There are 2 correct answers I think C and D. Security Group Tagging transforms segmentation by simplifying administration: • Security group tags allow organizations to segment their networks without having to redesign to accommodate more VLANs and subnets. • Firewall rules are dramatically streamlined by using an intuitive business-level profile method.

It's a difficult choice between C & D , in my opnion D is more focus on the "benefit" than C

I go with D here because even though both C and D are technically correct, answer D fits the question better. The question basically asks "why would you segment your network with TrustSec instead of any other technology?". C says "I would segment my network with TrustSec because the segmentation is done using SGTs ". Where is the "benefit" ? D is a much more competent answer to the question. D represents a solution to a problem. A real 'benefit'

D - * Firewall rules are dramatically streamlined by using an intuitive business-level profile method https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/trustsec/trustsec_pci_validation.pdf

D: benefit, as C is more about how it works.

I've changed my mind, I think D is the best answer

https://www.cisco.com/c/dam/en/us/products/collateral/security/identity-services-engine/at_a_glance_c45-726831.pdf

D is better than C

D is better than C

The main reason C is more appropriate is that it directly addresses the core benefit of TrustSec related to network segmentation. TrustSec's use of SGTs to achieve network segmentation is fundamental to its design and primary purpose. On the other hand, D describes a beneficial outcome of using SGTs, but it is not the primary feature itself.

Benefits of Segmentation with TrustSec Security Group Tagging transforms segmentation by simplifying administration: • Security group tags allow organizations to segment their networks without having to redesign to accommodate more VLANs and subnets. • Firewall rules are dramatically streamlined by using an intuitive business-level profile method. • Policy enforcement is automated, assisting compliance and increasing security efficacy. • Security auditing becomes much easier, as Qualified

Answer: C https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/trustsec/trustsec_pci_validation.pdf

Answer: C TrustSec, which stands for Trustworthy Security, is a Cisco technology that helps organizations implement network segmentation and access control policies. One of the benefits of using TrustSec is that it relies on security group tags (SGTs) to enable network segmentation. SGTs are used to classify and label network traffic based on various attributes, such as user identity, device type, or location. These labels are then used to enforce access control policies and segment the network, ensuring that only authorized users and devices can access specific resources or segments of the network. This helps improve network security and reduce the risk of unauthorized access or lateral movement by attackers.

Key word is "benefit". Answer D

Segmentation is other words is boundary for clients' traffic (where clients' traffic can go and where can't go). Answer C is correct, but D is more correct (more details). Thus, correct answer is D.

choice between C & D