Cisco Certified Internetwork Expert (CCIE) Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Boost your skills for the CCIE Exam. Enhance your knowledge with interactive multiple-choice questions, including hints and explanations. Prepare effectively for your certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which statement correctly describes SXP connections?

  1. Each VRF supports multiple CTS-SXP connections

  2. Each VRF supports only one CTS-SXP connection

  3. Each connection can be initiated from multiple listeners

  4. Separate VRFs can share the same CTS-SXP peers

The correct answer is: Each VRF supports only one CTS-SXP connection

The statement that each VRF supports only one CTS-SXP connection is accurate because in a Cisco TrustSec architecture, each Virtual Routing and Forwarding (VRF) instance is designed to maintain its own unique security context. This means that a single CTS-SXP (Control Plane Security Exchange Protocol) connection is established for each VRF, allowing for the secure exchange of context-specific information regarding the identity of endpoints and security group tags. Having one connection per VRF ensures that the control plane messages relevant to that VRF do not interfere with or mix with those of other VRFs, thereby maintaining the integrity and separation of security policies and identities within the network. The other choices present scenarios that do not align with the fundamental operations of CTS-SXP within a VRF context. For instance, supporting multiple connections or sharing peers among different VRFs would lead to complexity and potential security risks, which the architecture is designed to avoid.

More Questions Like This