisco switches, routers and firewalls. Cisco TrustSec is defined in three phases: classification, propagation and enforcement.
When users and devices connect to a network, the network assigns a specific security group. This process is called classification. Classification can be based on the results of the authentication or by associating the SGT with an IP, VLAN, or port-profile (-> Answer 'security group tag ACL assigned to each port on a switch' and answer 'security group tag number assigned to each user on a switch' are not correct as they say “assigned … on a switch” only. Answer 'security group tag ACL assigned to each router on a network' is not correct either as it says “assigned to each router”).