Three operational endpoints are deployed under the same application EPG. Only the ICMP traffic must be permitted within the Web_EPG. Which two actions must be taken to accomplish this goal? (Choose two.)
A.
Check box of forward control proxy ARP.
B.
Set VRF policy control preference to unenforced.
I choose D & E. I exclude C (taboo contract) because while regular contracts define permitted traffic, taboo contracts are used to specify traffic that should be denied, even if it would otherwise be allowed by a regular contract. So with intra EPG isolation, in my opinion a taboo contract does not make sense
By enabling intra-EPG isolation, ACI blocks all communication between endpoints within the same EPG by default.
After enabling isolation, you can create contracts to selectively allow certain types of traffic between specific endpoints or classes of traffic.
D. Configure intra EPG contract under Web_EPG.
E. Mark intra EPG isolation as enforced.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
bizzar7774
1 week, 1 day agoxxbofh
3 months agoSarauman
5 months, 1 week agoSarauman
5 months agoMr_Myself
5 months, 3 weeks ago