Which command used to enable SGACL globallly on a router interface?

– by 1

Which command used to enable SGACL globallly on a router interface?
A. cts role-based-enforcement
B. cts role-based monitor permissions from { sgt_num } to { dgt_num }][ ipv4 | ipv6 ]
C. cts role-based-basic
D. cts role-based-enable

cisco-exams

One thought on “Which command used to enable SGACL globallly on a router interface?

  1. Correct answer is A

    How to Configure CTS SGACL Support

    Enabling SGACL Policy Enforcement Globally
    To enable SGACL policy enforcement on Cisco TrustSec-enabled routed interfaces, perform this task:

    enable
    configure terminal
    cts role-based enforcement
    Enabling SGACL Policy Enforcement Per Interface
    You can enable SGACL enforcement globally and disable on a specific interface with cts role-based enforcement command. SGACL enforcement can also be enabled on specific interfaces without enabling it globally.

    To enable SGACL policy enforcement on interfaces, perform this task:

    enable
    configure terminal
    interface GigabitEthernet 0/1/1
    cts role-based enforcement

    Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cts/configuration/xe-16/sec-usr-cts-xe-16-book/sec-cts-sgacl.html

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.