The question asks for the best practice for using Dynamic Segmentation.
Dynamic Segmentation Overview:It's an architecture that provides unified policy and segmentation for wired and wireless clients by combining role-based access control, traffic tunneling (like UBT), and overlay technologies (like VXLAN/GRE). Policies are enforced centrally, typically at an Aruba Gateway.
Analysis of Options:
A: UBT is a component, but Dynamic Segmentation encompasses more than just creating isolated networks with UBT.
B: Correctly describes the core principle: using a combination of role-based access (for definingwhogetswhatpolicy) and overlay technologies (for transporting traffic to the policy enforcement point and providing segmentation). This creates a layered security approach.
C: Incorrect. A key benefit isunifiedpolicy across both wired and wireless access.
D: LUR and DUR are role types, but how they are assigned isn't the fundamental description of Dynamic Segmentation itself.
Conclusion:Option B accurately captures the essence of Dynamic Segmentation as a best practice approach, integrating role-based policies with overlay networking for secure, unified access control.
[References:Aruba Dynamic Segmentation Solution Guides, Whitepapers, and Configuration Examples. This relates to "Security" (10%), "Authentication/Authorization" (9%), and "Connectivity" (9%)., ]
Submit