Implementing and Operating Cisco Data Center Core Technologies (DCCOR) — Question 425

The VMM domain is integrated between Cisco APICs and vCenter using a distributed vSwitch. The traffic must be blocked between a subset of endpoints in an
EPG based on specific VM attributes and the rest of the VMs in that EPG. Which set of actions blocks this traffic?

Answer options

• A. 1. Set Allow Microsegmentation under the EPG VMM Domain Association to ג€Trueג€ 2. Set Intra-EPG Isolation to ג€Unenforcedג€ for the EPG 3. Set Intra-EPG Isolation to ג€Unenforcedג€ for the uSeg EPG
• B. 1. Set Allow Microsegmentation under the EPG VMM Domain Association to ג€Falseג€ 2. Set Intra-EPG Isolation to ג€Unenforcedג€ for the EPG 3. Set Intra-EPG Isolation to ג€Enforcedג€ for the uSeg EPG
• C. 1. Set Allow Microsegmentation under the EPG VMM Domain Association to ג€Trueג€ 2. Set Intra-EPG Isolation to ג€Enforcedג€ for the EPG 3. Set Intra-EPG Isolation to ג€Enforcedג€ for the uSeg EPG
• D. 1. Set Allow Microsegmentation under the EPG VMM Domain Association to ג€Trueג€ 2. Set Intra-EPG Isolation to ג€Enforcedג€ for the EPG 3. Set Intra-EPG Isolation to ג€Unenforcedג€ for the uSeg EPG

Correct answer: A

Explanation

The correct answer is A because enabling Microsegmentation and setting Intra-EPG Isolation to Unenforced allows for controlling traffic between specific endpoints based on VM attributes while still permitting communication among the remaining VMs in the EPG. Options B, C, and D do not achieve the desired isolation as they either disable microsegmentation or incorrectly configure the isolation settings.