nerdexam
Exams210-255Questions#187
Cisco

210-255 · Question #187

210-255 Question #187: Real Exam Question with Answer & Explanation

The correct answer is D: IPFIX. IPFIX (IP Flow Information Export) is the IETF-standardized protocol for exporting flow record data, making it the correct answer for an IETF standard that records session flows for security incident detection and analysis.

Security Monitoring

Question

Which IETF standard technology is useful to detect and analyze a potential security incident by recording session flows that occurs between hosts?

Options

  • ASFlow
  • BNetFlow
  • CNFlow
  • DIPFIX

Explanation

IPFIX (IP Flow Information Export) is the IETF-standardized protocol for exporting flow record data, making it the correct answer for an IETF standard that records session flows for security incident detection and analysis.

Common mistakes.

  • A. sFlow is an industry standard developed by InMon Corporation for traffic sampling and monitoring, but it is not an IETF-standardized protocol for flow export.
  • B. NetFlow is Cisco's proprietary flow export protocol and the predecessor to IPFIX - it is not an IETF standard, though IPFIX was developed based on NetFlow v9.
  • C. NFlow is not a recognized or standardized network flow protocol - it does not exist as a defined IETF or industry standard.

Concept tested. IPFIX as the IETF standard for network flow export

Reference. https://datatracker.ietf.org/doc/html/rfc7011

Topics

#IPFIX#NetFlow#flow records#session monitoring

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice