nerdexam
Exams350-401Questions#1041
CiscoCisco

350-401 · Question #1041

350-401 Question #1041: Real Exam Question with Answer & Explanation

The correct answer is D: flexible. Cisco Threat Defense utilizes flexible NetFlow to obtain detailed visibility into network traffic flows.

Submitted by andreas_gr· Mar 6, 2026Security

Question

Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?

Options

  • ANBAR2
  • BIPFIX
  • C8
  • Dflexible

Explanation

Cisco Threat Defense utilizes flexible NetFlow to obtain detailed visibility into network traffic flows.

Common mistakes.

  • A. NBAR2 (Network-Based Application Recognition 2) is a deep packet inspection technology for application recognition, not a NetFlow version for exporting flow data.
  • B. IPFIX (IP Flow Information Export) is an industry standard for flow data export, but Cisco's specific implementation and terminology often refer to this capability as 'flexible NetFlow'.
  • C. NetFlow v8 is an older version primarily used for aggregation, which has largely been superseded by flexible NetFlow (IPFIX).

Concept tested. Cisco Threat Defense NetFlow version

Reference. https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/firepower_threat_defense_system_features.html

Topics

#Cisco Threat Defense#NetFlow versions#Network visibility

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-401 PracticeBrowse All 350-401 Questions