300-710 · Question #120
300-710 Question #120: Real Exam Question with Answer & Explanation
The correct answer is D: Add the NetFlow_Add_Destination object to the configuration. Even if NetFlow parameters are configured on a Cisco Firepower device, NetFlow data will not be sent to a collector like Cisco Stealthwatch until a NetFlow_Add_Destination object is configured to specify the collector's address.
Question
An administrator is setting up Cisco Firepower to send data to the Cisco Stealthwatch appliances. The NetFlow_Set_Parameters object is already created, but NetFlow is not being sent to the flow collector. What must be done to prevent this from occurring?
Options
- AAdd the NetFlow_Send_Destination object to the configuration
- BCreate a Security Intelligence object to send the data to Cisco Stealthwatch
- CCreate a service identifier to enable the NetFlow service
- DAdd the NetFlow_Add_Destination object to the configuration
Explanation
Even if NetFlow parameters are configured on a Cisco Firepower device, NetFlow data will not be sent to a collector like Cisco Stealthwatch until a NetFlow_Add_Destination object is configured to specify the collector's address.
Common mistakes.
- A. While conceptually similar, 'NetFlow_Add_Destination' is the more accurate and commonly used object name in Cisco FTD for this purpose.
- B. Security Intelligence objects are used for blocking or allowing traffic based on reputation lists, not for configuring NetFlow export.
- C. A 'service identifier' is not a standard configuration object for enabling or configuring NetFlow export in Cisco FTD.
Concept tested. Cisco Firepower NetFlow export configuration
Topics
Community Discussion
No community discussion yet for this question.